naftiko: 1.0.0-alpha2 info: label: Passbolt API description: This is a low-level overview of the API and its endpoints, if you need higher-level guides for interacting with the endpoints, use the Developer guide. tags: - Passbolt - API created: '2026-05-06' modified: '2026-05-06' capability: consumes: - type: http namespace: passbolt baseUri: https://passbolt.local description: Passbolt API HTTP API. authentication: type: bearer token: '{{PASSBOLT_TOKEN}}' resources: - name: auth-is-authenticated-json path: /auth/is-authenticated.json operations: - name: viewauthisauthenticated method: GET description: Check authentication status. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-jwt-jwks-json path: /auth/jwt/jwks.json operations: - name: viewauthjwtjwks method: GET description: Get the JWKs server information. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-jwt-login-json path: /auth/jwt/login.json operations: - name: authjwtlogin method: POST description: Login. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-jwt-logout-json path: /auth/jwt/logout.json operations: - name: authjwtlogout method: POST description: Logout. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-jwt-refresh-json path: /auth/jwt/refresh.json operations: - name: authjwtrefresh method: POST description: Refresh access token. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-jwt-rsa-json path: /auth/jwt/rsa.json operations: - name: viewauthjwtrsa method: GET description: Get the JWT RSA server information. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-login-json path: /auth/login.json operations: - name: authlogin method: POST description: Log in. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-logout-json path: /auth/logout.json operations: - name: authlogout method: POST description: Log out. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-verify-json path: /auth/verify.json operations: - name: viewauthverify method: GET description: Get the server's public PGP key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: checkauthverify method: POST description: Verify the server's identity. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: avatars-view-avatarid-avatarformat path: /avatars/view/{avatarId}/{avatarFormat} operations: - name: viewavatar method: GET description: Get an avatar as an image. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: comments-commentid-json path: /comments/{commentId}.json operations: - name: updatecomment method: PUT description: Update a comment. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deletecomment method: DELETE description: Delete a comment. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: comments-resource-resourceid-json path: /comments/resource/{resourceId}.json operations: - name: indexcomments method: GET description: Get comments for a resource. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: addcomment method: POST description: Add a comment. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: directorysync-synchronize-dry-run-json path: /directorysync/synchronize/dry-run.json operations: - name: simulatesync method: GET description: Simulate directory synchronization without making changes. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: directorysync-synchronize-json path: /directorysync/synchronize.json operations: - name: runsync method: POST description: Run the directory synchronization. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: favorite-favoriteid-json path: /favorite/{favoriteId}.json operations: - name: deletefavorite method: DELETE description: Unset a resource as favorite. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: favorite-foreignmodel-foreignid-json path: /favorite/{foreignModel}/{foreignId}.json operations: - name: addfavorite method: POST description: Set a resource as favorite. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: folders-json path: /folders.json operations: - name: indexfolders method: GET description: Get multiple folders. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: addfolder method: POST description: Create a folder. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: folders-folderid-json path: /folders/{folderId}.json operations: - name: viewfolder method: GET description: Get a folder. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: updatefolder method: PUT description: Update a folder. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deletefolder method: DELETE description: Delete a folder. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: gpgkeys-json path: /gpgkeys.json operations: - name: indexgpgkeys method: GET description: Get multiple GPG keys. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: gpgkeys-gpgkeyid-json path: /gpgkeys/{gpgkeyId}.json operations: - name: viewgpgkey method: GET description: Get a GPG key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: groups-json path: /groups.json operations: - name: indexgroups method: GET description: Get multiple groups. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: addgroup method: POST description: Create a group. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: groups-groupid-json path: /groups/{groupId}.json operations: - name: viewgroup method: GET description: Get a group. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: updategroup method: PUT description: Update a group. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deletegroup method: DELETE description: Delete a group. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: groups-groupid-dry-run-json path: /groups/{groupId}/dry-run.json operations: - name: dryrunupdategroup method: PUT description: Dry run a group update. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: dryrundeletegroup method: DELETE description: Dry run a group deletion. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: healthcheck-json path: /healthcheck.json operations: - name: viewhealthcheck method: GET description: Get healthcheck information. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: healthcheck-status-json path: /healthcheck/status.json operations: - name: viewhealthcheckstatus method: GET description: Check if passbolt is up. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-keys-json path: /metadata/keys.json operations: - name: indexmetadatakeys method: GET description: Get metadata keys. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: addmetadatakey method: POST description: Create a metadata key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-keys-metadatakeyid-json path: /metadata/keys/{metadataKeyId}.json operations: - name: updatemetadatakey method: PUT description: Mark a metadata key as expired. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deletemetadatakey method: DELETE description: Delete a metadata key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-keys-privates-json path: /metadata/keys/privates.json operations: - name: addmetadataprivatekey method: POST description: Create a metadata private key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-keys-private-metadataprivatekeyid-json path: /metadata/keys/private/{metadataPrivateKeyId}.json operations: - name: updatemetadataprivatekey method: PUT description: Update a metadata private key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-keys-settings-json path: /metadata/keys/settings.json operations: - name: indexmetadatakeyssettings method: GET description: Get metadata keys settings. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: updatemetadatakeyssettings method: POST description: Update metadata keys settings. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-types-settings-json path: /metadata/types/settings.json operations: - name: viewmetadatatypessettings method: GET description: Get metadata types settings outputRawFormat: json outputParameters: - name: result type: object value: $. - name: upgrademetadatatypessettings method: POST description: Upgrade a resource types settings outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-rotate-key-folders-json path: /metadata/rotate-key/folders.json operations: - name: viewmetadatarotatekeyfolders method: GET description: Get folders with expired keys outputRawFormat: json outputParameters: - name: result type: object value: $. - name: rotatemetadataexpiredkeysfolders method: POST description: Rotate expired metadata keys for folders outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-rotate-key-resources-json path: /metadata/rotate-key/resources.json operations: - name: viewmetadatarotatekeyresources method: GET description: Get resources with expired keys outputRawFormat: json outputParameters: - name: result type: object value: $. - name: rotatemetadataexpiredkeys method: POST description: Rotate expired metadata keys for resources outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-session-keys-json path: /metadata/session-keys.json operations: - name: viewmetadatasessionkeys method: GET description: Get session keys. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: addmetadatasessionkey method: POST description: Add a session key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-session-key-sessionkeyid-json path: /metadata/session-key/{sessionKeyId}.json operations: - name: updatemetadatasessionkey method: POST description: Update a given session-key entry. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deletesessionkey method: DELETE description: Delete a given session-key entry. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-rotate-key-tags-json path: /metadata/rotate-key/tags.json operations: - name: viewmetadatarotatekeytags method: GET description: Get tags with expired keys outputRawFormat: json outputParameters: - name: result type: object value: $. - name: rotatemetadatakeystags method: POST description: Rotate expired metadata keys for tags outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-upgrade-folders-json path: /metadata/upgrade/folders.json operations: - name: viewmetadataupgradefolders method: GET description: Get Upgradable Folders outputRawFormat: json outputParameters: - name: result type: object value: $. - name: upgrademetadatafolders method: POST description: Upgrade a folder outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-upgrade-resources-json path: /metadata/upgrade/resources.json operations: - name: viewmetadataupgraderesources method: GET description: Get Upgradable Resources outputRawFormat: json outputParameters: - name: result type: object value: $. - name: upgrademetadataresources method: POST description: Upgrade a Resource outputRawFormat: json outputParameters: - name: result type: object value: $. - name: metadata-upgrade-tags-json path: /metadata/upgrade/tags.json operations: - name: viewmetadataupgradetags method: GET description: Get Upgradable Tags outputRawFormat: json outputParameters: - name: result type: object value: $. exposes: - type: rest port: 8080 namespace: passbolt-rest description: REST adapter for Passbolt API. resources: - path: /auth/is-authenticated.json name: viewauthisauthenticated operations: - method: GET name: viewauthisauthenticated description: Check authentication status. call: passbolt.viewauthisauthenticated outputParameters: - type: object mapping: $. - path: /auth/jwt/jwks.json name: viewauthjwtjwks operations: - method: GET name: viewauthjwtjwks description: Get the JWKs server information. call: passbolt.viewauthjwtjwks outputParameters: - type: object mapping: $. - path: /auth/jwt/login.json name: authjwtlogin operations: - method: POST name: authjwtlogin description: Login. call: passbolt.authjwtlogin outputParameters: - type: object mapping: $. - path: /auth/jwt/logout.json name: authjwtlogout operations: - method: POST name: authjwtlogout description: Logout. call: passbolt.authjwtlogout outputParameters: - type: object mapping: $. - path: /auth/jwt/refresh.json name: authjwtrefresh operations: - method: POST name: authjwtrefresh description: Refresh access token. call: passbolt.authjwtrefresh outputParameters: - type: object mapping: $. - path: /auth/jwt/rsa.json name: viewauthjwtrsa operations: - method: GET name: viewauthjwtrsa description: Get the JWT RSA server information. call: passbolt.viewauthjwtrsa outputParameters: - type: object mapping: $. - path: /auth/login.json name: authlogin operations: - method: POST name: authlogin description: Log in. call: passbolt.authlogin outputParameters: - type: object mapping: $. - path: /auth/logout.json name: authlogout operations: - method: POST name: authlogout description: Log out. call: passbolt.authlogout outputParameters: - type: object mapping: $. - path: /auth/verify.json name: viewauthverify operations: - method: GET name: viewauthverify description: Get the server's public PGP key. call: passbolt.viewauthverify outputParameters: - type: object mapping: $. - path: /auth/verify.json name: checkauthverify operations: - method: POST name: checkauthverify description: Verify the server's identity. call: passbolt.checkauthverify outputParameters: - type: object mapping: $. - path: /avatars/view/{avatarId}/{avatarFormat} name: viewavatar operations: - method: GET name: viewavatar description: Get an avatar as an image. call: passbolt.viewavatar outputParameters: - type: object mapping: $. - path: /comments/{commentId}.json name: updatecomment operations: - method: PUT name: updatecomment description: Update a comment. call: passbolt.updatecomment outputParameters: - type: object mapping: $. - path: /comments/{commentId}.json name: deletecomment operations: - method: DELETE name: deletecomment description: Delete a comment. call: passbolt.deletecomment outputParameters: - type: object mapping: $. - path: /comments/resource/{resourceId}.json name: indexcomments operations: - method: GET name: indexcomments description: Get comments for a resource. call: passbolt.indexcomments outputParameters: - type: object mapping: $. - path: /comments/resource/{resourceId}.json name: addcomment operations: - method: POST name: addcomment description: Add a comment. call: passbolt.addcomment outputParameters: - type: object mapping: $. - path: /directorysync/synchronize/dry-run.json name: simulatesync operations: - method: GET name: simulatesync description: Simulate directory synchronization without making changes. call: passbolt.simulatesync outputParameters: - type: object mapping: $. - path: /directorysync/synchronize.json name: runsync operations: - method: POST name: runsync description: Run the directory synchronization. call: passbolt.runsync outputParameters: - type: object mapping: $. - path: /favorite/{favoriteId}.json name: deletefavorite operations: - method: DELETE name: deletefavorite description: Unset a resource as favorite. call: passbolt.deletefavorite outputParameters: - type: object mapping: $. - path: /favorite/{foreignModel}/{foreignId}.json name: addfavorite operations: - method: POST name: addfavorite description: Set a resource as favorite. call: passbolt.addfavorite outputParameters: - type: object mapping: $. - path: /folders.json name: indexfolders operations: - method: GET name: indexfolders description: Get multiple folders. call: passbolt.indexfolders outputParameters: - type: object mapping: $. - path: /folders.json name: addfolder operations: - method: POST name: addfolder description: Create a folder. call: passbolt.addfolder outputParameters: - type: object mapping: $. - path: /folders/{folderId}.json name: viewfolder operations: - method: GET name: viewfolder description: Get a folder. call: passbolt.viewfolder outputParameters: - type: object mapping: $. - path: /folders/{folderId}.json name: updatefolder operations: - method: PUT name: updatefolder description: Update a folder. call: passbolt.updatefolder outputParameters: - type: object mapping: $. - path: /folders/{folderId}.json name: deletefolder operations: - method: DELETE name: deletefolder description: Delete a folder. call: passbolt.deletefolder outputParameters: - type: object mapping: $. - path: /gpgkeys.json name: indexgpgkeys operations: - method: GET name: indexgpgkeys description: Get multiple GPG keys. call: passbolt.indexgpgkeys outputParameters: - type: object mapping: $. - path: /gpgkeys/{gpgkeyId}.json name: viewgpgkey operations: - method: GET name: viewgpgkey description: Get a GPG key. call: passbolt.viewgpgkey outputParameters: - type: object mapping: $. - path: /groups.json name: indexgroups operations: - method: GET name: indexgroups description: Get multiple groups. call: passbolt.indexgroups outputParameters: - type: object mapping: $. - path: /groups.json name: addgroup operations: - method: POST name: addgroup description: Create a group. call: passbolt.addgroup outputParameters: - type: object mapping: $. - path: /groups/{groupId}.json name: viewgroup operations: - method: GET name: viewgroup description: Get a group. call: passbolt.viewgroup outputParameters: - type: object mapping: $. - path: /groups/{groupId}.json name: updategroup operations: - method: PUT name: updategroup description: Update a group. call: passbolt.updategroup outputParameters: - type: object mapping: $. - path: /groups/{groupId}.json name: deletegroup operations: - method: DELETE name: deletegroup description: Delete a group. call: passbolt.deletegroup outputParameters: - type: object mapping: $. - path: /groups/{groupId}/dry-run.json name: dryrunupdategroup operations: - method: PUT name: dryrunupdategroup description: Dry run a group update. call: passbolt.dryrunupdategroup outputParameters: - type: object mapping: $. - path: /groups/{groupId}/dry-run.json name: dryrundeletegroup operations: - method: DELETE name: dryrundeletegroup description: Dry run a group deletion. call: passbolt.dryrundeletegroup outputParameters: - type: object mapping: $. - path: /healthcheck.json name: viewhealthcheck operations: - method: GET name: viewhealthcheck description: Get healthcheck information. call: passbolt.viewhealthcheck outputParameters: - type: object mapping: $. - path: /healthcheck/status.json name: viewhealthcheckstatus operations: - method: GET name: viewhealthcheckstatus description: Check if passbolt is up. call: passbolt.viewhealthcheckstatus outputParameters: - type: object mapping: $. - path: /metadata/keys.json name: indexmetadatakeys operations: - method: GET name: indexmetadatakeys description: Get metadata keys. call: passbolt.indexmetadatakeys outputParameters: - type: object mapping: $. - path: /metadata/keys.json name: addmetadatakey operations: - method: POST name: addmetadatakey description: Create a metadata key. call: passbolt.addmetadatakey outputParameters: - type: object mapping: $. - path: /metadata/keys/{metadataKeyId}.json name: updatemetadatakey operations: - method: PUT name: updatemetadatakey description: Mark a metadata key as expired. call: passbolt.updatemetadatakey outputParameters: - type: object mapping: $. - path: /metadata/keys/{metadataKeyId}.json name: deletemetadatakey operations: - method: DELETE name: deletemetadatakey description: Delete a metadata key. call: passbolt.deletemetadatakey outputParameters: - type: object mapping: $. - path: /metadata/keys/privates.json name: addmetadataprivatekey operations: - method: POST name: addmetadataprivatekey description: Create a metadata private key. call: passbolt.addmetadataprivatekey outputParameters: - type: object mapping: $. - path: /metadata/keys/private/{metadataPrivateKeyId}.json name: updatemetadataprivatekey operations: - method: PUT name: updatemetadataprivatekey description: Update a metadata private key. call: passbolt.updatemetadataprivatekey outputParameters: - type: object mapping: $. - path: /metadata/keys/settings.json name: indexmetadatakeyssettings operations: - method: GET name: indexmetadatakeyssettings description: Get metadata keys settings. call: passbolt.indexmetadatakeyssettings outputParameters: - type: object mapping: $. - path: /metadata/keys/settings.json name: updatemetadatakeyssettings operations: - method: POST name: updatemetadatakeyssettings description: Update metadata keys settings. call: passbolt.updatemetadatakeyssettings outputParameters: - type: object mapping: $. - path: /metadata/types/settings.json name: viewmetadatatypessettings operations: - method: GET name: viewmetadatatypessettings description: Get metadata types settings call: passbolt.viewmetadatatypessettings outputParameters: - type: object mapping: $. - path: /metadata/types/settings.json name: upgrademetadatatypessettings operations: - method: POST name: upgrademetadatatypessettings description: Upgrade a resource types settings call: passbolt.upgrademetadatatypessettings outputParameters: - type: object mapping: $. - path: /metadata/rotate-key/folders.json name: viewmetadatarotatekeyfolders operations: - method: GET name: viewmetadatarotatekeyfolders description: Get folders with expired keys call: passbolt.viewmetadatarotatekeyfolders outputParameters: - type: object mapping: $. - path: /metadata/rotate-key/folders.json name: rotatemetadataexpiredkeysfolders operations: - method: POST name: rotatemetadataexpiredkeysfolders description: Rotate expired metadata keys for folders call: passbolt.rotatemetadataexpiredkeysfolders outputParameters: - type: object mapping: $. - path: /metadata/rotate-key/resources.json name: viewmetadatarotatekeyresources operations: - method: GET name: viewmetadatarotatekeyresources description: Get resources with expired keys call: passbolt.viewmetadatarotatekeyresources outputParameters: - type: object mapping: $. - path: /metadata/rotate-key/resources.json name: rotatemetadataexpiredkeys operations: - method: POST name: rotatemetadataexpiredkeys description: Rotate expired metadata keys for resources call: passbolt.rotatemetadataexpiredkeys outputParameters: - type: object mapping: $. - path: /metadata/session-keys.json name: viewmetadatasessionkeys operations: - method: GET name: viewmetadatasessionkeys description: Get session keys. call: passbolt.viewmetadatasessionkeys outputParameters: - type: object mapping: $. - path: /metadata/session-keys.json name: addmetadatasessionkey operations: - method: POST name: addmetadatasessionkey description: Add a session key. call: passbolt.addmetadatasessionkey outputParameters: - type: object mapping: $. - path: /metadata/session-key/{sessionKeyId}.json name: updatemetadatasessionkey operations: - method: POST name: updatemetadatasessionkey description: Update a given session-key entry. call: passbolt.updatemetadatasessionkey outputParameters: - type: object mapping: $. - path: /metadata/session-key/{sessionKeyId}.json name: deletesessionkey operations: - method: DELETE name: deletesessionkey description: Delete a given session-key entry. call: passbolt.deletesessionkey outputParameters: - type: object mapping: $. - path: /metadata/rotate-key/tags.json name: viewmetadatarotatekeytags operations: - method: GET name: viewmetadatarotatekeytags description: Get tags with expired keys call: passbolt.viewmetadatarotatekeytags outputParameters: - type: object mapping: $. - path: /metadata/rotate-key/tags.json name: rotatemetadatakeystags operations: - method: POST name: rotatemetadatakeystags description: Rotate expired metadata keys for tags call: passbolt.rotatemetadatakeystags outputParameters: - type: object mapping: $. - path: /metadata/upgrade/folders.json name: viewmetadataupgradefolders operations: - method: GET name: viewmetadataupgradefolders description: Get Upgradable Folders call: passbolt.viewmetadataupgradefolders outputParameters: - type: object mapping: $. - path: /metadata/upgrade/folders.json name: upgrademetadatafolders operations: - method: POST name: upgrademetadatafolders description: Upgrade a folder call: passbolt.upgrademetadatafolders outputParameters: - type: object mapping: $. - path: /metadata/upgrade/resources.json name: viewmetadataupgraderesources operations: - method: GET name: viewmetadataupgraderesources description: Get Upgradable Resources call: passbolt.viewmetadataupgraderesources outputParameters: - type: object mapping: $. - path: /metadata/upgrade/resources.json name: upgrademetadataresources operations: - method: POST name: upgrademetadataresources description: Upgrade a Resource call: passbolt.upgrademetadataresources outputParameters: - type: object mapping: $. - path: /metadata/upgrade/tags.json name: viewmetadataupgradetags operations: - method: GET name: viewmetadataupgradetags description: Get Upgradable Tags call: passbolt.viewmetadataupgradetags outputParameters: - type: object mapping: $. - type: mcp port: 9090 namespace: passbolt-mcp transport: http description: MCP adapter for Passbolt API for AI agent use. tools: - name: viewauthisauthenticated description: Check authentication status. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewauthisauthenticated outputParameters: - type: object mapping: $. - name: viewauthjwtjwks description: Get the JWKs server information. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewauthjwtjwks outputParameters: - type: object mapping: $. - name: authjwtlogin description: Login. hints: readOnly: false destructive: false idempotent: false call: passbolt.authjwtlogin outputParameters: - type: object mapping: $. - name: authjwtlogout description: Logout. hints: readOnly: false destructive: false idempotent: false call: passbolt.authjwtlogout outputParameters: - type: object mapping: $. - name: authjwtrefresh description: Refresh access token. hints: readOnly: false destructive: false idempotent: false call: passbolt.authjwtrefresh outputParameters: - type: object mapping: $. - name: viewauthjwtrsa description: Get the JWT RSA server information. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewauthjwtrsa outputParameters: - type: object mapping: $. - name: authlogin description: Log in. hints: readOnly: false destructive: false idempotent: false call: passbolt.authlogin outputParameters: - type: object mapping: $. - name: authlogout description: Log out. hints: readOnly: false destructive: false idempotent: false call: passbolt.authlogout outputParameters: - type: object mapping: $. - name: viewauthverify description: Get the server's public PGP key. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewauthverify outputParameters: - type: object mapping: $. - name: checkauthverify description: Verify the server's identity. hints: readOnly: false destructive: false idempotent: false call: passbolt.checkauthverify outputParameters: - type: object mapping: $. - name: viewavatar description: Get an avatar as an image. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewavatar outputParameters: - type: object mapping: $. - name: updatecomment description: Update a comment. hints: readOnly: false destructive: false idempotent: true call: passbolt.updatecomment outputParameters: - type: object mapping: $. - name: deletecomment description: Delete a comment. hints: readOnly: false destructive: true idempotent: true call: passbolt.deletecomment outputParameters: - type: object mapping: $. - name: indexcomments description: Get comments for a resource. hints: readOnly: true destructive: false idempotent: true call: passbolt.indexcomments outputParameters: - type: object mapping: $. - name: addcomment description: Add a comment. hints: readOnly: false destructive: false idempotent: false call: passbolt.addcomment outputParameters: - type: object mapping: $. - name: simulatesync description: Simulate directory synchronization without making changes. hints: readOnly: true destructive: false idempotent: true call: passbolt.simulatesync outputParameters: - type: object mapping: $. - name: runsync description: Run the directory synchronization. hints: readOnly: false destructive: false idempotent: false call: passbolt.runsync outputParameters: - type: object mapping: $. - name: deletefavorite description: Unset a resource as favorite. hints: readOnly: false destructive: true idempotent: true call: passbolt.deletefavorite outputParameters: - type: object mapping: $. - name: addfavorite description: Set a resource as favorite. hints: readOnly: false destructive: false idempotent: false call: passbolt.addfavorite outputParameters: - type: object mapping: $. - name: indexfolders description: Get multiple folders. hints: readOnly: true destructive: false idempotent: true call: passbolt.indexfolders outputParameters: - type: object mapping: $. - name: addfolder description: Create a folder. hints: readOnly: false destructive: false idempotent: false call: passbolt.addfolder outputParameters: - type: object mapping: $. - name: viewfolder description: Get a folder. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewfolder outputParameters: - type: object mapping: $. - name: updatefolder description: Update a folder. hints: readOnly: false destructive: false idempotent: true call: passbolt.updatefolder outputParameters: - type: object mapping: $. - name: deletefolder description: Delete a folder. hints: readOnly: false destructive: true idempotent: true call: passbolt.deletefolder outputParameters: - type: object mapping: $. - name: indexgpgkeys description: Get multiple GPG keys. hints: readOnly: true destructive: false idempotent: true call: passbolt.indexgpgkeys outputParameters: - type: object mapping: $. - name: viewgpgkey description: Get a GPG key. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewgpgkey outputParameters: - type: object mapping: $. - name: indexgroups description: Get multiple groups. hints: readOnly: true destructive: false idempotent: true call: passbolt.indexgroups outputParameters: - type: object mapping: $. - name: addgroup description: Create a group. hints: readOnly: false destructive: false idempotent: false call: passbolt.addgroup outputParameters: - type: object mapping: $. - name: viewgroup description: Get a group. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewgroup outputParameters: - type: object mapping: $. - name: updategroup description: Update a group. hints: readOnly: false destructive: false idempotent: true call: passbolt.updategroup outputParameters: - type: object mapping: $. - name: deletegroup description: Delete a group. hints: readOnly: false destructive: true idempotent: true call: passbolt.deletegroup outputParameters: - type: object mapping: $. - name: dryrunupdategroup description: Dry run a group update. hints: readOnly: false destructive: false idempotent: true call: passbolt.dryrunupdategroup outputParameters: - type: object mapping: $. - name: dryrundeletegroup description: Dry run a group deletion. hints: readOnly: false destructive: true idempotent: true call: passbolt.dryrundeletegroup outputParameters: - type: object mapping: $. - name: viewhealthcheck description: Get healthcheck information. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewhealthcheck outputParameters: - type: object mapping: $. - name: viewhealthcheckstatus description: Check if passbolt is up. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewhealthcheckstatus outputParameters: - type: object mapping: $. - name: indexmetadatakeys description: Get metadata keys. hints: readOnly: true destructive: false idempotent: true call: passbolt.indexmetadatakeys outputParameters: - type: object mapping: $. - name: addmetadatakey description: Create a metadata key. hints: readOnly: false destructive: false idempotent: false call: passbolt.addmetadatakey outputParameters: - type: object mapping: $. - name: updatemetadatakey description: Mark a metadata key as expired. hints: readOnly: false destructive: false idempotent: true call: passbolt.updatemetadatakey outputParameters: - type: object mapping: $. - name: deletemetadatakey description: Delete a metadata key. hints: readOnly: false destructive: true idempotent: true call: passbolt.deletemetadatakey outputParameters: - type: object mapping: $. - name: addmetadataprivatekey description: Create a metadata private key. hints: readOnly: false destructive: false idempotent: false call: passbolt.addmetadataprivatekey outputParameters: - type: object mapping: $. - name: updatemetadataprivatekey description: Update a metadata private key. hints: readOnly: false destructive: false idempotent: true call: passbolt.updatemetadataprivatekey outputParameters: - type: object mapping: $. - name: indexmetadatakeyssettings description: Get metadata keys settings. hints: readOnly: true destructive: false idempotent: true call: passbolt.indexmetadatakeyssettings outputParameters: - type: object mapping: $. - name: updatemetadatakeyssettings description: Update metadata keys settings. hints: readOnly: false destructive: false idempotent: false call: passbolt.updatemetadatakeyssettings outputParameters: - type: object mapping: $. - name: viewmetadatatypessettings description: Get metadata types settings hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadatatypessettings outputParameters: - type: object mapping: $. - name: upgrademetadatatypessettings description: Upgrade a resource types settings hints: readOnly: false destructive: false idempotent: false call: passbolt.upgrademetadatatypessettings outputParameters: - type: object mapping: $. - name: viewmetadatarotatekeyfolders description: Get folders with expired keys hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadatarotatekeyfolders outputParameters: - type: object mapping: $. - name: rotatemetadataexpiredkeysfolders description: Rotate expired metadata keys for folders hints: readOnly: false destructive: false idempotent: false call: passbolt.rotatemetadataexpiredkeysfolders outputParameters: - type: object mapping: $. - name: viewmetadatarotatekeyresources description: Get resources with expired keys hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadatarotatekeyresources outputParameters: - type: object mapping: $. - name: rotatemetadataexpiredkeys description: Rotate expired metadata keys for resources hints: readOnly: false destructive: false idempotent: false call: passbolt.rotatemetadataexpiredkeys outputParameters: - type: object mapping: $. - name: viewmetadatasessionkeys description: Get session keys. hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadatasessionkeys outputParameters: - type: object mapping: $. - name: addmetadatasessionkey description: Add a session key. hints: readOnly: false destructive: false idempotent: false call: passbolt.addmetadatasessionkey outputParameters: - type: object mapping: $. - name: updatemetadatasessionkey description: Update a given session-key entry. hints: readOnly: false destructive: false idempotent: false call: passbolt.updatemetadatasessionkey outputParameters: - type: object mapping: $. - name: deletesessionkey description: Delete a given session-key entry. hints: readOnly: false destructive: true idempotent: true call: passbolt.deletesessionkey outputParameters: - type: object mapping: $. - name: viewmetadatarotatekeytags description: Get tags with expired keys hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadatarotatekeytags outputParameters: - type: object mapping: $. - name: rotatemetadatakeystags description: Rotate expired metadata keys for tags hints: readOnly: false destructive: false idempotent: false call: passbolt.rotatemetadatakeystags outputParameters: - type: object mapping: $. - name: viewmetadataupgradefolders description: Get Upgradable Folders hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadataupgradefolders outputParameters: - type: object mapping: $. - name: upgrademetadatafolders description: Upgrade a folder hints: readOnly: false destructive: false idempotent: false call: passbolt.upgrademetadatafolders outputParameters: - type: object mapping: $. - name: viewmetadataupgraderesources description: Get Upgradable Resources hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadataupgraderesources outputParameters: - type: object mapping: $. - name: upgrademetadataresources description: Upgrade a Resource hints: readOnly: false destructive: false idempotent: false call: passbolt.upgrademetadataresources outputParameters: - type: object mapping: $. - name: viewmetadataupgradetags description: Get Upgradable Tags hints: readOnly: true destructive: false idempotent: true call: passbolt.viewmetadataupgradetags outputParameters: - type: object mapping: $. binds: - namespace: env keys: PASSBOLT_TOKEN: PASSBOLT_TOKEN