{ "openapi": "3.0.3", "info": { "title": "Enterprise SSO & Directory Sync", "version": "1.20.6", "description": "This is the API documentation for SAML Jackson service.", "termsOfService": "https://boxyhq.com/terms.html", "contact": { "name": "Boxy HQ", "url": "https://boxyhq.com/", "email": "support@boxyhq.com" }, "license": { "name": "Apache-2.0 License", "url": "https://github.com/boxyhq/jackson/blob/main/LICENSE" } }, "host": "localhost:5225", "basePath": "/", "schemes": [ "http", "https" ], "securityDefinitions": { "apiKey": { "type": "apiKey", "in": "header", "name": "Authorization" } }, "security": [ { "apiKey": [] } ], "servers": [ { "url": "https://api.eu.boxyhq.com", "description": "Cloud" }, { "url": "http://localhost:5225", "description": "Local" } ], "paths": { "/api/v1/sso": { "post": { "summary": "Create SSO connection", "operationId": "create-sso-connection", "tags": [ "Single Sign On" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "parameters": [ { "$ref": "#/parameters/nameParamPost" }, { "$ref": "#/parameters/labelParamPost" }, { "$ref": "#/parameters/descriptionParamPost" }, { "$ref": "#/parameters/encodedRawMetadataParamPost" }, { "$ref": "#/parameters/rawMetadataParamPost" }, { "$ref": "#/parameters/metadataUrlParamPost" }, { "$ref": "#/parameters/defaultRedirectUrlParamPost" }, { "$ref": "#/parameters/redirectUrlParamPost" }, { "$ref": "#/parameters/tenantParamPost" }, { "$ref": "#/parameters/productParamPost" }, { "$ref": "#/parameters/oidcDiscoveryUrlPost" }, { "$ref": "#/parameters/oidcMetadataPost" }, { "$ref": "#/parameters/oidcClientIdPost" }, { "$ref": "#/parameters/oidcClientSecretPost" }, { "$ref": "#/parameters/sortOrder" } ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/Connection" } }, "400": { "$ref": "#/definitions/validationErrorsPost" }, "401": { "description": "Unauthorized" } } }, "patch": { "summary": "Update SSO Connection", "operationId": "update-sso-connection", "tags": [ "Single Sign On" ], "consumes": [ "application/json", "application/x-www-form-urlencoded" ], "parameters": [ { "$ref": "#/parameters/clientIDParamPatch" }, { "$ref": "#/parameters/clientSecretParamPatch" }, { "$ref": "#/parameters/nameParamPatch" }, { "$ref": "#/parameters/labelParamPatch" }, { "$ref": "#/parameters/descriptionParamPatch" }, { "$ref": "#/parameters/encodedRawMetadataParamPatch" }, { "$ref": "#/parameters/rawMetadataParamPatch" }, { "$ref": "#/parameters/metadataUrlParamPatch" }, { "$ref": "#/parameters/oidcDiscoveryUrlPatch" }, { "$ref": "#/parameters/oidcMetadataPatch" }, { "$ref": "#/parameters/oidcClientIdPatch" }, { "$ref": "#/parameters/oidcClientSecretPatch" }, { "$ref": "#/parameters/defaultRedirectUrlParamPatch" }, { "$ref": "#/parameters/redirectUrlParamPatch" }, { "$ref": "#/parameters/tenantParamPatch" }, { "$ref": "#/parameters/productParamPatch" }, { "$ref": "#/parameters/deactivatedParamPatch" }, { "$ref": "#/parameters/sortOrderParamPatch" } ], "responses": { "204": { "description": "Success" }, "400": { "$ref": "#/definitions/validationErrorsPatch" }, "401": { "description": "Unauthorized" }, "500": { "description": "Please set OpenID response handler path (oidcPath) on Jackson" } } }, "get": { "summary": "Get SSO Connections", "parameters": [ { "$ref": "#/parameters/tenantParamGet" }, { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/clientIDParamGet" }, { "$ref": "#/parameters/strategyParamGet" }, { "$ref": "#/parameters/sortParamGet" } ], "operationId": "get-connections", "tags": [ "Single Sign On" ], "responses": { "200": { "$ref": "#/responses/200Get" }, "400": { "$ref": "#/responses/400Get" }, "401": { "$ref": "#/responses/401Get" } } }, "delete": { "parameters": [ { "$ref": "#/parameters/clientIDDel" }, { "$ref": "#/parameters/clientSecretDel" }, { "$ref": "#/parameters/tenantDel" }, { "$ref": "#/parameters/productDel" }, { "$ref": "#/parameters/strategyDel" } ], "summary": "Delete SSO Connections", "operationId": "delete-sso-connection", "tags": [ "Single Sign On" ], "responses": { "200": { "description": "Success" }, "400": { "description": "clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`." }, "401": { "description": "Unauthorized" } } } }, "/api/v1/sso/product": { "get": { "summary": "Get SSO Connections by product", "parameters": [ { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "operationId": "get-connections-by-product", "tags": [ "Single Sign On" ], "responses": { "200": { "$ref": "#/responses/200GetByProduct" }, "400": { "$ref": "#/responses/400Get" }, "401": { "$ref": "#/responses/401Get" } } } }, "/oauth/token": { "post": { "summary": "Code exchange", "operationId": "oauth-code-exchange", "tags": [ "OAuth" ], "consumes": [ "application/x-www-form-urlencoded" ], "parameters": [ { "name": "grant_type", "in": "formData", "type": "string", "description": "Grant type should be 'authorization_code'", "default": "authorization_code", "required": true }, { "name": "client_id", "in": "formData", "type": "string", "description": "Use the client_id returned by the SAML connection API", "required": true }, { "name": "client_secret", "in": "formData", "type": "string", "description": "Use the client_secret returned by the SAML connection API", "required": true }, { "name": "code_verifier", "in": "formData", "type": "string", "description": "code_verifier against the code_challenge in the authz request (relevant to PKCE flow)" }, { "name": "redirect_uri", "in": "formData", "type": "string", "description": "Redirect URI", "required": true }, { "name": "code", "in": "formData", "type": "string", "description": "Code", "required": true } ], "responses": { "200": { "description": "Success", "schema": { "type": "object", "properties": { "access_token": { "type": "string" }, "token_type": { "type": "string" }, "expires_in": { "type": "string" } }, "example": { "access_token": "8958e13053832b5af58fdf2ee83f35f5d013dc74", "token_type": "bearer", "expires_in": 300 } } } } } }, "/oauth/userinfo": { "get": { "summary": "Get profile", "operationId": "oauth-get-profile", "tags": [ "OAuth" ], "responses": { "200": { "description": "Success", "schema": { "type": "object", "properties": { "id": { "type": "string" }, "email": { "type": "string" }, "firstName": { "type": "string" }, "lastName": { "type": "string" }, "roles": { "type": "array", "items": { "type": "string" } }, "groups": { "type": "array", "items": { "type": "string" } }, "raw": { "type": "object" }, "requested": { "type": "object" } }, "example": { "id": "32b5af58fdf", "email": "jackson@coolstartup.com", "firstName": "SAML", "lastName": "Jackson", "raw": {}, "requested": {} } } } } } }, "/api/v1/sso/setuplinks": { "post": { "summary": "Create a Setup Link", "operationId": "create-sso-setup-link", "tags": [ "Setup Links | Single Sign On" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "parameters": [ { "$ref": "#/parameters/nameParamPost" }, { "$ref": "#/parameters/tenantParamPost" }, { "$ref": "#/parameters/productParamPost" }, { "$ref": "#/parameters/defaultRedirectUrlParamPost" }, { "$ref": "#/parameters/redirectUrlParamPost" }, { "$ref": "#/parameters/expiryDaysParamPost" }, { "$ref": "#/parameters/regenerateParamPost" } ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SetupLink" } } } }, "delete": { "summary": "Delete the Setup Link", "parameters": [ { "$ref": "#/parameters/tenantParamGet" }, { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/setupLinkId" } ], "operationId": "delete-sso-setup-link", "tags": [ "Setup Links | Single Sign On" ], "responses": { "200": { "description": "Success", "schema": { "type": "object", "example": { "data": {} } } } } }, "get": { "summary": "Get the Setup Link", "parameters": [ { "$ref": "#/parameters/tenantParamGet" }, { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/idParamGet" } ], "operationId": "get-sso-setup-link", "tags": [ "Setup Links | Single Sign On" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SetupLink" } } } } }, "/api/v1/dsync/setuplinks": { "post": { "summary": "Create a Setup Link", "operationId": "create-dsync-setup-link", "tags": [ "Setup Links | Directory Sync" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "parameters": [ { "$ref": "#/parameters/nameParamPost" }, { "$ref": "#/parameters/tenantParamPost" }, { "$ref": "#/parameters/productParamPost" }, { "$ref": "#/parameters/webhookUrlParamPost" }, { "$ref": "#/parameters/webhookSecretParamPost" }, { "$ref": "#/parameters/expiryDaysParamPost" }, { "$ref": "#/parameters/regenerateParamPost" } ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SetupLink" } } } }, "delete": { "summary": "Delete the Setup Link", "parameters": [ { "$ref": "#/parameters/tenantParamGet" }, { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/setupLinkId" } ], "operationId": "delete-dsync-setup-link", "tags": [ "Setup Links | Directory Sync" ], "responses": { "200": { "description": "Success", "schema": { "type": "object", "example": { "data": {} } } } } }, "get": { "summary": "Get the Setup Link", "parameters": [ { "$ref": "#/parameters/tenantParamGet" }, { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/idParamGet" } ], "operationId": "get-dsync-setup-link", "tags": [ "Setup Links | Directory Sync" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SetupLink" } } } } }, "/api/v1/sso/setuplinks/product": { "get": { "summary": "Get the Setup Links by product", "parameters": [ { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "operationId": "get-sso-setup-link-by-product", "tags": [ "Setup Links | Single Sign On" ], "responses": { "200": { "description": "Success", "schema": { "type": "array", "items": { "$ref": "#/definitions/SetupLink" } } } } } }, "/api/v1/dsync/setuplinks/product": { "get": { "summary": "Get the Setup Links by product", "parameters": [ { "$ref": "#/parameters/productParamGet" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "operationId": "get-dsync-setup-link-by-product", "tags": [ "Setup Links | Directory Sync" ], "responses": { "200": { "description": "Success", "schema": { "type": "array", "items": { "$ref": "#/definitions/SetupLink" } } } } } }, "/api/v1/sso-traces": { "get": { "summary": "Get trace by ID", "parameters": [ { "name": "id", "description": "Trace ID", "in": "query", "required": true, "type": "string" } ], "tags": [ "SSO Traces" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SSOTrace" } } } } }, "/api/v1/sso-traces/product": { "get": { "summary": "Get all traces for a product", "parameters": [ { "$ref": "#/parameters/product" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "tags": [ "SSO Traces" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/SSOTrace" } }, "pageToken": { "type": "string", "description": "token for pagination" } } } } } } } } }, "/api/v1/dsync": { "post": { "summary": "Create a directory connection", "parameters": [ { "name": "tenant", "description": "Tenant", "in": "formData", "required": true, "type": "string" }, { "name": "product", "description": "Product", "in": "formData", "required": true, "type": "string" }, { "name": "name", "description": "Name", "in": "formData", "required": false, "type": "string" }, { "name": "webhook_url", "description": "Webhook URL", "in": "formData", "required": false, "type": "string" }, { "name": "webhook_secret", "description": "Webhook secret", "in": "formData", "required": false, "type": "string" }, { "name": "type", "description": "Directory provider. (Supported values are azure-scim-v2, onelogin-scim-v2, okta-scim-v2, jumpcloud-scim-v2, generic-scim-v2, google)", "in": "formData", "required": false, "type": "string" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/Directory" } } } }, "get": { "summary": "Get a directory connection by tenant and product", "parameters": [ { "$ref": "#/parameters/tenant" }, { "$ref": "#/parameters/product" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "responses": { "200": { "description": "Success", "schema": { "type": "array", "items": { "$ref": "#/definitions/Directory" } } } } } }, "/api/v1/dsync/{directoryId}": { "get": { "summary": "Get a directory connection by id", "parameters": [ { "name": "directoryId", "description": "Directory ID", "in": "path", "required": true, "type": "string" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/Directory" } } } }, "patch": { "summary": "Update a directory connection", "parameters": [ { "name": "directoryId", "description": "Directory ID", "in": "path", "required": true, "type": "string" }, { "name": "name", "description": "Name", "in": "formData", "required": false, "type": "string" }, { "name": "webhook_url", "description": "Webhook URL", "in": "formData", "required": false, "type": "string" }, { "name": "webhook_secret", "description": "Webhook secret", "in": "formData", "required": false, "type": "string" }, { "name": "log_webhook_events", "description": "If true, webhook requests will be logged", "in": "formData", "required": false, "type": "string" }, { "name": "deactivated", "description": "If true, the directory connection will be deactivated", "in": "formData", "required": false, "type": "string" }, { "name": "google_domain", "description": "Google domain", "in": "formData", "required": false, "type": "string" }, { "name": "google_access_token", "description": "Google access token", "in": "formData", "required": false, "type": "string" }, { "name": "google_refresh_token", "description": "Google refresh token", "in": "formData", "required": false, "type": "string" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/Directory" } } } }, "delete": { "summary": "Delete a directory connection by id", "parameters": [ { "name": "directoryId", "description": "Directory ID", "in": "path", "required": true, "type": "string" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success" } } } }, "/api/v1/dsync/product": { "get": { "summary": "Get directory connections by product", "parameters": [ { "$ref": "#/parameters/product" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/Directory" } }, "pageToken": { "type": "string", "description": "token for pagination" } } } } } } } } }, "/api/v1/dsync/groups/{groupId}": { "get": { "summary": "Get group by id from a directory", "parameters": [ { "$ref": "#/parameters/tenant" }, { "$ref": "#/parameters/product" }, { "$ref": "#/parameters/groupId" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/Group" } } } } }, "/api/v1/dsync/groups": { "get": { "summary": "Get groups from a directory", "parameters": [ { "$ref": "#/parameters/tenant" }, { "$ref": "#/parameters/product" }, { "$ref": "#/parameters/directoryId" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/Group" } }, "pageToken": { "type": "string", "description": "token for pagination" } } } } } } } } }, "/api/v1/dsync/groups/{groupId}/members": { "get": { "summary": "Get list of members in a group", "parameters": [ { "$ref": "#/parameters/tenant" }, { "$ref": "#/parameters/product" }, { "$ref": "#/parameters/groupId" }, { "$ref": "#/parameters/directoryId" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/Member" } } } } } } } } } }, "/api/v1/dsync/users/{userId}": { "get": { "summary": "Get user by id from a directory", "parameters": [ { "$ref": "#/parameters/tenant" }, { "$ref": "#/parameters/product" }, { "name": "userId", "description": "User ID", "in": "path", "required": true, "type": "string" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/User" } } } } }, "/api/v1/dsync/users": { "get": { "summary": "Get users from a directory", "parameters": [ { "$ref": "#/parameters/tenant" }, { "$ref": "#/parameters/product" }, { "$ref": "#/parameters/directoryId" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/User" } }, "pageToken": { "type": "string", "description": "token for pagination" } } } } } } } } }, "/api/v1/dsync/events": { "get": { "summary": "Get event logs for a directory", "parameters": [ { "$ref": "#/parameters/directoryId" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "tags": [ "Directory Sync" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/Event" } }, "pageToken": { "type": "string", "description": "token for pagination" } } } } } } } } }, "/api/v1/federated-saml": { "post": { "summary": "Create an Identity Federation app", "parameters": [ { "name": "name", "description": "Name", "in": "formData", "required": true, "type": "string" }, { "name": "tenant", "description": "Tenant", "in": "formData", "required": true, "type": "string" }, { "name": "product", "description": "Product", "in": "formData", "required": true, "type": "string" }, { "name": "acsUrl", "description": "ACS URL", "in": "formData", "required": true, "type": "string" }, { "name": "entityId", "description": "Entity ID", "in": "formData", "required": true, "type": "string" }, { "name": "logoUrl", "description": "Logo URL", "in": "formData", "required": false, "type": "string" }, { "name": "faviconUrl", "description": "Favicon URL", "in": "formData", "required": false, "type": "string" }, { "name": "primaryColor", "description": "Primary color", "in": "formData", "required": false, "type": "string" }, { "name": "tenants", "description": "Mapping of tenants whose connections will be grouped under this Identity Federation app", "in": "formData", "required": false, "type": "array" }, { "name": "mappings", "description": "Mapping of attributes from the IdP to SP", "in": "formData", "required": false, "type": "array" }, { "name": "type", "description": "If creating an OIDC app, this should be set to 'oidc' otherwise it defaults to 'saml'", "in": "formData", "required": false, "type": "array" }, { "name": "redirectUrl", "description": "If creating an OIDC app, provide the redirect URL", "in": "formData", "required": false, "type": "array" } ], "tags": [ "Identity Federation" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "responses": { "200": { "description": "Success", "schema": { "type": "array", "items": { "$ref": "#/definitions/SAMLFederationApp" } } } } }, "get": { "summary": "Get an Identity Federation app", "parameters": [ { "name": "id", "description": "App ID", "in": "query", "required": true, "type": "string" }, { "name": "tenant", "description": "Tenant", "in": "query", "required": false, "type": "string" }, { "name": "product", "description": "Product", "in": "query", "required": false, "type": "string" } ], "tags": [ "Identity Federation" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SAMLFederationApp" } } } }, "patch": { "summary": "Update an Identity Federation app", "parameters": [ { "name": "id", "description": "App ID", "in": "formData", "required": true, "type": "string" }, { "name": "tenant", "description": "Tenant", "in": "formData", "required": false, "type": "string" }, { "name": "product", "description": "Product", "in": "formData", "required": false, "type": "string" }, { "name": "name", "description": "Name", "in": "formData", "required": false, "type": "string" }, { "name": "acsUrl", "description": "ACS URL", "in": "formData", "required": false, "type": "string" }, { "name": "logoUrl", "description": "Logo URL", "in": "formData", "required": false, "type": "string" }, { "name": "faviconUrl", "description": "Favicon URL", "in": "formData", "required": false, "type": "string" }, { "name": "primaryColor", "description": "Primary color", "in": "formData", "required": false, "type": "string" }, { "name": "tenants", "description": "Mapping of tenants whose connections will be grouped under this Identity Federation app", "in": "formData", "required": false, "type": "array" }, { "name": "mappings", "description": "Mapping of attributes from the IdP to SP", "in": "formData", "required": false, "type": "array" } ], "tags": [ "Identity Federation" ], "produces": [ "application/json" ], "consumes": [ "application/x-www-form-urlencoded", "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SAMLFederationApp" } } } }, "delete": { "summary": "Delete an Identity Federation app", "parameters": [ { "name": "id", "description": "App ID", "in": "query", "required": true, "type": "string" }, { "name": "tenant", "description": "Tenant", "in": "query", "required": false, "type": "string" }, { "name": "product", "description": "Product", "in": "query", "required": false, "type": "string" } ], "tags": [ "Identity Federation" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "schema": { "$ref": "#/definitions/SAMLFederationApp" } } } } }, "/api/v1/federated-saml/product": { "get": { "summary": "Get Identity Federation apps by product", "parameters": [ { "name": "product", "description": "Product", "in": "query", "required": true, "type": "string" }, { "$ref": "#/parameters/pageOffset" }, { "$ref": "#/parameters/pageLimit" }, { "$ref": "#/parameters/pageToken" } ], "tags": [ "Identity Federation" ], "produces": [ "application/json" ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/SAMLFederationApp" } }, "pageToken": { "type": "string", "description": "token for pagination" } } } } } } } } } }, "definitions": { "Connection": { "type": "object", "example": { "idpMetadata": { "sso": { "postUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxsso/saml", "redirectUrl": "https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxsso/saml" }, "entityID": "http://www.okta.com/xxxxxxxxxxxxx", "thumbprint": "Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad", "loginType": "idp", "provider": "okta.com" }, "defaultRedirectUrl": "https://hoppscotch.io/", "redirectUrl": [ "https://hoppscotch.io/" ], "tenant": "hoppscotch.io", "product": "API Engine", "name": "Hoppscotch-SP", "description": "SP for hoppscotch.io", "clientID": "Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk", "clientSecret": "00e3e11a3426f97d8000000738300009130cd45419c5943", "deactivated": false }, "properties": { "clientID": { "type": "string", "description": "Connection clientID" }, "clientSecret": { "type": "string", "description": "Connection clientSecret" }, "name": { "type": "string", "description": "Connection name" }, "label": { "type": "string", "description": "Connection label" }, "description": { "type": "string", "description": "Connection description" }, "redirectUrl": { "type": "string", "description": "A list of allowed redirect URLs" }, "defaultRedirectUrl": { "type": "string", "description": "The redirect URL to use in the IdP login flow" }, "tenant": { "type": "string", "description": "Connection tenant" }, "product": { "type": "string", "description": "Connection product" }, "idpMetadata": { "type": "object", "description": "SAML IdP metadata" }, "oidcProvider": { "type": "object", "description": "OIDC IdP metadata" }, "deactivated": { "type": "boolean", "description": "Connection status" }, "sortOrder": { "type": "number", "description": "Connection sort order" } } }, "validationErrorsPost": { "description": "Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | redirectUrl is invalid | Exceeded maximum number of allowed redirect urls | defaultRedirectUrl is invalid | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters | Strategy: xxxx not supported | Please provide the clientId from OpenID Provider | Please provide the clientSecret from OpenID Provider | Please provide the discoveryUrl for the OpenID Provider" }, "validationErrorsPatch": { "description": "Please provide clientID | Please provide clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters| redirectUrl is invalid | Exceeded maximum number of allowed redirect urls | defaultRedirectUrl is invalid | Tenant/Product config mismatch with OIDC Provider metadata" }, "SetupLink": { "type": "object", "properties": { "setupID": { "type": "string", "description": "Setup link ID" }, "tenant": { "type": "string", "description": "Tenant" }, "product": { "type": "string", "description": "Product" }, "validTill": { "type": "string", "description": "Valid till timestamp" }, "url": { "type": "string", "description": "Setup link URL" } }, "example": { "data": { "setupID": "0689f76f7b5aa22f00381a124cb4b153fc1a8c08", "tenant": "acme", "product": "my-app", "service": "sso", "validTill": 1689849146690, "url": "http://localhost:5225/setup/0b96a483ebfe0af0b561dda35a96647074d944631ff9e070" } } }, "SSOTrace": { "type": "object", "properties": { "traceId": { "type": "string", "description": "Trace ID" }, "error": { "type": "string", "description": "Error" }, "timestamp": { "type": "string", "description": "Timestamp" }, "context": { "type": "object", "properties": { "tenant": { "type": "string", "description": "Tenant" }, "product": { "type": "string", "description": "Product" }, "clientID": { "type": "string", "description": "Connection client ID" }, "issuer": { "type": "string", "description": "Issuer" }, "relayState": { "type": "string", "description": "Relay state" }, "samlResponse": { "type": "string", "description": "SAML response" }, "isSAMLFederated": { "type": "boolean", "description": "Indicates if SAML is federated" }, "isIdPFlow": { "type": "boolean", "description": "Indicates if request is from IdP" } } } } }, "Directory": { "type": "object", "properties": { "id": { "type": "string", "description": "Directory ID" }, "name": { "type": "string", "description": "name" }, "tenant": { "type": "string", "description": "Tenant" }, "product": { "type": "string", "description": "Product" }, "type": { "type": "string", "description": "Directory provider" }, "deactivated": { "type": "boolean", "description": "Status" }, "log_webhook_events": { "type": "boolean", "description": "If true, webhook requests will be logged" }, "scim": { "type": "object", "properties": { "path": { "type": "string", "description": "SCIM path" }, "endpoint": { "type": "string", "description": "SCIM url" }, "secret": { "type": "string", "description": "SCIM secret" } } }, "webhook": { "type": "object", "properties": { "endpoint": { "type": "string", "description": "Webhook url" }, "secret": { "type": "string", "description": "Webhook secret" } } } } }, "Group": { "type": "object", "properties": { "id": { "type": "string", "description": "Group ID" }, "name": { "type": "string", "description": "Group name" }, "raw": { "type": "object", "description": "Raw group attributes from the Identity Provider" } } }, "Member": { "type": "object", "properties": { "user_id": { "type": "string", "description": "ID of the user" } } }, "User": { "type": "object", "properties": { "id": { "type": "string", "description": "User ID" }, "first_name": { "type": "string", "description": "First name" }, "last_name": { "type": "string", "description": "Last name" }, "email": { "type": "string", "description": "Email address" }, "active": { "type": "boolean", "description": "Indicates whether the user is active or not" }, "raw": { "type": "object", "description": "Raw user attributes from the Identity Provider" } } }, "Event": { "type": "object", "example": { "id": "id1", "webhook_endpoint": "https://example.com/webhook", "created_at": "2024-03-05T17:06:26.074Z", "status_code": 200, "delivered": true, "payload": { "directory_id": "58b5cd9dfaa39d47eb8f5f88631f9a629a232016", "event": "user.created", "tenant": "boxyhq", "product": "jackson", "data": { "id": "038e767b-9bc6-4dbd-975e-fbc38a8e7d82", "first_name": "Deepak", "last_name": "Prabhakara", "email": "deepak@boxyhq.com", "active": true, "raw": { "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User" ], "userName": "deepak@boxyhq.com", "name": { "givenName": "Deepak", "familyName": "Prabhakara" }, "emails": [ { "primary": true, "value": "deepak@boxyhq.com", "type": "work" } ], "title": "CEO", "displayName": "Deepak Prabhakara", "locale": "en-US", "externalId": "00u1ldzzogFkXFmvT5d7", "groups": [], "active": true, "id": "038e767b-9bc6-4dbd-975e-fbc38a8e7d82" } } } } }, "SAMLFederationApp": { "type": "object", "properties": { "id": { "type": "string", "description": "id" }, "name": { "type": "string", "description": "name" }, "tenant": { "type": "string", "description": "Tenant" }, "product": { "type": "string", "description": "Product" }, "acsUrl": { "type": "string", "description": "ACS URL" }, "entityId": { "type": "string", "description": "Entity ID" }, "logoUrl": { "type": "string", "description": "Logo URL (optional)" }, "faviconUrl": { "type": "string", "description": "Favicon URL (optional)" }, "primaryColor": { "type": "string", "description": "Primary color (optional)" } } } }, "responses": { "200Get": { "description": "Success", "schema": { "type": "array", "items": { "$ref": "#/definitions/Connection" } } }, "400Get": { "description": "Please provide a `product`." }, "401Get": { "description": "Unauthorized" }, "200GetByProduct": { "description": "Success", "content": { "application/json": { "schema": { "type": "object", "properties": { "data": { "type": "array", "items": { "$ref": "#/definitions/Connection" } }, "pageToken": { "type": "string", "description": "token for pagination" } } } } } } }, "parameters": { "nameParamPost": { "name": "name", "description": "Name of connection", "type": "string", "in": "formData", "required": false }, "labelParamPost": { "name": "label", "description": "An internal label to identify the connection", "type": "string", "in": "formData" }, "descriptionParamPost": { "name": "description", "description": "A short description for the connection not more than 100 characters", "type": "string", "in": "formData" }, "encodedRawMetadataParamPost": { "name": "encodedRawMetadata", "description": "Base64 encoding of the XML metadata", "in": "formData", "type": "string" }, "rawMetadataParamPost": { "name": "rawMetadata", "description": "Raw XML metadata", "in": "formData", "type": "string" }, "metadataUrlParamPost": { "name": "metadataUrl", "description": "URL containing raw XML metadata", "in": "formData", "type": "string" }, "defaultRedirectUrlParamPost": { "name": "defaultRedirectUrl", "description": "The redirect URL to use in the IdP login flow", "in": "formData", "required": true, "type": "string" }, "redirectUrlParamPost": { "name": "redirectUrl", "description": "JSON encoded array containing a list of allowed redirect URLs", "in": "formData", "required": true, "type": "string" }, "tenantParamPost": { "name": "tenant", "description": "Tenant", "in": "formData", "required": true, "type": "string" }, "productParamPost": { "name": "product", "description": "Product", "in": "formData", "required": true, "type": "string" }, "oidcDiscoveryUrlPost": { "name": "oidcDiscoveryUrl", "description": "well-known URL where the OpenID Provider configuration is exposed", "in": "formData", "type": "string" }, "oidcMetadataPost": { "name": "oidcMetadata", "description": "metadata (JSON) for the OpenID Provider in the absence of discoveryUrl", "in": "formData", "type": "string" }, "oidcClientIdPost": { "name": "oidcClientId", "description": "clientId of the application set up on the OpenID Provider", "in": "formData", "type": "string" }, "oidcClientSecretPost": { "name": "oidcClientSecret", "description": "clientSecret of the application set up on the OpenID Provider", "in": "formData", "type": "string" }, "sortOrder": { "name": "sortOrder", "description": "Indicate the position of the connection in the IdP selection screen", "in": "formData", "type": "number", "required": false }, "clientIDParamPatch": { "name": "clientID", "description": "Client ID for the connection", "type": "string", "in": "formData", "required": true }, "clientSecretParamPatch": { "name": "clientSecret", "description": "Client Secret for the connection", "type": "string", "in": "formData", "required": true }, "nameParamPatch": { "name": "name", "description": "Name/identifier for the connection", "type": "string", "in": "formData" }, "labelParamPatch": { "name": "label", "description": "An internal label to identify the connection", "type": "string", "in": "formData" }, "descriptionParamPatch": { "name": "description", "description": "A short description for the connection not more than 100 characters", "type": "string", "in": "formData" }, "encodedRawMetadataParamPatch": { "name": "encodedRawMetadata", "description": "Base64 encoding of the XML metadata", "in": "formData", "type": "string" }, "rawMetadataParamPatch": { "name": "rawMetadata", "description": "Raw XML metadata", "in": "formData", "type": "string" }, "metadataUrlParamPatch": { "name": "metadataUrl", "description": "URL containing raw XML metadata", "in": "formData", "type": "string" }, "oidcDiscoveryUrlPatch": { "name": "oidcDiscoveryUrl", "description": "well-known URL where the OpenID Provider configuration is exposed", "in": "formData", "type": "string" }, "oidcMetadataPatch": { "name": "oidcMetadata", "description": "metadata (JSON) for the OpenID Provider in the absence of discoveryUrl", "in": "formData", "type": "string" }, "oidcClientIdPatch": { "name": "oidcClientId", "description": "clientId of the application set up on the OpenID Provider", "in": "formData", "type": "string" }, "oidcClientSecretPatch": { "name": "oidcClientSecret", "description": "clientSecret of the application set up on the OpenID Provider", "in": "formData", "type": "string" }, "defaultRedirectUrlParamPatch": { "name": "defaultRedirectUrl", "description": "The redirect URL to use in the IdP login flow", "in": "formData", "type": "string" }, "redirectUrlParamPatch": { "name": "redirectUrl", "description": "JSON encoded array containing a list of allowed redirect URLs", "in": "formData", "type": "string" }, "tenantParamPatch": { "name": "tenant", "description": "Tenant", "in": "formData", "required": true, "type": "string" }, "productParamPatch": { "name": "product", "description": "Product", "in": "formData", "required": true, "type": "string" }, "deactivatedParamPatch": { "name": "deactivated", "description": "Connection status", "in": "formData", "required": false, "type": "boolean" }, "sortOrderParamPatch": { "name": "sortOrder", "description": "Indicate the position of the connection in the IdP selection screen", "in": "formData", "type": "number", "required": false }, "tenantParamGet": { "in": "query", "name": "tenant", "type": "string", "description": "Tenant", "required": true }, "productParamGet": { "in": "query", "name": "product", "type": "string", "description": "Product", "required": true }, "clientIDParamGet": { "in": "query", "name": "clientID", "type": "string", "description": "Client ID" }, "strategyParamGet": { "in": "query", "name": "strategy", "type": "string", "description": "Strategy which can help to filter connections with tenant/product query" }, "sortParamGet": { "in": "query", "name": "sort", "type": "string", "description": "If present, the connections will be sorted by `sortOrder`. It won't consider if pagination is used." }, "clientIDDel": { "name": "clientID", "in": "query", "type": "string", "description": "Client ID" }, "clientSecretDel": { "name": "clientSecret", "in": "query", "type": "string", "description": "Client Secret" }, "tenantDel": { "name": "tenant", "in": "query", "type": "string", "description": "Tenant" }, "productDel": { "name": "product", "in": "query", "type": "string", "description": "Product" }, "strategyDel": { "name": "strategy", "in": "query", "type": "string", "description": "Strategy which can help to filter connections with tenant/product query" }, "webhookUrlParamPost": { "name": "webhook_url", "description": "The URL to send the directory sync events to", "in": "formData", "type": "string", "required": true }, "webhookSecretParamPost": { "name": "webhook_secret", "description": "The secret to sign the directory sync events", "in": "formData", "type": "string", "required": true }, "expiryDaysParamPost": { "name": "expiryDays", "description": "Days in number for the setup link to expire", "default": 3, "in": "formData", "type": "number", "required": false }, "regenerateParamPost": { "name": "regenerate", "description": "If passed as true, it will remove the existing setup link and create a new one.", "in": "formData", "default": false, "type": "boolean", "required": false }, "setupLinkId": { "name": "id", "description": "Setup link ID", "in": "query", "required": false, "type": "string" }, "idParamGet": { "name": "id", "description": "Setup Link ID", "in": "query", "required": false, "type": "string" }, "tenant": { "name": "tenant", "description": "Tenant", "in": "query", "required": true, "type": "string" }, "product": { "name": "product", "description": "Product", "in": "query", "required": true, "type": "string" }, "directoryId": { "name": "directoryId", "description": "Directory ID", "in": "query", "required": false, "type": "string" }, "pageOffset": { "name": "pageOffset", "description": "Starting point from which the set of records are retrieved", "in": "query", "required": false, "type": "string" }, "pageLimit": { "name": "pageLimit", "description": "Number of records to be fetched for the page", "in": "query", "required": false, "type": "string" }, "pageToken": { "name": "pageToken", "description": "Token used for DynamoDB pagination", "in": "query", "required": false, "type": "string" }, "groupId": { "name": "groupId", "description": "Group ID", "in": "path", "required": true, "type": "string" } }, "components": {}, "tags": [] }