openapi: 3.1.0 info: title: McAfee Web Gateway API description: >- McAfee Web Gateway (MWG) REST API for managing web security policies, rule sets, URL filtering lists, SSL inspection settings, and monitoring proxy traffic and statistics. version: '10.0' contact: name: McAfee Support url: https://www.mcafee.com/enterprise/en-us/support.html termsOfService: https://www.mcafee.com/enterprise/en-us/about/legal/terms-of-use.html externalDocs: description: McAfee Web Gateway Product Guide url: https://docs.mcafee.com/bundle/web-gateway-product-guide servers: - url: https://{mwg-server}:4712/Konfigurator/REST description: McAfee Web Gateway Administration variables: mwg-server: default: your-mwg-server description: Hostname or IP of the MWG appliance tags: - name: Authentication description: Session authentication and management - name: File Operations description: Import and export configuration files - name: Lists description: Manage URL and IP lists used in filtering - name: Monitoring description: Appliance health and traffic monitoring - name: Policy Configuration description: Manage proxy and policy settings - name: Rule Sets description: Manage web security rule sets security: - cookieAuth: [] paths: /login: post: operationId: login summary: McAfee Authenticate and create session description: >- Authenticate with administrator credentials to establish a session. Returns a session cookie used for subsequent API requests. tags: - Authentication requestBody: required: true content: application/xml: schema: type: object properties: userName: type: string description: Administrator username password: type: string description: Administrator password responses: '200': description: Authentication successful, session cookie returned headers: Set-Cookie: description: Session cookie for subsequent requests schema: type: string '401': description: Authentication failed security: [] /logout: post: operationId: logout summary: McAfee End current session description: >- Terminate the current session and invalidate the session cookie. tags: - Authentication responses: '200': description: Session terminated '401': description: Not authenticated /rulesets: get: operationId: listRuleSets summary: McAfee List rule sets description: >- Retrieve a list of all configured rule sets, including web filtering, SSL scanning, authentication, and media type filtering rules. tags: - Rule Sets responses: '200': description: List of rule sets content: application/xml: schema: type: object properties: rulesets: type: array items: $ref: '#/components/schemas/RuleSet' application/json: schema: type: object properties: rulesets: type: array items: $ref: '#/components/schemas/RuleSet' '401': description: Not authenticated /rulesets/{rulesetId}: get: operationId: getRuleSet summary: McAfee Get a specific rule set description: >- Retrieve the full configuration of a specific rule set, including all contained rules, conditions, and actions. tags: - Rule Sets parameters: - $ref: '#/components/parameters/rulesetId' responses: '200': description: Rule set details content: application/xml: schema: $ref: '#/components/schemas/RuleSetDetail' application/json: schema: $ref: '#/components/schemas/RuleSetDetail' '401': description: Not authenticated '404': description: Rule set not found put: operationId: updateRuleSet summary: McAfee Update a rule set description: >- Update the configuration of an existing rule set, including enabling/disabling rules and modifying conditions. tags: - Rule Sets parameters: - $ref: '#/components/parameters/rulesetId' requestBody: required: true content: application/xml: schema: $ref: '#/components/schemas/RuleSetDetail' responses: '200': description: Rule set updated '400': description: Invalid configuration '401': description: Not authenticated '404': description: Rule set not found delete: operationId: deleteRuleSet summary: McAfee Delete a rule set description: >- Delete a rule set from the configuration. tags: - Rule Sets parameters: - $ref: '#/components/parameters/rulesetId' responses: '204': description: Rule set deleted '401': description: Not authenticated '404': description: Rule set not found /lists: get: operationId: listLists summary: McAfee List all filtering lists description: >- Retrieve all configured lists used for URL filtering, IP blocking, media type filtering, and custom categorization. tags: - Lists responses: '200': description: All configured lists content: application/json: schema: type: object properties: lists: type: array items: $ref: '#/components/schemas/FilterList' '401': description: Not authenticated /lists/{listId}: get: operationId: getList summary: McAfee Get a specific list description: >- Retrieve the contents and configuration of a specific filtering list. tags: - Lists parameters: - $ref: '#/components/parameters/listId' responses: '200': description: List details and entries content: application/json: schema: $ref: '#/components/schemas/FilterListDetail' '401': description: Not authenticated '404': description: List not found put: operationId: updateList summary: McAfee Update a list description: >- Update the entries in a filtering list, adding or removing URLs, IPs, or other entries. tags: - Lists parameters: - $ref: '#/components/parameters/listId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/FilterListDetail' responses: '200': description: List updated '400': description: Invalid list data '401': description: Not authenticated '404': description: List not found /lists/{listId}/entries: post: operationId: addListEntry summary: McAfee Add entry to a list description: >- Add a new entry (URL, IP, or other value) to a filtering list. tags: - Lists parameters: - $ref: '#/components/parameters/listId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/ListEntry' responses: '201': description: Entry added '400': description: Invalid entry '401': description: Not authenticated '404': description: List not found /commit: post: operationId: commitChanges summary: McAfee Commit configuration changes description: >- Save and activate all pending configuration changes. Changes made through the API are not active until committed. tags: - Policy Configuration responses: '200': description: Changes committed and activated '401': description: Not authenticated '409': description: Commit conflict /appliance/status: get: operationId: getApplianceStatus summary: McAfee Get appliance status description: >- Retrieve the current health status and resource utilization of the Web Gateway appliance, including CPU, memory, and connection counts. tags: - Monitoring responses: '200': description: Appliance health status content: application/json: schema: $ref: '#/components/schemas/ApplianceStatus' '401': description: Not authenticated /appliance/traffic: get: operationId: getTrafficStatistics summary: McAfee Get traffic statistics description: >- Retrieve web traffic statistics including request counts, bytes transferred, blocked requests, and category breakdowns. tags: - Monitoring parameters: - name: period in: query required: false description: Time period for statistics schema: type: string enum: - hour - day - week - month default: day responses: '200': description: Traffic statistics content: application/json: schema: $ref: '#/components/schemas/TrafficStatistics' '401': description: Not authenticated /file/export: get: operationId: exportConfiguration summary: McAfee Export configuration description: >- Export the complete appliance configuration as a backup file. tags: - File Operations responses: '200': description: Configuration backup file content: application/octet-stream: schema: type: string format: binary '401': description: Not authenticated /file/import: post: operationId: importConfiguration summary: McAfee Import configuration description: >- Import a previously exported configuration backup to restore settings. tags: - File Operations requestBody: required: true content: multipart/form-data: schema: type: object properties: file: type: string format: binary description: Configuration backup file responses: '200': description: Configuration imported successfully '400': description: Invalid configuration file '401': description: Not authenticated components: securitySchemes: cookieAuth: type: apiKey in: cookie name: JSESSIONID description: Session cookie obtained from the login endpoint parameters: rulesetId: name: rulesetId in: path required: true description: Unique rule set identifier schema: type: string listId: name: listId in: path required: true description: Unique filtering list identifier schema: type: string schemas: RuleSet: type: object properties: id: type: string description: Rule set identifier name: type: string description: Rule set name enabled: type: boolean description: Whether the rule set is enabled type: type: string description: Rule set type (e.g., request, response) RuleSetDetail: type: object properties: id: type: string description: Rule set identifier name: type: string description: Rule set name enabled: type: boolean description: Whether the rule set is enabled rules: type: array items: $ref: '#/components/schemas/Rule' description: Rules contained in this rule set Rule: type: object properties: id: type: string description: Rule identifier name: type: string description: Rule name enabled: type: boolean description: Whether the rule is enabled action: type: string enum: - allow - block - redirect - authenticate description: Action to take when the rule matches criteria: type: string description: Rule matching criteria expression FilterList: type: object properties: id: type: string description: List identifier name: type: string description: List name type: type: string enum: - url - ip - mediaType - string - category description: Type of entries in the list entryCount: type: integer description: Number of entries in the list FilterListDetail: type: object properties: id: type: string description: List identifier name: type: string description: List name type: type: string description: List type entries: type: array items: $ref: '#/components/schemas/ListEntry' description: List entries ListEntry: type: object properties: value: type: string description: Entry value (URL, IP, etc.) description: type: string description: Optional description for the entry ApplianceStatus: type: object properties: hostname: type: string description: Appliance hostname uptime: type: string description: Appliance uptime cpuUsage: type: number format: float description: Current CPU usage percentage memoryUsage: type: number format: float description: Current memory usage percentage activeConnections: type: integer description: Number of active proxy connections version: type: string description: Web Gateway software version TrafficStatistics: type: object properties: period: type: string description: Statistics time period totalRequests: type: integer description: Total number of web requests blockedRequests: type: integer description: Number of blocked requests allowedRequests: type: integer description: Number of allowed requests bytesTransferred: type: integer format: int64 description: Total bytes transferred topCategories: type: array items: type: object properties: category: type: string count: type: integer description: Top URL categories by request count