#
# Copyright (C) 2015 The Gravitee team (http://gravitee.io)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
openapi: 3.0.1
info:
title: Gravitee.io - Access Management API
version: 4.7.0
servers:
- url: /management
security:
- gravitee-auth: []
tags:
- name: Authentication Device Notifier
- name: Bot Detection
- name: Certificate
- name: Device Identifier
- name: Extension Grant
- name: Factor
- name: Identity Provider
- name: Newsletter
- name: Notifier
- name: Password Policy
- name: Plugin
- name: Policy
- name: Reporter
- name: Resource
- name: alerts
- name: application
- name: audit
- name: bot detection
- name: certificate
- name: dataPlane
- name: device identifiers
- name: devices
- name: dictionary
- name: domain
- name: email
- name: entrypoints
- name: extension grant
- name: factor
- name: flow
- name: form
- name: group
- name: identity provider
- name: platform
- name: preview
- name: reporter
- name: resource
- name: role
- name: scope
- name: sharding-tags
- name: theme
- name: user
- name: user notifications
paths:
/application.wadl:
get:
operationId: getWadl
responses:
default:
description: default response
content:
application/vnd.sun.wadl+xml: {}
application/xml: {}
/application.wadl/{path}:
get:
operationId: getExternalGrammar
parameters:
- name: path
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/xml: {}
/organizations/{organizationId}/audits:
get:
tags:
- audit
summary: List audit logs for the organization
description: "User must have the ORGANIZATION_AUDIT[LIST] permission on the\
\ specified organization. Except if user has ORGANIZATION_AUDIT[READ] permission\
\ on the organization, each returned audit is filtered and contains only basic\
\ information such as id, date, event, actor, target and status."
operationId: list
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: type
in: query
schema:
type: string
- name: status
in: query
schema:
type: string
- name: user
in: query
schema:
type: string
- name: from
in: query
schema:
type: integer
format: int64
- name: to
in: query
schema:
type: integer
format: int64
- name: size
in: query
schema:
type: integer
format: int32
default: 10
- name: page
in: query
schema:
type: integer
format: int32
default: 0
responses:
"200":
description: List audit logs for the platform
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Audit"
"500":
description: Internal server error
/organizations/{organizationId}/audits/{audit}:
get:
tags:
- audit
summary: Get an audit log
description: "User must have the ORGANIZATION_AUDIT[READ] permission on the\
\ specified organization"
operationId: get_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: audit
in: path
required: true
schema:
type: string
responses:
"200":
description: Audit log successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Audit"
"500":
description: Internal server error
/organizations/{organizationId}/entrypoints:
get:
tags:
- entrypoints
summary: List entrypoints
description: "User must have the ORGANIZATION[LIST] permission on the specified\
\ organization. Each returned entrypoint is filtered and contains only basic\
\ information such as id and name."
operationId: list_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
responses:
"200":
description: List all the entrypoints
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Entrypoint"
"500":
description: Internal server error
post:
tags:
- entrypoints
summary: Create a entrypoint
description: "User must have the ORGANIZATION_ENTRYPOINT[CREATE] permission\
\ on the specified organization"
operationId: create
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewEntrypoint"
required: true
responses:
"201":
description: Entrypoint successfully created
"500":
description: Internal server error
/organizations/{organizationId}/entrypoints/{entrypointId}:
get:
tags:
- entrypoints
summary: Get a sharding entrypoint
description: "User must have the ORGANIZATION_ENTRYPOINT[READ] permission on\
\ the specified organization"
operationId: get_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: entrypointId
in: path
required: true
schema:
type: string
responses:
"200":
description: Sharding entrypoint
content:
application/json:
schema:
$ref: "#/components/schemas/Entrypoint"
"500":
description: Internal server error
put:
tags:
- entrypoints
summary: Update the sharding entrypoint
description: "User must have the ORGANIZATION_ENTRYPOINT[UPDATE] permission\
\ on the specified organization"
operationId: update
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: entrypointId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateEntrypoint"
required: true
responses:
"200":
description: Sharding entrypoint successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Entrypoint"
"500":
description: Internal server error
delete:
tags:
- entrypoints
summary: Delete the sharding entrypoint
description: "User must have the ORGANIZATION_ENTRYPOINT[DELETE] permission\
\ on the specified organization"
operationId: delete
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: entrypointId
in: path
required: true
schema:
type: string
responses:
"204":
description: Sharding entrypoint successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments:
get:
summary: List all the environments
description: "User must have the ENVIRONMENT[LIST] permission on the specified\
\ organization AND either ENVIRONMENT[READ] permission on each environment\
\ or ENVIRONMENT[READ] permission on the specified organization.Each returned\
\ environment is filtered and contains only basic information such as id and\
\ name."
operationId: list_17
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
responses:
"200":
description: List all the environments of the organization
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Environment"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/data-planes:
get:
tags:
- dataPlane
summary: List of data planes
description: "List all the data planes accessible to the current user. User\
\ must have DOMAIN[CREATE] permission on the specified environment or organization"
operationId: listDataPlanes
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
responses:
"200":
description: List accessible data planes for current user
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/DataPlane"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains:
get:
tags:
- domain
summary: List security domains for an environment
description: "List all the security domains accessible to the current user.\
\ User must have DOMAIN[LIST] permission on the specified environment or organization\
\ AND either DOMAIN[READ] permission on each security domain or DOMAIN[READ]\
\ permission on the specified environment or DOMAIN[READ] permission on the\
\ specified organization.Each returned domain is filtered and contains only\
\ basic information such as id, name and description and isEnabled."
operationId: listDomains
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 50
- name: q
in: query
schema:
type: string
responses:
"200":
description: List accessible security domains for current user
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
post:
tags:
- domain
summary: Create a security domain.
description: "Create a security domain. User must have DOMAIN[CREATE] permission\
\ on the specified environment or DOMAIN[CREATE] permission on the specified\
\ organization"
operationId: createDomain
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewDomain"
required: true
responses:
"201":
description: Domain successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/_hrid/{hrid}:
get:
tags:
- domain
summary: Get a security domain by hrid
description: "User must have the DOMAIN[READ] permission on the specified domain,\
\ environment or organization. Domain will be filtered according to permissions\
\ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\
\ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)"
operationId: findDomainByHrid
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: hrid
in: path
required: true
schema:
type: string
responses:
"200":
description: Domain
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}:
get:
tags:
- domain
summary: Get a security domain
description: "User must have the DOMAIN[READ] permission on the specified domain,\
\ environment or organization. Domain will be filtered according to permissions\
\ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\
\ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)"
operationId: findDomain
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: Domain
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
put:
tags:
- domain
summary: Update the security domain
description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
\ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
\ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization."
operationId: updateDomain
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchDomain"
required: true
responses:
"200":
description: Domain successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
delete:
tags:
- domain
summary: Delete the security domain
description: "User must have the DOMAIN[DELETE] permission on the specified\
\ domain or DOMAIN[DELETE] permission on the specified environment or DOMAIN[DELETE]\
\ permission on the specified organization."
operationId: deleteDomain
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"204":
description: Domain successfully deleted
"500":
description: Internal server error
patch:
tags:
- domain
summary: Patch the security domain
description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
\ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
\ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization."
operationId: patchDomain
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchDomain"
required: true
responses:
"200":
description: Domain successfully patched
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers:
get:
tags:
- alerts
- domain
summary: List alert notifiers
description: "List all the alert notifiers of the domain. User must have DOMAIN_ALERT_NOTIFIER[LIST]\
\ permission on the specified domain, environment or organization."
operationId: listAlertNotifiers
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List alert notifiers for current user
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/AlertNotifier"
"500":
description: Internal server error
post:
tags:
- alerts
- domain
summary: Create an alert notifier
description: "Create a new alert notifierUser must have DOMAIN_ALERT_NOTIFIER[CREATE]\
\ permission on the specified domain, environment or organization."
operationId: createAlertNotifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewAlertNotifier"
required: true
responses:
"200":
description: Alert notifier successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/AlertNotifier"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers/{notifierId}:
get:
tags:
- alerts
- domain
summary: Get an alert notifier
description: "Get an alert notifier by its id. User must have DOMAIN_ALERT_NOTIFIER[LIST]\
\ permission on the specified domain, environment or organization."
operationId: getAlertNotifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: notifierId
in: path
required: true
schema:
type: string
responses:
"200":
description: The alert notifier
content:
application/json:
schema:
$ref: "#/components/schemas/AlertNotifier"
"500":
description: Internal server error
delete:
tags:
- alerts
- domain
summary: Delete an alert notifier
description: "Delete an alert notifier by its id. User must have DOMAIN_ALERT_NOTIFIER[DELETE]\
\ permission on the specified domain, environment or organization."
operationId: deleteAlertNotifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: notifierId
in: path
required: true
schema:
type: string
responses:
"204":
description: Alert notifier successfully deleted
"500":
description: Internal server error
patch:
tags:
- alerts
- domain
summary: Update an alert notifier
description: "Update an alert notifierUser must have DOMAIN_ALERT_NOTIFIER[UPDATE]\
\ permission on the specified domain, environment or organization."
operationId: patchAlertNotifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: notifierId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchAlertNotifier"
required: true
responses:
"200":
description: Alert notifier successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/AlertNotifier"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/triggers:
get:
tags:
- alerts
- domain
summary: List alert alert triggers
description: "List all the alert triggers of the domain accessible to the current\
\ user. User must have DOMAIN_ALERT[LIST] permission on the specified domain,\
\ environment or organization."
operationId: list_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List alert triggers for current user
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/AlertTrigger"
"500":
description: Internal server error
patch:
tags:
- alerts
- domain
summary: Update multiple alert triggers
description: "Update multiple alert triggers in the same timeUser must have\
\ DOMAIN_ALERT[UPDATE] permission on the specified domain, environment or\
\ organization."
operationId: list_3
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/PatchAlertTrigger"
required: true
responses:
"200":
description: Alert triggers successfully updated
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/AlertTrigger"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/analytics:
get:
tags:
- domain
summary: Find domain analytics
description: "User must have DOMAIN_ANALYTICS[READ] permission on the specified\
\ domain or DOMAIN_ANALYTICS[READ] permission on the specified environment\
\ or DOMAIN_ANALYTICS[READ] permission on the specified organization"
operationId: get_3
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: from
in: query
description: Used to define the start date of the time window to query
schema:
type: integer
format: int64
- name: to
in: query
description: Used to define the end date of the time window to query
schema:
type: integer
format: int64
- name: interval
in: query
description: The time interval when getting histogram data
schema:
type: integer
format: int64
- name: size
in: query
description: The number of data to retrieve
schema:
type: integer
format: int32
- name: type
in: query
description: "The type of data to retrieve (group_by, date_histo, count)"
required: true
schema:
$ref: "#/components/schemas/AnalyticsTypeParam"
- name: field
in: query
schema:
type: string
responses:
"200":
description: Analytics successfully fetched
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications:
get:
tags:
- application
- domain
summary: List registered applications for a security domain
description: "User must have the APPLICATION[LIST] permission on the specified\
\ domain, environment or organization AND either APPLICATION[READ] permission\
\ on each domain's application or APPLICATION[READ] permission on the specified\
\ domain or APPLICATION[READ] permission on the specified environment or APPLICATION[READ]\
\ permission on the specified organization. Each returned application is filtered\
\ and contains only basic information such as id, name, description and isEnabled."
operationId: listApplications
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 50
- name: q
in: query
schema:
type: string
responses:
"200":
description: List registered applications for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/ApplicationPage"
"500":
description: Internal server error
post:
tags:
- application
- domain
summary: Create an application
description: "User must have APPLICATION[CREATE] permission on the specified\
\ domain or APPLICATION[CREATE] permission on the specified environment or\
\ APPLICATION[CREATE] permission on the specified organization"
operationId: createApplication
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewApplication"
required: true
responses:
"201":
description: Application successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/Application"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}:
get:
tags:
- application
- domain
summary: Get an application
description: "User must have the APPLICATION[READ] permission on the specified\
\ application or APPLICATION[READ] permission on the specified domain or APPLICATION[READ]\
\ permission on the specified environment or APPLICATION[READ] permission\
\ on the specified organization. Application will be filtered according to\
\ permissions (READ on APPLICATION_IDENTITY_PROVIDER, APPLICATION_CERTIFICATE,\
\ APPLICATION_METADATA, APPLICATION_USER_ACCOUNT, APPLICATION_SETTINGS)"
operationId: findApplication
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
responses:
"200":
description: Application
content:
application/json:
schema:
$ref: "#/components/schemas/Application"
"500":
description: Internal server error
put:
tags:
- application
- domain
summary: Update an application
description: "User must have APPLICATION[UPDATE] permission on the specified\
\ application or APPLICATION[UPDATE] permission on the specified domain or\
\ APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE]\
\ permission on the specified organization"
operationId: updateApplication
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchApplication"
required: true
responses:
"200":
description: Application successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Application"
"500":
description: Internal server error
delete:
tags:
- application
- domain
summary: Delete an application
description: "User must have APPLICATION[DELETE] permission on the specified\
\ application or APPLICATION[DELETE] permission on the specified domain or\
\ APPLICATION[DELETE] permission on the specified environment or APPLICATION[DELETE]\
\ permission on the specified organization"
operationId: deleteApplication
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
responses:
"204":
description: Application successfully deleted
"500":
description: Internal server error
patch:
tags:
- application
- domain
summary: Patch an application
description: "User must have APPLICATION[UPDATE] permission on the specified\
\ application or APPLICATION[UPDATE] permission on the specified domain or\
\ APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE]\
\ permission on the specified organization"
operationId: patchApplication
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchApplication"
required: true
responses:
"200":
description: Application successfully patched
content:
application/json:
schema:
$ref: "#/components/schemas/Application"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/analytics:
get:
tags:
- application
- domain
summary: Find application analytics
description: "User must have APPLICATION_ANALYTICS[READ] permission on the specified\
\ application or APPLICATION_ANALYTICS[READ] permission on the specified domain\
\ or APPLICATION_ANALYTICS[READ] permission on the specified environment or\
\ APPLICATION_ANALYTICS[READ] permission on the specified organization"
operationId: get_4
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: from
in: query
description: Used to define the start date of the time window to query
schema:
type: integer
format: int64
- name: to
in: query
description: Used to define the end date of the time window to query
schema:
type: integer
format: int64
- name: interval
in: query
description: The time interval when getting histogram data
schema:
type: integer
format: int64
- name: size
in: query
description: The number of data to retrieve
schema:
type: integer
format: int32
- name: type
in: query
description: "The type of data to retrieve (group_by, date_histo, count)"
required: true
schema:
$ref: "#/components/schemas/AnalyticsTypeParam"
- name: field
in: query
schema:
type: string
responses:
"200":
description: Analytics successfully fetched
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails:
get:
tags:
- email
- application
- domain
summary: Find a email for an application
description: "User must have APPLICATION_EMAIL_TEMPLATE[READ] permission on\
\ the specified application or APPLICATION_EMAIL_TEMPLATE[READ] permission\
\ on the specified domain or APPLICATION_EMAIL_TEMPLATE[READ] permission on\
\ the specified environment or APPLICATION_EMAIL_TEMPLATE[READ] permission\
\ on the specified organization"
operationId: get_5
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: template
in: query
required: true
schema:
type: string
enum:
- LOGIN
- REGISTRATION
- REGISTRATION_CONFIRMATION
- REGISTRATION_VERIFY
- FORGOT_PASSWORD
- RESET_PASSWORD
- OAUTH2_USER_CONSENT
- MFA_ENROLL
- MFA_CHALLENGE
- MFA_CHALLENGE_ALTERNATIVES
- MFA_RECOVERY_CODE
- BLOCKED_ACCOUNT
- COMPLETE_PROFILE
- WEBAUTHN_REGISTER
- WEBAUTHN_REGISTER_SUCCESS
- WEBAUTHN_LOGIN
- IDENTIFIER_FIRST_LOGIN
- ERROR
- CERTIFICATE_EXPIRATION
- VERIFY_ATTEMPT
responses:
"200":
description: Email successfully fetched
"500":
description: Internal server error
post:
tags:
- email
- application
- domain
summary: Create a email for an application
description: "User must have APPLICATION_EMAIL_TEMPLATE[CREATE] permission on\
\ the specified application or APPLICATION_EMAIL_TEMPLATE[CREATE] permission\
\ on the specified domain or APPLICATION_EMAIL_TEMPLATE[CREATE] permission\
\ on the specified environment or APPLICATION_EMAIL_TEMPLATE[CREATE] permission\
\ on the specified organization"
operationId: create_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewEmail"
required: true
responses:
"201":
description: Email successfully created
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails/{email}:
put:
tags:
- email
- application
- domain
summary: Update an email for an application
description: "User must have APPLICATION_EMAIL_TEMPLATE[UPDATE] permission on\
\ the specified application or APPLICATION_EMAIL_TEMPLATE[UPDATE] permission\
\ on the specified domain or APPLICATION_EMAIL_TEMPLATE[UPDATE] permission\
\ on the specified environment or APPLICATION_EMAIL_TEMPLATE[UPDATE] permission\
\ on the specified organization"
operationId: update_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: email
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateEmail"
required: true
responses:
"201":
description: Email successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Email"
"500":
description: Internal server error
delete:
tags:
- email
- application
- domain
summary: Delete an email for an application
description: "User must have APPLICATION_EMAIL_TEMPLATE[DELETE] permission on\
\ the specified application or APPLICATION_EMAIL_TEMPLATE[DELETE] permission\
\ on the specified domain or APPLICATION_EMAIL_TEMPLATE[DELETE] permission\
\ on the specified environment or APPLICATION_EMAIL_TEMPLATE[DELETE] permission\
\ on the specified organization"
operationId: delete_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: email
in: path
required: true
schema:
type: string
responses:
"204":
description: Email successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows:
get:
tags:
- application
- domain
summary: List registered flows for an application
description: "User must have the APPLICATION_FLOW[LIST] permission on the specified\
\ domain or APPLICATION_FLOW[LIST] permission on the specified environment\
\ or APPLICATION_FLOW[LIST] permission on the specified organization. Except\
\ if user has APPLICATION_FLOW[READ] permission on the domain, environment\
\ or organization, each returned flow is filtered and contains only basic\
\ information such as id and name and isEnabled."
operationId: listAppFlows
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered flows for an application
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
put:
tags:
- application
- domain
summary: Create or update list of flows
description: "User must have the APPLICATION_FLOW[UPDATE] permission on the\
\ specified domain or APPLICATION_FLOW[UPDATE] permission on the specified\
\ environment or APPLICATION_FLOW[UPDATE] permission on the specified organization"
operationId: defineAppFlows
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Flow"
required: true
responses:
"200":
description: Flows successfully updated
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows/{flow}:
get:
tags:
- application
- domain
summary: Get a flow
description: "User must have the APPLICATION_FLOW[READ] permission on the specified\
\ domain or APPLICATION_FLOW[READ] permission on the specified environment\
\ or APPLICATION_FLOW[READ] permission on the specified organization"
operationId: getAppFlow
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: flow
in: path
required: true
schema:
type: string
responses:
"200":
description: Flow
content:
application/json:
schema:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
put:
tags:
- application
- domain
summary: Update a flow
description: "User must have the APPLICATION_FLOW[UPDATE] permission on the\
\ specified domain or APPLICATION_FLOW[UPDATE] permission on the specified\
\ environment or APPLICATION_FLOW[UPDATE] permission on the specified organization"
operationId: updateAppFlow
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: flow
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/Flow"
required: true
responses:
"201":
description: Flow successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms:
get:
tags:
- form
- application
- domain
summary: Find a form for an application
description: "User must have APPLICATION_FORM[READ] permission on the specified\
\ application or APPLICATION_FORM[READ] permission on the specified domain\
\ or APPLICATION_FORM[READ] permission on the specified environment or APPLICATION_FORM[READ]\
\ permission on the specified organization"
operationId: get_6
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: template
in: query
required: true
schema:
type: string
enum:
- LOGIN
- REGISTRATION
- REGISTRATION_CONFIRMATION
- REGISTRATION_VERIFY
- FORGOT_PASSWORD
- RESET_PASSWORD
- OAUTH2_USER_CONSENT
- MFA_ENROLL
- MFA_CHALLENGE
- MFA_CHALLENGE_ALTERNATIVES
- MFA_RECOVERY_CODE
- BLOCKED_ACCOUNT
- COMPLETE_PROFILE
- WEBAUTHN_REGISTER
- WEBAUTHN_REGISTER_SUCCESS
- WEBAUTHN_LOGIN
- IDENTIFIER_FIRST_LOGIN
- ERROR
- CERTIFICATE_EXPIRATION
- VERIFY_ATTEMPT
responses:
"200":
description: Form successfully fetched
"500":
description: Internal server error
post:
tags:
- form
- application
- domain
summary: Create a form for an application
description: "User must have APPLICATION_FORM[CREATE] permission on the specified\
\ application or APPLICATION_FORM[CREATE] permission on the specified domain\
\ or APPLICATION_FORM[CREATE] permission on the specified environment or APPLICATION_FORM[CREATE]\
\ permission on the specified organization"
operationId: create_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewForm"
required: true
responses:
"201":
description: Form successfully created
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms/{form}:
put:
tags:
- form
- application
- domain
summary: Update a form for an application
description: "User must have APPLICATION_FORM[UPDATE] permission on the specified\
\ application or APPLICATION_FORM[UPDATE] permission on the specified domain\
\ or APPLICATION_FORM[UPDATE] permission on the specified environment or APPLICATION_FORM[UPDATE]\
\ permission on the specified organization"
operationId: update_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: form
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateForm"
required: true
responses:
"201":
description: Form successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Form"
"500":
description: Internal server error
delete:
tags:
- form
- application
- domain
summary: Delete a form for an application
description: "User must have APPLICATION_FORM[DELETE] permission on the specified\
\ application or APPLICATION_FORM[DELETE] permission on the specified domain\
\ or APPLICATION_FORM[DELETE] permission on the specified environment or APPLICATION_FORM[DELETE]\
\ permission on the specified organization"
operationId: delete_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: form
in: path
required: true
schema:
type: string
responses:
"204":
description: Form successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members:
get:
tags:
- application
- domain
summary: List members for an application
description: "User must have APPLICATION_MEMBER[LIST] permission on the specified\
\ application or APPLICATION_MEMBER[LIST] permission on the specified domain\
\ or APPLICATION_MEMBER[LIST] permission on the specified environment or APPLICATION_MEMBER[LIST]\
\ permission on the specified organization"
operationId: getMembers
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
responses:
"200":
description: List members for an application
content:
application/json:
schema:
$ref: "#/components/schemas/MembershipListItem"
"500":
description: Internal server error
post:
tags:
- application
- domain
summary: Add or update an application member
description: "User must have APPLICATION_MEMBER[CREATE] permission on the specified\
\ application or APPLICATION_MEMBER[CREATE] permission on the specified domain\
\ or APPLICATION_MEMBER[CREATE] permission on the specified environment or\
\ APPLICATION_MEMBER[CREATE] permission on the specified organization"
operationId: addOrUpdateMember
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewMembership"
required: true
responses:
"201":
description: Member has been added or updated successfully
"400":
description: Membership parameter is not valid
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members/permissions:
get:
tags:
- application
- domain
summary: List application member's permissions
description: "User must have APPLICATION[READ] permission on the specified application\
\ or APPLICATION[READ] permission on the specified domain or APPLICATION[READ]\
\ permission on the specified environment or APPLICATION[READ] permission\
\ on the specified organization"
operationId: permissions
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
responses:
"200":
description: Application member's permissions
content:
application/json:
schema:
type: string
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members/{member}:
delete:
tags:
- application
- domain
summary: Remove a membership
description: "User must have APPLICATION_MEMBER[DELETE] permission on the specified\
\ application or APPLICATION_MEMBER[DELETE] permission on the specified domain\
\ or APPLICATION_MEMBER[DELETE] permission on the specified environment or\
\ APPLICATION_MEMBER[DELETE] permission on the specified organization"
operationId: removeMember
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: member
in: path
required: true
schema:
type: string
responses:
"204":
description: Membership successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources:
get:
tags:
- application
- domain
summary: List resources for an application
description: "User must have APPLICATION_RESOURCE[LIST] permission on the specified\
\ application or APPLICATION_RESOURCE[LIST] permission on the specified domain\
\ or APPLICATION_RESOURCE[LIST] permission on the specified environment or\
\ APPLICATION_RESOURCE[LIST] permission on the specified organization"
operationId: list_5
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 50
responses:
"200":
description: List resources for an application
content:
application/json:
schema:
$ref: "#/components/schemas/ResourceListItem"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}:
get:
tags:
- application
- domain
summary: Get a resource for an application
description: "User must have APPLICATION_RESOURCE[READ] permission on the specified\
\ application or APPLICATION_RESOURCE[READ] permission on the specified domain\
\ or APPLICATION_RESOURCE[READ] permission on the specified environment or\
\ APPLICATION_RESOURCE[READ] permission on the specified organization"
operationId: get_7
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: resource
in: path
required: true
schema:
type: string
responses:
"200":
description: Get a resource for an application
content:
application/json:
schema:
$ref: "#/components/schemas/Resource"
"500":
description: Internal server error
? /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}/policies
: get:
tags:
- application
- domain
summary: Get resource access policies
description: "User must have APPLICATION_RESOURCE[READ] permission on the specified\
\ application or APPLICATION_RESOURCE[READ] permission on the specified domain\
\ or APPLICATION_RESOURCE[READ] permission on the specified environment or\
\ APPLICATION_RESOURCE[READ] permission on the specified organization"
operationId: list_4
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: resource
in: path
required: true
schema:
type: string
responses:
"200":
description: Get resource access policies
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/AccessPolicyListItem"
"500":
description: Internal server error
? /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}/policies/{policy}
: get:
tags:
- application
- domain
summary: Get resource access policy
description: "User must have APPLICATION_RESOURCE[READ] permission on the specified\
\ application or APPLICATION_RESOURCE[READ] permission on the specified domain\
\ or APPLICATION_RESOURCE[READ] permission on the specified environment or\
\ APPLICATION_RESOURCE[READ] permission on the specified organization"
operationId: get_8
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
- name: resource
in: path
required: true
schema:
type: string
- name: policy
in: path
required: true
schema:
type: string
responses:
"200":
description: Get resource access policy
content:
application/json:
schema:
$ref: "#/components/schemas/AccessPolicy"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/secret/_renew:
post:
tags:
- application
- domain
summary: Renew application secret
description: "User must have APPLICATION_OPENID[UPDATE] permission on the specified\
\ application or APPLICATION_OPENID[UPDATE] permission on the specified domain\
\ or APPLICATION_OPENID[UPDATE] permission on the specified environment or\
\ APPLICATION_OPENID[UPDATE] permission on the specified organization"
operationId: renewClientSecret
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
responses:
"200":
description: Application secret successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Application"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/type:
put:
tags:
- application
- domain
summary: Update an application type
description: "User must have APPLICATION[UPDATE] permission on the specified\
\ application or APPLICATION[UPDATE] permission on the specified domain or\
\ APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE]\
\ permission on the specified organization"
operationId: updateApplicationType
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: application
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchApplicationType"
required: true
responses:
"200":
description: Application type successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Application"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/audits:
get:
tags:
- audit
- domain
summary: List audit logs for a security domain
description: "User must have the DOMAIN_AUDIT[LIST] permission on the specified\
\ domain, environment or organization. Except if user has ORGANIZATION_AUDIT[READ]\
\ permission on the domain, environment or organization, each returned audit\
\ is filtered and contains only basic information such as id, date, event,\
\ actor, target and status."
operationId: list_6
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: type
in: query
schema:
type: string
- name: status
in: query
schema:
type: string
- name: user
in: query
schema:
type: string
- name: from
in: query
schema:
type: integer
format: int64
- name: to
in: query
schema:
type: integer
format: int64
- name: size
in: query
schema:
type: integer
format: int32
default: 10
- name: page
in: query
schema:
type: integer
format: int32
default: 0
responses:
"200":
description: List audit logs for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Audit"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/audits/{audit}:
get:
tags:
- audit
- domain
summary: Get an audit log
description: "User must have the DOMAIN_AUDIT[READ] permission on the specified\
\ domain or DOMAIN_AUDIT[READ] permission on the specified environment or\
\ DOMAIN_AUDIT[READ] permission on the specified organization"
operationId: get_9
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: audit
in: path
required: true
schema:
type: string
responses:
"200":
description: Audit log successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Audit"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers:
get:
tags:
- Authentication Device Notifier
- domain
summary: List registered Authentication Device Notifiers for a security domain
description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[LIST] permission\
\ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[LIST] permission on\
\ the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[LIST] permission\
\ on the specified organization Each returned Authentication Device Notifier\
\ is filtered and contains only basic information such as id, name."
operationId: list_7
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered Authentication Device Notifiers for a security
domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/AuthenticationDeviceNotifier"
"500":
description: Internal server error
post:
tags:
- Authentication Device Notifier
- domain
summary: Create an Authentication Device Notifier
description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[CREATE] permission\
\ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[CREATE] permission\
\ on the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[CREATE] permission\
\ on the specified organization"
operationId: create_3
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewAuthenticationDeviceNotifier"
required: true
responses:
"201":
description: Authentication Device Notifier successfully created
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers/{authDeviceNotifier}:
get:
tags:
- Authentication Device Notifier
- domain
summary: Get an Authentication Device Notifier
description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[READ] permission\
\ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[READ] permission on\
\ the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[READ] permission\
\ on the specified organization"
operationId: get_10
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: authDeviceNotifier
in: path
required: true
schema:
type: string
responses:
"200":
description: Authentication Device Notifier successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/AuthenticationDeviceNotifier"
"500":
description: Internal server error
put:
tags:
- Authentication Device Notifier
- domain
summary: Update an Authentication Device Notifier
description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[UPDATE] permission\
\ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[UPDATE] permission\
\ on the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[UPDATE] permission\
\ on the specified organization"
operationId: update_3
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: authDeviceNotifier
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateAuthenticationDeviceNotifier"
required: true
responses:
"201":
description: Authentication Device Notifier successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/AuthenticationDeviceNotifier"
"500":
description: Internal server error
delete:
tags:
- Authentication Device Notifier
- domain
summary: Delete an Authentication Device Notifier
description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[DELETE] permission\
\ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[DELETE] permission\
\ on the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[DELETE] permission\
\ on the specified organization"
operationId: delete_3
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: authDeviceNotifier
in: path
required: true
schema:
type: string
responses:
"204":
description: Authentication Device Notifier successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections:
get:
tags:
- bot detection
- domain
summary: List registered bot detections for a security domain
description: "User must have the DOMAIN_BOT_DETECTION[LIST] permission on the\
\ specified domain or DOMAIN_BOT_DETECTION[LIST] permission on the specified\
\ environment or DOMAIN_BOT_DETECTION[LIST] permission on the specified organization\
\ Each returned bot detections is filtered and contains only basic information\
\ such as id, name."
operationId: listBotDetections
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered bot detections for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/BotDetection"
"500":
description: Internal server error
post:
tags:
- bot detection
- domain
summary: Create a bot detection
description: "User must have the DOMAIN_BOT_DETECTION[CREATE] permission on\
\ the specified domain or DOMAIN_BOT_DETECTION[CREATE] permission on the specified\
\ environment or DOMAIN_BOT_DETECTION[CREATE] permission on the specified\
\ organization"
operationId: createBotDetection
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewBotDetection"
required: true
responses:
"201":
description: Bot detection successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/BotDetection"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections/{botDetection}:
get:
tags:
- bot detection
- domain
summary: Get a bot detection
description: "User must have the DOMAIN_BOT_DETECTION[READ] permission on the\
\ specified domain or DOMAIN_BOT_DETECTION[READ] permission on the specified\
\ environment or DOMAIN_BOT_DETECTION[READ] permission on the specified organization"
operationId: getBotDetection
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: botDetection
in: path
required: true
schema:
type: string
responses:
"200":
description: Bot detection successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/BotDetection"
"500":
description: Internal server error
put:
tags:
- bot detection
- domain
summary: Update a bot detection
description: "User must have the DOMAIN_BOT_DETECTION[UPDATE] permission on\
\ the specified domain or DOMAIN_BOT_DETECTION[UPDATE] permission on the specified\
\ environment or DOMAIN_BOT_DETECTION[UPDATE] permission on the specified\
\ organization"
operationId: updateBotDetection
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: botDetection
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateBotDetection"
required: true
responses:
"201":
description: Bot detection successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/BotDetection"
"500":
description: Internal server error
delete:
tags:
- bot detection
- domain
summary: Delete a bot detection
description: "User must have the DOMAIN_BOT_DETECTION[DELETE] permission on\
\ the specified domain or DOMAIN_BOT_DETECTION[DELETE] permission on the specified\
\ environment or DOMAIN_BOT_DETECTION[DELETE] permission on the specified\
\ organization"
operationId: deleteBotDetection
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: botDetection
in: path
required: true
schema:
type: string
responses:
"204":
description: Bot detection successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates:
get:
tags:
- certificate
- domain
summary: List registered certificates for a security domain
description: "User must have the DOMAIN_CERTIFICATE[LIST] permission on the\
\ specified domain or DOMAIN_CERTIFICATE[LIST] permission on the specified\
\ environment or DOMAIN_CERTIFICATE[LIST] permission on the specified organization.\
\ Each returned certificate is filtered and contains only basic information\
\ such as id, name and type."
operationId: listCertificates
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: use
in: query
schema:
type: string
responses:
"200":
description: List registered certificates for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/CertificateEntity"
"500":
description: Internal server error
post:
tags:
- certificate
- domain
summary: Create a certificate
description: "User must have the DOMAIN_CERTIFICATE[CREATE] permission on the\
\ specified domain or DOMAIN_CERTIFICATE[CREATE] permission on the specified\
\ environment or DOMAIN_CERTIFICATE[CREATE] permission on the specified organization"
operationId: createCertificate
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewCertificate"
required: true
responses:
"201":
description: Certificate successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/ModifiedCertificateEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/rotate:
post:
tags:
- certificate
- domain
summary: Generate a new System a certificate
description: "User must have the DOMAIN_CERTIFICATE[CREATE] permission on the\
\ specified domain or DOMAIN_CERTIFICATE[CREATE] permission on the specified\
\ environment or DOMAIN_CERTIFICATE[CREATE] permission on the specified organization"
operationId: rotateCertificate
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"201":
description: Certificate successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/CertificateEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}:
get:
tags:
- certificate
- domain
summary: Get a certificate
description: "User must have the DOMAIN_CERTIFICATE[READ] permission on the\
\ specified domain or DOMAIN_CERTIFICATE[READ] permission on the specified\
\ environment or DOMAIN_CERTIFICATE[READ] permission on the specified organization"
operationId: findCertificate
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: certificate
in: path
required: true
schema:
type: string
responses:
"200":
description: Certificate successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/CertificateEntity"
"500":
description: Internal server error
put:
tags:
- certificate
- domain
summary: Update a certificate
description: "User must have the DOMAIN_CERTIFICATE[UPDATE] permission on the\
\ specified domain or DOMAIN_CERTIFICATE[UPDATE] permission on the specified\
\ environment or DOMAIN_CERTIFICATE[UPDATE] permission on the specified organization"
operationId: updateCertificate
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: certificate
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateCertificate"
required: true
responses:
"201":
description: Certificate successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/ModifiedCertificateEntity"
"500":
description: Internal server error
delete:
tags:
- certificate
- domain
summary: Delete a certificate
description: "User must have the DOMAIN_CERTIFICATE[DELETE] permission on the\
\ specified domain or DOMAIN_CERTIFICATE[DELETE] permission on the specified\
\ environment or DOMAIN_CERTIFICATE[DELETE] permission on the specified organization"
operationId: deleteCertificate
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: certificate
in: path
required: true
schema:
type: string
responses:
"204":
description: Certificate successfully deleted
"400":
description: Certificate is bind to existing clients
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}/key:
get:
tags:
- certificate
- domain
summary: Get the certificate public key
description: "User must have the DOMAIN[READ] permission on the specified domain\
\ or DOMAIN[READ] permission on the specified environment or DOMAIN[READ]\
\ permission on the specified organization"
operationId: getCertificatePublicKey
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: certificate
in: path
required: true
schema:
type: string
responses:
"200":
description: Certificate key successfully fetched
content:
application/json:
schema:
type: string
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}/keys:
get:
tags:
- certificate
- domain
summary: Get the certificate public keys
description: "User must have the DOMAIN[READ] permission on the specified domain\
\ or DOMAIN[READ] permission on the specified environment or DOMAIN[READ]\
\ permission on the specified organization"
operationId: getCertificatePublicKeys
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: certificate
in: path
required: true
schema:
type: string
responses:
"200":
description: Certificate keys successfully fetched
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/CertificateKey"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers:
get:
tags:
- device identifiers
- domain
summary: List registered device identifiers for a security domain
description: "User must have the DOMAIN_DEVICE_IDENTIFIERS[LIST] permission\
\ on the specified domain or DOMAIN_DEVICE_IDENTIFIERS[LIST] permission on\
\ the specified environment or DOMAIN_DEVICE_IDENTIFIERS[LIST] permission\
\ on the specified organization Each returned bot detections is filtered and\
\ contains only basic information such as id, name."
operationId: listDeviceIdentifiers
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered device identifiers for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/DeviceIdentifier"
"500":
description: Internal server error
post:
tags:
- device identifiers
- domain
summary: Create a device identifier
description: "User must have the DOMAIN_DEVICE_IDENTIFIER[CREATE] permission\
\ on the specified domain or DOMAIN_DEVICE_IDENTIFIER[CREATE] permission on\
\ the specified environment or DOMAIN_DEVICE_IDENTIFIER[CREATE] permission\
\ on the specified organization"
operationId: createDeviceIdentifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewDeviceIdentifier"
required: true
responses:
"201":
description: Device identifiers successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceIdentifier"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers/{deviceIdentifier}:
get:
tags:
- device identifiers
- domain
summary: Get a Device identifier
description: "User must have the DOMAIN_DEVICE_IDENTIFIER[READ] permission on\
\ the specified domain or DOMAIN_DEVICE_IDENTIFIER[READ] permission on the\
\ specified environment or DOMAIN_DEVICE_IDENTIFIER[READ] permission on the\
\ specified organization"
operationId: getDeviceIdentifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: deviceIdentifier
in: path
required: true
schema:
type: string
responses:
"200":
description: Device identifier successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceIdentifier"
"500":
description: Internal server error
put:
tags:
- device identifiers
- domain
summary: Update a Device identifier
description: "User must have the DOMAIN_DEVICE_IDENTIFIER[UPDATE] permission\
\ on the specified domain or DOMAIN_DEVICE_IDENTIFIER[UPDATE] permission on\
\ the specified environment or DOMAIN_DEVICE_IDENTIFIER[UPDATE] permission\
\ on the specified organization"
operationId: updateDeviceIdentifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: deviceIdentifier
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateDeviceIdentifier"
required: true
responses:
"201":
description: Device identifier successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceIdentifier"
"500":
description: Internal server error
delete:
tags:
- device identifiers
- domain
summary: Delete a Device identifier
description: "User must have the DOMAIN_DEVICE_IDENTIFIER[DELETE] permission\
\ on the specified domain or DOMAIN_DEVICE_IDENTIFIER[DELETE] permission on\
\ the specified environment or DOMAIN_DEVICE_IDENTIFIER[DELETE] permission\
\ on the specified organization"
operationId: deleteDeviceIdentifier
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: deviceIdentifier
in: path
required: true
schema:
type: string
responses:
"204":
description: Device identifier successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/emails:
get:
tags:
- email
- domain
summary: Find a email
description: "User must have the DOMAIN_EMAIL_TEMPLATE[READ] permission on the\
\ specified domain or DOMAIN_EMAIL_TEMPLATE[READ] permission on the specified\
\ environment or DOMAIN_EMAIL_TEMPLATE[READ] permission on the specified organization"
operationId: get_11
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: template
in: query
required: true
schema:
type: string
enum:
- LOGIN
- REGISTRATION
- REGISTRATION_CONFIRMATION
- REGISTRATION_VERIFY
- FORGOT_PASSWORD
- RESET_PASSWORD
- OAUTH2_USER_CONSENT
- MFA_ENROLL
- MFA_CHALLENGE
- MFA_CHALLENGE_ALTERNATIVES
- MFA_RECOVERY_CODE
- BLOCKED_ACCOUNT
- COMPLETE_PROFILE
- WEBAUTHN_REGISTER
- WEBAUTHN_REGISTER_SUCCESS
- WEBAUTHN_LOGIN
- IDENTIFIER_FIRST_LOGIN
- ERROR
- CERTIFICATE_EXPIRATION
- VERIFY_ATTEMPT
responses:
"200":
description: Email successfully fetched
"500":
description: Internal server error
post:
tags:
- email
- domain
summary: Create a email
description: "User must have the DOMAIN_EMAIL_TEMPLATE[CREATE] permission on\
\ the specified domain or DOMAIN_EMAIL_TEMPLATE[CREATE] permission on the\
\ specified environment or DOMAIN_EMAIL_TEMPLATE[CREATE] permission on the\
\ specified organization"
operationId: create_4
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewEmail"
required: true
responses:
"201":
description: Email successfully created
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/emails/{email}:
put:
tags:
- email
- domain
summary: Update an email
description: "User must have the DOMAIN_EMAIL_TEMPLATE[UPDATE] permission on\
\ the specified domain or DOMAIN_EMAIL_TEMPLATE[UPDATE] permission on the\
\ specified environment or DOMAIN_EMAIL_TEMPLATE[UPDATE] permission on the\
\ specified organization"
operationId: update_4
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: email
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateEmail"
required: true
responses:
"201":
description: Email successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Email"
"500":
description: Internal server error
delete:
tags:
- email
- domain
summary: Delete an email
description: "User must have the DOMAIN_EMAIL_TEMPLATE[DELETE] permission on\
\ the specified domain or DOMAIN_EMAIL_TEMPLATE[DELETE] permission on the\
\ specified environment or DOMAIN_EMAIL_TEMPLATE[DELETE] permission on the\
\ specified organization"
operationId: delete_4
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: email
in: path
required: true
schema:
type: string
responses:
"204":
description: Email successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/entrypoints:
get:
tags:
- domain
summary: Get the matching gateway entrypoint of the domain
description: "User must have the DOMAIN[READ] permission on the specified domain,\
\ environment or organization. Domain will be filtered according to permissions\
\ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\
\ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)"
operationId: getDomainEntrypoints
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: Domain entrypoint
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Entrypoint"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/extensionGrants:
get:
tags:
- extension grant
- domain
summary: List registered extension grants for a security domain
description: "User must have the DOMAIN_EXTENSION_GRANT[LIST] permission on\
\ the specified domain or DOMAIN_EXTENSION_GRANT[LIST] permission on the specified\
\ environment or DOMAIN_EXTENSION_GRANT[LIST] permission on the specified\
\ organization. Each returned extension grant is filtered and contains only\
\ basic information such as id, name and type."
operationId: listExtensionGrants
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered extension grants for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/ExtensionGrant"
"500":
description: Internal server error
post:
tags:
- extension grant
- domain
summary: Create a extension grant
description: "User must have the DOMAIN_EXTENSION_GRANT[CREATE] permission on\
\ the specified domain or DOMAIN_EXTENSION_GRANT[CREATE] permission on the\
\ specified environment or DOMAIN_EXTENSION_GRANT[CREATE] permission on the\
\ specified organization"
operationId: createExtensionGrant
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewExtensionGrant"
required: true
responses:
"201":
description: Extension grant successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/ExtensionGrant"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/extensionGrants/{extensionGrant}:
get:
tags:
- extension grant
- domain
summary: Get a extension grant
description: "User must have the DOMAIN_EXTENSION_GRANT[READ] permission on\
\ the specified domain or DOMAIN_EXTENSION_GRANT[READ] permission on the specified\
\ environment or DOMAIN_EXTENSION_GRANT[READ] permission on the specified\
\ organization"
operationId: getExtensionGrant
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: extensionGrant
in: path
required: true
schema:
type: string
responses:
"200":
description: Extension grant successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/ExtensionGrant"
"500":
description: Internal server error
put:
tags:
- extension grant
- domain
summary: Update an extension grant
description: "User must have the DOMAIN_EXTENSION_GRANT[UPDATE] permission on\
\ the specified domain or DOMAIN_EXTENSION_GRANT[UPDATE] permission on the\
\ specified environment or DOMAIN_EXTENSION_GRANT[UPDATE] permission on the\
\ specified organization"
operationId: updateExtensionGrant
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: extensionGrant
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateExtensionGrant"
required: true
responses:
"201":
description: Extension grant successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/ExtensionGrant"
"500":
description: Internal server error
delete:
tags:
- extension grant
- domain
summary: Delete a extension grant
description: "User must have the DOMAIN_EXTENSION_GRANT[DELETE] permission on\
\ the specified domain or DOMAIN_EXTENSION_GRANT[DELETE] permission on the\
\ specified environment or DOMAIN_EXTENSION_GRANT[DELETE] permission on the\
\ specified organization"
operationId: deleteExtensionGrant
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: extensionGrant
in: path
required: true
schema:
type: string
responses:
"204":
description: Extension grant successfully deleted
"400":
description: Extension grant is bind to existing clients
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/factors:
get:
tags:
- factor
- domain
summary: List registered factors for a security domain
description: "User must have the DOMAIN_FACTOR[LIST] permission on the specified\
\ domain or DOMAIN_FACTOR[LIST] permission on the specified environment or\
\ DOMAIN_FACTOR[LIST] permission on the specified organization Each returned\
\ factor is filtered and contains only basic information such as id, name\
\ and factor type."
operationId: listFactors
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered factors for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Factor"
"500":
description: Internal server error
post:
tags:
- factor
- domain
summary: Create a factor
description: "User must have the DOMAIN_FACTOR[CREATE] permission on the specified\
\ domain or DOMAIN_FACTOR[CREATE] permission on the specified environment\
\ or DOMAIN_FACTOR[CREATE] permission on the specified organization"
operationId: createFactor
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewFactor"
required: true
responses:
"201":
description: Factor successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/Factor"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/factors/{factor}:
get:
tags:
- factor
- domain
summary: Get a factor
description: "User must have the DOMAIN_FACTOR[READ] permission on the specified\
\ domain or DOMAIN_FACTOR[READ] permission on the specified environment or\
\ DOMAIN_FACTOR[READ] permission on the specified organization"
operationId: getFactor
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: factor
in: path
required: true
schema:
type: string
responses:
"200":
description: Factor successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Factor"
"500":
description: Internal server error
put:
tags:
- factor
- domain
summary: Update a factor
description: "User must have the DOMAIN_FACTOR[UPDATE] permission on the specified\
\ domain or DOMAIN_FACTOR[UPDATE] permission on the specified environment\
\ or DOMAIN_FACTOR[UPDATE] permission on the specified organization"
operationId: updateFactor
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: factor
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateFactor"
required: true
responses:
"201":
description: Factor successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Factor"
"500":
description: Internal server error
delete:
tags:
- factor
- domain
summary: Delete a factor
description: "User must have the DOMAIN_FACTOR[DELETE] permission on the specified\
\ domain or DOMAIN_FACTOR[DELETE] permission on the specified environment\
\ or DOMAIN_FACTOR[DELETE] permission on the specified organization"
operationId: deleteFactor
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: factor
in: path
required: true
schema:
type: string
responses:
"204":
description: Factor successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/flows:
get:
tags:
- flow
- domain
summary: List registered flows for a security domain
description: "User must have the DOMAIN_FLOW[LIST] permission on the specified\
\ domain or DOMAIN_FLOW[LIST] permission on the specified environment or DOMAIN_FLOW[LIST]\
\ permission on the specified organization. Except if user has DOMAIN_FLOW[READ]\
\ permission on the domain, environment or organization, each returned flow\
\ is filtered and contains only basic information such as id and name and\
\ isEnabled."
operationId: listDomainFlows
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered flows for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
put:
tags:
- flow
- domain
summary: Create or update list of flows
description: "User must have the DOMAIN_FLOW[UPDATE] permission on the specified\
\ domain or DOMAIN_FLOW[UPDATE] permission on the specified environment or\
\ DOMAIN_FLOW[UPDATE] permission on the specified organization"
operationId: defineDomainFlows
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Flow"
required: true
responses:
"200":
description: Flows successfully updated
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/flows/{flow}:
get:
tags:
- flow
- domain
summary: Get a flow
description: "User must have the DOMAIN_FLOW[READ] permission on the specified\
\ domain or DOMAIN_FLOW[READ] permission on the specified environment or DOMAIN_FLOW[READ]\
\ permission on the specified organization"
operationId: getDomainFlow
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: flow
in: path
required: true
schema:
type: string
responses:
"200":
description: Flow
content:
application/json:
schema:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
put:
tags:
- flow
- domain
summary: Update a flow
description: "User must have the DOMAIN_FLOW[UPDATE] permission on the specified\
\ domain or DOMAIN_FLOW[UPDATE] permission on the specified environment or\
\ DOMAIN_FLOW[UPDATE] permission on the specified organization"
operationId: updateDomainFlow
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: flow
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/Flow"
required: true
responses:
"201":
description: Flow successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/FlowEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/forms:
get:
tags:
- form
- domain
summary: Find a form
description: "User must have the DOMAIN_FORM[READ] permission on the specified\
\ domain or DOMAIN_FORM[READ] permission on the specified environment or DOMAIN_FORM[READ]\
\ permission on the specified organization"
operationId: get_12
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: template
in: query
required: true
schema:
type: string
enum:
- LOGIN
- REGISTRATION
- REGISTRATION_CONFIRMATION
- REGISTRATION_VERIFY
- FORGOT_PASSWORD
- RESET_PASSWORD
- OAUTH2_USER_CONSENT
- MFA_ENROLL
- MFA_CHALLENGE
- MFA_CHALLENGE_ALTERNATIVES
- MFA_RECOVERY_CODE
- BLOCKED_ACCOUNT
- COMPLETE_PROFILE
- WEBAUTHN_REGISTER
- WEBAUTHN_REGISTER_SUCCESS
- WEBAUTHN_LOGIN
- IDENTIFIER_FIRST_LOGIN
- ERROR
- CERTIFICATE_EXPIRATION
- VERIFY_ATTEMPT
responses:
"200":
description: Form successfully fetched
"500":
description: Internal server error
post:
tags:
- form
- domain
summary: Create a form
description: "User must have the DOMAIN_FORM[CREATE] permission on the specified\
\ domain or DOMAIN_FORM[CREATE] permission on the specified environment or\
\ DOMAIN_FORM[CREATE] permission on the specified organization"
operationId: create_5
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewForm"
required: true
responses:
"201":
description: Form successfully created
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/forms/preview:
post:
tags:
- form
- preview
- domain
summary: Render the provided template
description: "User must have the DOMAIN_THEME[READ] permission on the specified\
\ domain or DOMAIN_THEME[READ] permission on the specified environment or\
\ DOMAIN_THEME[READ] permission on the specified organization"
operationId: renderDomainTemplate
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PreviewRequest"
required: true
responses:
"200":
description: Template successfully rendered
content:
application/json:
schema:
$ref: "#/components/schemas/PreviewResponse"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/forms/{form}:
put:
tags:
- form
- domain
summary: Update a form
description: "User must have the DOMAIN_FORM[UPDATE] permission on the specified\
\ domain or DOMAIN_FORM[UPDATE] permission on the specified environment or\
\ DOMAIN_FORM[UPDATE] permission on the specified organization"
operationId: update_5
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: form
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateForm"
required: true
responses:
"201":
description: Form successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Form"
"500":
description: Internal server error
delete:
tags:
- form
- domain
summary: Delete a form
description: "User must have the DOMAIN_FORM[DELETE] permission on the specified\
\ domain or DOMAIN_FORM[DELETE] permission on the specified environment or\
\ DOMAIN_FORM[DELETE] permission on the specified organization"
operationId: delete_5
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: form
in: path
required: true
schema:
type: string
responses:
"204":
description: Form successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups:
get:
tags:
- group
- domain
summary: List groups for a security domain
description: "User must have the DOMAIN_GROUP[LIST] permission on the specified\
\ domain or DOMAIN_GROUP[LIST] permission on the specified environment or\
\ DOMAIN_GROUP[LIST] permission on the specified organization. Each returned\
\ group is filtered and contains only basic information such as id and name."
operationId: listGroups
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 100
responses:
"200":
description: List groups for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/GroupPage"
"500":
description: Internal server error
post:
tags:
- group
- domain
summary: Create a group
description: "User must have the DOMAIN_GROUP[CREATE] permission on the specified\
\ domain or DOMAIN_GROUP[CREATE] permission on the specified environment or\
\ DOMAIN_GROUP[CREATE] permission on the specified organization"
operationId: createGroup
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewGroup"
required: true
responses:
"201":
description: Group successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/Group"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}:
get:
tags:
- group
- domain
summary: Get a group
description: "User must have the DOMAIN_GROUP[READ] permission on the specified\
\ domain or DOMAIN_GROUP[READ] permission on the specified environment or\
\ DOMAIN_GROUP[READ] permission on the specified organization"
operationId: findGroup
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
responses:
"200":
description: Group successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Group"
"500":
description: Internal server error
put:
tags:
- group
- domain
summary: Update a group
description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\
\ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\
\ DOMAIN_GROUP[UPDATE] permission on the specified organization"
operationId: updateGroup
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateGroup"
required: true
responses:
"201":
description: Group successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Group"
"500":
description: Internal server error
delete:
tags:
- group
- domain
summary: Delete a group
description: "User must have the DOMAIN_GROUP[DELETE] permission on the specified\
\ domain or DOMAIN_GROUP[DELETE] permission on the specified environment or\
\ DOMAIN_GROUP[DELETE] permission on the specified organization"
operationId: deleteGroup
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
responses:
"204":
description: Group successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/members:
get:
tags:
- group
- domain
summary: List group members
description: "User must have the DOMAIN_GROUP[READ] permission on the specified\
\ domain or DOMAIN_GROUP[READ] permission on the specified environment or\
\ DOMAIN_GROUP[READ] permission on the specified organization"
operationId: getGroupMembers
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 30
responses:
"200":
description: Group members successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/members/{member}:
post:
tags:
- group
- domain
summary: Add a group member
description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\
\ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\
\ DOMAIN_GROUP[UPDATE] permission on the specified organization"
operationId: addGroupMember
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
- name: member
in: path
required: true
schema:
type: string
responses:
"200":
description: Member has been added successfully
"400":
description: User does not exist
"500":
description: Internal server error
delete:
tags:
- group
- domain
summary: Remove a group member
description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\
\ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\
\ DOMAIN_GROUP[UPDATE] permission on the specified organization"
operationId: removeGroupMember
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
- name: member
in: path
required: true
schema:
type: string
responses:
"200":
description: Member has been removed successfully
"400":
description: User does not exist
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/roles:
get:
tags:
- group
- domain
summary: Get a group roles
description: "User must have the DOMAIN_GROUP[READ] permission on the specified\
\ domain or DOMAIN_GROUP[READ] permission on the specified environment or\
\ DOMAIN_GROUP[READ] permission on the specified organization"
operationId: findGroupRoles
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
responses:
"200":
description: Group roles successfully fetched
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Role"
"500":
description: Internal server error
post:
tags:
- group
- domain
summary: Assign roles to a group
description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\
\ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\
\ DOMAIN_GROUP[UPDATE] permission on the specified organization"
operationId: assignRoles
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
type: array
items:
type: string
required: true
responses:
"200":
description: Roles successfully assigned
content:
application/json:
schema:
$ref: "#/components/schemas/Group"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/roles/{role}:
delete:
tags:
- group
- domain
summary: Revoke role to a group
description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\
\ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\
\ DOMAIN_GROUP[UPDATE] permission on the specified organization"
operationId: revokeRole
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
responses:
"200":
description: Roles successfully revoked
content:
application/json:
schema:
$ref: "#/components/schemas/Group"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/i18n/dictionaries:
get:
tags:
- dictionary
- domain
summary: List all i18n dictionaries supported for a security domain
description: "User must have the DOMAIN_I18N_DICTIONARY[LIST] permission on\
\ the specified domain or DOMAIN_I18N_DICTIONARY[LIST] permission on the specified\
\ environment or DOMAIN_I18N_DICTIONARY[LIST] permission on the specified\
\ organization."
operationId: listI18nDictionaries
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List of i18n dictionaries for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/I18nDictionary"
"500":
description: Internal server error
post:
tags:
- dictionary
- domain
summary: Create a new i18n dictionary for a supported language for a security
domain
description: "User must have the DOMAIN_I18N_DICTIONARY[CREATE] permission on\
\ the specified domain or DOMAIN_I18N_DICTIONARY[CREATE] permission on the\
\ specified environment or DOMAIN_I18N_DICTIONARY[CREATE] permission on the\
\ specified organization."
operationId: createI18nDictionary
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
'*/*':
schema:
$ref: "#/components/schemas/NewDictionary"
required: true
responses:
"201":
description: Create a new i18n dictionary for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/I18nDictionary"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/i18n/dictionaries/{dictionary}:
get:
tags:
- dictionary
- domain
summary: Get a i18n dictionary
description: "User must have the DOMAIN_I18N_DICTIONARY[READ] permission on\
\ the specified domain or DOMAIN_I18N_DICTIONARY[READ] permission on the specified\
\ environment or DOMAIN_I18N_DICTIONARY[READ] permission on the specified\
\ organization."
operationId: getI18nDictionary
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: dictionary
in: path
required: true
schema:
type: string
responses:
"200":
description: Get the i18n dictionary
content:
application/json:
schema:
$ref: "#/components/schemas/I18nDictionary"
"500":
description: Internal server error
put:
tags:
- dictionary
- domain
summary: Update a i18n dictionary description
description: "User must have the DOMAIN_I18N_DICTIONARY[UPDATE] permission on\
\ the specified domain or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\
\ specified environment or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\
\ specified organization."
operationId: putI18nDictionary
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: dictionary
in: path
required: true
schema:
type: string
requestBody:
content:
'*/*':
schema:
$ref: "#/components/schemas/UpdateI18nDictionary"
required: true
responses:
"200":
description: Update the i18n dictionary description
content:
application/json:
schema:
$ref: "#/components/schemas/I18nDictionary"
"500":
description: Internal server error
delete:
tags:
- dictionary
- domain
summary: Delete a i18n dictionary
description: "User must have the DOMAIN_I18N_DICTIONARY[DELETE] permission on\
\ the specified domain or DOMAIN_I18N_DICTIONARY[DELETE] permission on the\
\ specified environment or DOMAIN_I18N_DICTIONARY[DELETE] permission on the\
\ specified organization."
operationId: deleteI18nDictionary
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: dictionary
in: path
required: true
schema:
type: string
responses:
"200":
description: Delete a i18n dictionary from a security domain
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/i18n/dictionaries/{dictionary}/entries:
put:
tags:
- dictionary
- domain
summary: Update all the entries for a i18n dictionary description
description: "User must have the DOMAIN_I18N_DICTIONARY[UPDATE] permission on\
\ the specified domain or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\
\ specified environment or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\
\ specified organization."
operationId: replaceI18nDictionaryEntries
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: dictionary
in: path
required: true
schema:
type: string
requestBody:
content:
'*/*':
schema:
type: object
additionalProperties:
type: string
required: true
responses:
"200":
description: Update the i18n entries for the given dictionary
content:
application/json:
schema:
$ref: "#/components/schemas/I18nDictionary"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities:
get:
tags:
- identity provider
- domain
summary: List registered identity providers for a security domain
description: "User must have the DOMAIN_IDENTITY_PROVIDER[LIST] permission on\
\ the specified domain or DOMAIN_IDENTITY_PROVIDER[LIST] permission on the\
\ specified environment or DOMAIN_IDENTITY_PROVIDER[LIST] permission on the\
\ specified organization. Each returned identity provider is filtered and\
\ contains only basic information such as id, name and type."
operationId: listIdentityProviders
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: userProvider
in: query
schema:
type: boolean
responses:
"200":
description: List registered identity providers for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/FilteredIdentityProviderInfo"
"500":
description: Internal server error
post:
tags:
- identity provider
- domain
summary: Create an identity provider
description: "User must have the DOMAIN_IDENTITY_PROVIDER[CREATE] permission\
\ on the specified domain or DOMAIN_IDENTITY_PROVIDER[CREATE] permission on\
\ the specified environment or DOMAIN_IDENTITY_PROVIDER[CREATE] permission\
\ on the specified organization"
operationId: createIdentityProvider
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewIdentityProvider"
required: true
responses:
"201":
description: Identity provider successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/IdentityProvider"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities/{identity}:
get:
tags:
- identity provider
- domain
summary: Get an identity provider
description: "User must have the DOMAIN_IDENTITY_PROVIDER[READ] permission on\
\ the specified domain or DOMAIN_IDENTITY_PROVIDER[READ] permission on the\
\ specified environment or DOMAIN_IDENTITY_PROVIDER[READ] permission on the\
\ specified organization"
operationId: findIdentityProvider
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
responses:
"200":
description: Identity provider
content:
application/json:
schema:
$ref: "#/components/schemas/IdentityProvider"
"500":
description: Internal server error
put:
tags:
- identity provider
- domain
summary: Update an identity provider
description: "User must have the DOMAIN_IDENTITY_PROVIDER[UPDATE] permission\
\ on the specified domain or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission on\
\ the specified environment or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission\
\ on the specified organization"
operationId: updateIdentityProvider
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateIdentityProvider"
required: true
responses:
"201":
description: Identity provider successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/IdentityProvider"
"500":
description: Internal server error
delete:
tags:
- identity provider
- domain
summary: Delete an identity provider
description: "User must have the DOMAIN_IDENTITY_PROVIDER[DELETE] permission\
\ on the specified domain or DOMAIN_IDENTITY_PROVIDER[DELETE] permission on\
\ the specified environment or DOMAIN_IDENTITY_PROVIDER[DELETE] permission\
\ on the specified organization"
operationId: deleteIdentityProvider
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
responses:
"204":
description: Identity provider successfully deleted
"400":
description: Identity provider is bind to existing clients
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities/{identity}/password-policy:
put:
tags:
- identity provider
- domain
summary: Assign password policy to identity provider
description: "User must have the DOMAIN_IDENTITY_PROVIDER[UPDATE] permission\
\ on the specified domain or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission on\
\ the specified environment or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission\
\ on the specified organization"
operationId: assignPasswordPolicyToIdp
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/AssignPasswordPolicy"
required: true
responses:
"201":
description: Password Policy successfully assigned to Identity provider
content:
application/json:
schema:
$ref: "#/components/schemas/AssignPasswordPolicy"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/members:
get:
tags:
- domain
summary: List members for a security domain
description: "User must have the DOMAIN_MEMBER[LIST] permission on the specified\
\ domain or DOMAIN_MEMBER[LIST] permission on the specified environment or\
\ DOMAIN_MEMBER[LIST] permission on the specified organization"
operationId: list_8
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List members for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/MembershipListItem"
"500":
description: Internal server error
post:
tags:
- domain
summary: Add or update an security domain member
description: "User must have the DOMAIN_MEMBER[CREATE] permission on the specified\
\ domain or DOMAIN_MEMBER[CREATE] permission on the specified environment\
\ or DOMAIN_MEMBER[CREATE] permission on the specified organization"
operationId: addOrUpdateMember_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewMembership"
required: true
responses:
"201":
description: Member has been added or updated successfully
"400":
description: Membership parameter is not valid
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/members/permissions:
get:
tags:
- domain
summary: List domain member's permissions
description: "User must have DOMAIN[READ] permission on the specified domain\
\ or DOMAIN[READ] permission on the specified environment or DOMAIN[READ]\
\ permission on the specified organization"
operationId: permissions_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: Domain member's permissions
content:
application/json:
schema:
type: string
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/members/{member}:
delete:
tags:
- domain
summary: Remove a membership
description: "User must have the DOMAIN_MEMBER[DELETE] permission on the specified\
\ domain or DOMAIN_MEMBER[DELETE] permission on the specified environment\
\ or DOMAIN_MEMBER[DELETE] permission on the specified organization"
operationId: removeMember_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: member
in: path
required: true
schema:
type: string
responses:
"204":
description: Membership successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies:
get:
tags:
- Password Policy
- domain
summary: List registered password policies for a security domain
description: "User must have the DOMAIN_SETTINGS[READ] permission on the specified\
\ domain or DOMAIN_SETTINGS[READ] permission on the specified environment\
\ or DOMAIN_SETTINGS[READ] permission on the specified organization. "
operationId: listPasswordPolicies
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered password policies for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/PasswordPolicyEntity"
"500":
description: Internal server error
post:
tags:
- Password Policy
- domain
summary: Create a password policy
description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
\ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
\ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization"
operationId: createPasswordPolicy
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewPasswordPolicy"
required: true
responses:
"201":
description: Password Policy successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/PasswordPolicy"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/activePolicy:
get:
tags:
- Password Policy
- domain
operationId: getEffectivePasswordPolicy
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: identity
in: query
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}:
get:
tags:
- Password Policy
- domain
summary: Read a password policy
description: "User must have the DOMAIN_SETTINGS[READ] permission on the specified\
\ domain or DOMAIN_SETTINGS[READ] permission on the specified environment\
\ or DOMAIN_SETTINGS[READ] permission on the specified organization"
operationId: getPasswordPolicy
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: policy
in: path
required: true
schema:
type: string
responses:
"200":
description: Password Policy description
content:
application/json:
schema:
$ref: "#/components/schemas/PasswordPolicy"
"500":
description: Internal server error
put:
tags:
- Password Policy
- domain
summary: Update a password policy
description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
\ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
\ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization"
operationId: updatePasswordPolicy
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: policy
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdatePasswordPolicy"
required: true
responses:
"200":
description: Password Policy successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/PasswordPolicy"
"500":
description: Internal server error
delete:
tags:
- Password Policy
- domain
summary: Delete a password policy
description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
\ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
\ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization"
operationId: deletePasswordPolicy
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: policy
in: path
required: true
schema:
type: string
responses:
"204":
description: Password Policy successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}/default:
post:
tags:
- Password Policy
- domain
summary: Set default policy
description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
\ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
\ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization"
operationId: setDefaultPolicy
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: policy
in: path
required: true
schema:
type: string
responses:
"200":
description: Default policy updated
content:
application/json:
schema:
$ref: "#/components/schemas/PasswordPolicy"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}/evaluate:
post:
tags:
- Password Policy
- domain
operationId: evaluatePolicy
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: policy
in: path
required: true
schema:
type: string
responses:
"200":
description: Result of evaluating the password against the policy
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/reporters:
get:
tags:
- reporter
- domain
summary: List registered reporters for a security domain
description: "User must have the DOMAIN_REPORTER[LIST] permission on the specified\
\ domain or DOMAIN_REPORTER[LIST] permission on the specified environment\
\ or DOMAIN_REPORTER[LIST] permission on the specified organization. Except\
\ if user has DOMAIN_REPORTER[READ] permission on the domain, environment\
\ or organization, each returned reporter is filtered and contains only basic\
\ information such as id and name and type."
operationId: list_9
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: userProvider
in: query
schema:
type: boolean
responses:
"200":
description: List registered reporters for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
post:
tags:
- reporter
- domain
summary: Create a reporter for a security domain
description: "User must have the DOMAIN_REPORTER[CREATE] permission on the specified\
\ domain or DOMAIN_REPORTER[CREATE] permission on the specified environment\
\ or DOMAIN_REPORTER[CREATE] permission on the specified organization."
operationId: create_6
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewReporter"
responses:
"201":
description: Reporter created for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/reporters/{reporter}:
get:
tags:
- reporter
- domain
summary: Get a reporter
description: "User must have the DOMAIN_REPORTER[READ] permission on the specified\
\ domain or DOMAIN_REPORTER[READ] permission on the specified environment\
\ or DOMAIN_REPORTER[READ] permission on the specified organization"
operationId: get_13
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: reporter
in: path
required: true
schema:
type: string
responses:
"200":
description: Reporter successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
put:
tags:
- reporter
- domain
summary: Update a reporter
description: "User must have the DOMAIN_REPORTER[UPDATE] permission on the specified\
\ domain or DOMAIN_REPORTER[UPDATE] permission on the specified environment\
\ or DOMAIN_REPORTER[UPDATE] permission on the specified organization"
operationId: update_6
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: reporter
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateReporter"
required: true
responses:
"201":
description: Reporter successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
delete:
tags:
- reporter
- domain
summary: Delete a reporter
description: "User must have the DOMAIN_REPORTER[DELETE] permission on the specified\
\ domain or DOMAIN_REPORTER[DELETE] permission on the specified environment\
\ or DOMAIN_REPORTER[DELETE] permission on the specified organization"
operationId: delete_6
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: reporter
in: path
required: true
schema:
type: string
responses:
"204":
description: Reporter successfully removed
content:
application/json: {}
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/resources:
get:
tags:
- resource
- domain
summary: List registered resources for a security domain
description: "User must have the DOMAIN_RESOURCE[LIST] permission on the specified\
\ domain or DOMAIN_RESOURCE[LIST] permission on the specified environment\
\ or DOMAIN_RESOURCE[LIST] permission on the specified organization Each returned\
\ resource is filtered and contains only basic information such as id, name\
\ and resource type."
operationId: listResources
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered resources for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/ServiceResource"
"500":
description: Internal server error
post:
tags:
- resource
- domain
summary: Create a resource
description: "User must have the DOMAIN_RESOURCE[CREATE] permission on the specified\
\ domain or DOMAIN_RESOURCE[CREATE] permission on the specified environment\
\ or DOMAIN_RESOURCE[CREATE] permission on the specified organization"
operationId: createResource
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewServiceResource"
required: true
responses:
"201":
description: Resource successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/ServiceResource"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/resources/{resource}:
get:
tags:
- resource
- domain
summary: Get a resource
description: "User must have the DOMAIN_RESOURCE[READ] permission on the specified\
\ domain or DOMAIN_RESOURCE[READ] permission on the specified environment\
\ or DOMAIN_RESOURCE[READ] permission on the specified organization"
operationId: getResource
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: resource
in: path
required: true
schema:
type: string
responses:
"200":
description: Resource successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/ServiceResource"
"500":
description: Internal server error
put:
tags:
- resource
- domain
summary: Update a resource
description: "User must have the DOMAIN_RESOURCE[UPDATE] permission on the specified\
\ domain or DOMAIN_RESOURCE[UPDATE] permission on the specified environment\
\ or DOMAIN_RESOURCE[UPDATE] permission on the specified organization"
operationId: updateResource
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: resource
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateServiceResource"
required: true
responses:
"201":
description: Resource successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/ServiceResource"
"500":
description: Internal server error
delete:
tags:
- resource
- domain
summary: Delete a resource
description: "User must have the DOMAIN_RESOURCE[DELETE] permission on the specified\
\ domain or DOMAIN_RESOURCE[DELETE] permission on the specified environment\
\ or DOMAIN_RESOURCE[DELETE] permission on the specified organization"
operationId: deleteResource
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: resource
in: path
required: true
schema:
type: string
responses:
"204":
description: Resource successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/roles:
get:
tags:
- role
- domain
summary: List registered roles for a security domain
description: "User must have the DOMAIN_ROLE[LIST] permission on the specified\
\ domain or DOMAIN_ROLE[LIST] permission on the specified environment or DOMAIN_ROLE[LIST]\
\ permission on the specified organization. Each returned role is filtered\
\ and contains only basic information such as id and name."
operationId: findRoles
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 50
- name: q
in: query
schema:
type: string
responses:
"200":
description: List registered roles for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/RolePage"
"500":
description: Internal server error
post:
tags:
- role
- domain
summary: Create a role
description: "User must have the DOMAIN_ROLE[CREATE] permission on the specified\
\ domain or DOMAIN_ROLE[CREATE] permission on the specified environment or\
\ DOMAIN_ROLE[CREATE] permission on the specified organization"
operationId: createRole
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewRole"
required: true
responses:
"201":
description: Role successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/Role"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/roles/{role}:
get:
tags:
- role
- domain
summary: Get a role
description: "User must have the DOMAIN_ROLE[READ] permission on the specified\
\ domain or DOMAIN_ROLE[READ] permission on the specified environment or DOMAIN_ROLE[READ]\
\ permission on the specified organization"
operationId: findRole
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
responses:
"200":
description: Role successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/RoleEntity"
"500":
description: Internal server error
put:
tags:
- role
- domain
summary: Update a role
description: "User must have the DOMAIN_ROLE[UPDATE] permission on the specified\
\ domain or DOMAIN_ROLE[UPDATE] permission on the specified environment or\
\ DOMAIN_ROLE[UPDATE] permission on the specified organization"
operationId: updateRole
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateRole"
required: true
responses:
"201":
description: Role successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/RoleEntity"
"500":
description: Internal server error
delete:
tags:
- role
- domain
summary: Delete a role
description: "User must have the DOMAIN_ROLE[DELETE] permission on the specified\
\ domain or DOMAIN_ROLE[DELETE] permission on the specified environment or\
\ DOMAIN_ROLE[DELETE] permission on the specified organization"
operationId: deleteRole
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
responses:
"204":
description: Role successfully deleted
"400":
description: Role is bind to existing users
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/scopes:
get:
tags:
- scope
- domain
summary: List scopes for a security domain
description: "User must have the DOMAIN_SCOPE[LIST] permission on the specified\
\ domain or DOMAIN_SCOPE[LIST] permission on the specified environment or\
\ DOMAIN_SCOPE[LIST] permission on the specified organization Each returned\
\ scope is filtered and contains only basic information such as id, key, name,\
\ description, isSystem and isDiscovery."
operationId: listScopes
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 50
- name: q
in: query
schema:
type: string
responses:
"200":
description: List scopes for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/ScopePage"
"500":
description: Internal server error
post:
tags:
- scope
- domain
summary: Create a scope
description: "User must have the DOMAIN_SCOPE[CREATE] permission on the specified\
\ domain or DOMAIN_SCOPE[CREATE] permission on the specified environment or\
\ DOMAIN_SCOPE[CREATE] permission on the specified organization"
operationId: createScope
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewScope"
required: true
responses:
"201":
description: Scope successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/Scope"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/scopes/{scope}:
get:
tags:
- scope
- domain
summary: Get a scope
description: "User must have the DOMAIN_SCOPE[READ] permission on the specified\
\ domain or DOMAIN_SCOPE[READ] permission on the specified environment or\
\ DOMAIN_SCOPE[READ] permission on the specified organization"
operationId: findScope
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: scope
in: path
required: true
schema:
type: string
responses:
"200":
description: Scope
content:
application/json:
schema:
$ref: "#/components/schemas/Scope"
"500":
description: Internal server error
put:
tags:
- scope
- domain
summary: Update a scope
description: "User must have the DOMAIN_SCOPE[UPDATE] permission on the specified\
\ domain or DOMAIN_SCOPE[UPDATE] permission on the specified environment or\
\ DOMAIN_SCOPE[UPDATE] permission on the specified organization"
operationId: updateScope
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: scope
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateScope"
required: true
responses:
"200":
description: Scope successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Scope"
"500":
description: Internal server error
delete:
tags:
- scope
- domain
summary: Delete a scope
description: "User must have the DOMAIN_SCOPE[DELETE] permission on the specified\
\ domain or DOMAIN_SCOPE[DELETE] permission on the specified environment or\
\ DOMAIN_SCOPE[DELETE] permission on the specified organization"
operationId: deleteScope
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: scope
in: path
required: true
schema:
type: string
responses:
"204":
description: Scope successfully deleted
"500":
description: Internal server error
patch:
tags:
- scope
- domain
summary: Patch a scope
description: "User must have the DOMAIN_SCOPE[UPDATE] permission on the specified\
\ domain or DOMAIN_SCOPE[UPDATE] permission on the specified environment or\
\ DOMAIN_SCOPE[UPDATE] permission on the specified organization"
operationId: patchScope
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: scope
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchScope"
required: true
responses:
"200":
description: Scope successfully patched
content:
application/json:
schema:
$ref: "#/components/schemas/Scope"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/themes:
get:
tags:
- theme
- domain
summary: List themes on the specified security domain
description: "User must have the DOMAIN_THEME[LIST] permission on the specified\
\ domain or DOMAIN_THEME[LIST] permission on the specified environment or\
\ DOMAIN_THEME[LIST] permission on the specified organization"
operationId: listThemes
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
responses:
"200":
description: List of themes
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/ThemeEntity"
"204":
description: There is no themes on this domain
"500":
description: Internal server error
post:
tags:
- theme
- domain
summary: Create a theme on the specified security domain
description: "User must have the DOMAIN_THEME[CREATE] permission on the specified\
\ domain or DOMAIN_THEME[CREATE] permission on the specified environment or\
\ DOMAIN_THEME[CREATE] permission on the specified organization"
operationId: createTheme
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewTheme"
required: true
responses:
"201":
description: Theme successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/ThemeEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/themes/{themeId}:
get:
tags:
- theme
- domain
summary: Get the theme linked to the specified security domain
description: "User must have the DOMAIN_THEME[READ] permission on the specified\
\ domain or DOMAIN_THEME[READ] permission on the specified environment or\
\ DOMAIN_THEME[READ] permission on the specified organization"
operationId: getTheme
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: themeId
in: path
required: true
schema:
type: string
responses:
"200":
description: Get theme description
content:
application/json:
schema:
$ref: "#/components/schemas/ThemeEntity"
"404":
description: Theme doesn't exist
"500":
description: Internal server error
put:
tags:
- theme
- domain
summary: Update a theme on the specified security domain
description: "User must have the DOMAIN_THEME[UPDATE] permission on the specified\
\ domain or DOMAIN_THEME[UPDATE] permission on the specified environment or\
\ DOMAIN_THEME[UPDATE] permission on the specified organization"
operationId: updateTheme
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: themeId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/ThemeEntity"
required: true
responses:
"200":
description: Theme successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/ThemeEntity"
"404":
description: Theme Not found
"500":
description: Internal server error
delete:
tags:
- theme
- domain
summary: Delete a theme on the specified security domain
description: "User must have the DOMAIN_THEME[DELETE] permission on the specified\
\ domain or DOMAIN_THEME[DELETE] permission on the specified environment or\
\ DOMAIN_THEME[DELETE] permission on the specified organization"
operationId: deleteTheme
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: themeId
in: path
required: true
schema:
type: string
responses:
"204":
description: Theme successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users:
get:
tags:
- user
- domain
summary: List users for a security domain
description: "User must have the DOMAIN_USER[LIST] permission on the specified\
\ domain or DOMAIN_USER[LIST] permission on the specified environment or DOMAIN_USER[LIST]\
\ permission on the specified organization. Each returned user is filtered\
\ and contains only basic information such as id and username and displayname.\
\ Last login and identity provider name will be also returned if current user\
\ has DOMAIN_USER[READ] permission on the domain, environment or organization."
operationId: listUsers
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: q
in: query
schema:
type: string
- name: filter
in: query
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 30
responses:
"200":
description: List users for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/UserPage"
"500":
description: Internal server error
post:
tags:
- user
- domain
summary: Create a user on the specified security domain
description: "User must have the DOMAIN_USER[CREATE] permission on the specified\
\ domain or DOMAIN_USER[CREATE] permission on the specified environment or\
\ DOMAIN_USER[CREATE] permission on the specified organization"
operationId: createUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewUser"
required: true
responses:
"201":
description: User successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/bulk:
post:
tags:
- user
- domain
summary: Create/update/delete multiple users on the specified security domain
description: "User must have the DOMAIN_USER[CREATE/UPDATE/DELETE] permission\
\ on the specified domain, the environment, or the organization"
operationId: bulkUserOperation
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/DomainUserBulkRequest"
required: true
responses:
"200":
description: "Some users got created, inspect each result for details"
content:
application/json:
schema:
$ref: "#/components/schemas/BulkResponse"
"201":
description: All users successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/BulkResponse"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}:
get:
tags:
- user
- domain
summary: Get a user
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: findUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: User successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/UserEntity"
"500":
description: Internal server error
put:
tags:
- user
- domain
summary: Update a user
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: updateUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateUser"
required: true
responses:
"201":
description: User successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
delete:
tags:
- user
- domain
summary: Delete a user
description: "User must have the DOMAIN_USER[DELETE] permission on the specified\
\ domain or DOMAIN_USER[DELETE] permission on the specified environment or\
\ DOMAIN_USER[DELETE] permission on the specified organization"
operationId: deleteUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"204":
description: User successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/audits:
get:
tags:
- user
- domain
summary: Get a user audit logs
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: list_10
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: type
in: query
schema:
type: string
- name: status
in: query
schema:
type: string
- name: from
in: query
schema:
type: integer
format: int64
- name: to
in: query
schema:
type: integer
format: int64
- name: size
in: query
schema:
type: integer
format: int32
default: 10
- name: page
in: query
schema:
type: integer
format: int32
default: 0
responses:
"200":
description: User audit logs successfully fetched
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Audit"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/audits/{audit}:
get:
tags:
- user
- domain
summary: Get a user audit log
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: get_14
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: audit
in: path
required: true
schema:
type: string
responses:
"200":
description: User audit log successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Audit"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/consents:
get:
tags:
- user
- domain
summary: Get a user consents
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: list_11
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: clientId
in: query
schema:
type: string
responses:
"200":
description: User consents successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/ScopeApprovalEntity"
"500":
description: Internal server error
delete:
tags:
- user
- domain
summary: Revoke user consents
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: delete_7
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: clientId
in: query
schema:
type: string
responses:
"204":
description: User consents successfully revoked
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/consents/{consent}:
get:
tags:
- user
- domain
summary: Get a user consent
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: get_15
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: consent
in: path
required: true
schema:
type: string
responses:
"200":
description: User consent successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/ScopeApprovalEntity"
"500":
description: Internal server error
delete:
tags:
- user
- domain
summary: Revoke a user consent
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: revoke
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: consent
in: path
required: true
schema:
type: string
responses:
"204":
description: User consent successfully revoked
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/credentials:
get:
tags:
- user
- domain
summary: Get a user credentials
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: list_12
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: User credentials successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Credential"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/credentials/{credential}:
get:
tags:
- user
- domain
summary: Get a user credential
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: get_16
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: credential
in: path
required: true
schema:
type: string
responses:
"200":
description: User credential successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Credential"
"500":
description: Internal server error
delete:
tags:
- user
- domain
summary: Revoke a user credential
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: revoke_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: credential
in: path
required: true
schema:
type: string
responses:
"204":
description: User credential successfully revoked
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/devices:
get:
tags:
- devices
- user
- domain
summary: List users for a security domain
description: "User must have the DOMAIN_USER_DEVICES[LIST] permission on the\
\ specified domain or DOMAIN_USER_DEVICES[LIST] permission on the specified\
\ environment or DOMAIN_USER_DEVICES[LIST] permission on the specified organization. "
operationId: list_13
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: List users for a security domain
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/devices/{device}:
delete:
tags:
- devices
- user
- domain
summary: Delete a device
description: "User must have the DOMAIN_USER_DEVICE[DELETE] permission on the\
\ specified domain or DOMAIN_USER_DEVICE[DELETE] permission on the specified\
\ environment or DOMAIN_USER_DEVICE[DELETE] permission on the specified organization"
operationId: delete_8
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: device
in: path
required: true
schema:
type: string
responses:
"204":
description: User successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/factors:
get:
tags:
- user
- domain
summary: Get a user enrolled factors
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: list_14
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: User enrolled factors successfully fetched
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/EnrolledFactorEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/factors/{factor}:
delete:
tags:
- user
- domain
summary: Revoke user factor
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: delete_9
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: factor
in: path
required: true
schema:
type: string
responses:
"204":
description: User factor successfully revoked
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/identities:
get:
tags:
- user
- domain
summary: Get a user linked identities
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: list_15
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: User linked identities successfully fetched
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/UserIdentityEntity"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/identities/{identity}:
delete:
tags:
- user
- domain
summary: Unlink user identity
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: delete_10
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
responses:
"204":
description: User identity successfully unlinked
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/lock:
post:
tags:
- user
- domain
summary: Lock a user
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: lockUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"204":
description: User locked
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/resetPassword:
post:
tags:
- user
- domain
summary: Reset password
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: resetPassword
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
'*/*':
schema:
$ref: "#/components/schemas/PasswordValue"
required: true
responses:
"200":
description: Password reset
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/roles:
get:
tags:
- user
- domain
summary: Get a user roles
description: "User must have the DOMAIN_USER[READ] permission on the specified\
\ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\
\ permission on the specified organization"
operationId: list_16
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: dynamic
in: query
schema:
type: boolean
default: false
responses:
"200":
description: User roles successfully fetched
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Role"
"500":
description: Internal server error
post:
tags:
- user
- domain
summary: Assign roles to a user
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: assign
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
type: array
items:
type: string
required: true
responses:
"200":
description: Roles successfully assigned
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/roles/{role}:
delete:
tags:
- user
- domain
summary: Revoke role to a user
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: revoke_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
responses:
"200":
description: Roles successfully revoked
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/sendRegistrationConfirmation:
post:
tags:
- user
- domain
summary: Send registration confirmation email
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: sendRegistrationConfirmation
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: Email sent
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/status:
put:
tags:
- user
- domain
summary: Update a user status
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: updateUserStatus
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/StatusEntity"
required: true
responses:
"201":
description: User status successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/unlock:
post:
tags:
- user
- domain
summary: Unlock a user
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: unlockUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"204":
description: User unlocked
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/username:
patch:
tags:
- user
- domain
summary: Update a user username
description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\
\ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\
\ DOMAIN_USER[UPDATE] permission on the specified organization"
operationId: updateUsername
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
- name: domain
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UsernameEntity"
required: true
responses:
"201":
description: User username successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/environments/{environmentId}/members/permissions:
get:
summary: List environment member's permissions
description: "User must have ENVIRONMENT[READ] permission on the specified environment\
\ or ENVIRONMENT[READ] permission on the specified organization"
operationId: permissions_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: environmentId
in: path
required: true
schema:
type: string
responses:
"200":
description: Environment member's permissions
content:
application/json:
schema:
type: string
"500":
description: Internal server error
/organizations/{organizationId}/forms:
get:
tags:
- form
summary: Find an organization form template
description: "User must have the ORGANIZATION_FORM[READ] permission on the specified\
\ organization"
operationId: get_17
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: template
in: query
required: true
schema:
type: string
enum:
- LOGIN
- REGISTRATION
- REGISTRATION_CONFIRMATION
- REGISTRATION_VERIFY
- FORGOT_PASSWORD
- RESET_PASSWORD
- OAUTH2_USER_CONSENT
- MFA_ENROLL
- MFA_CHALLENGE
- MFA_CHALLENGE_ALTERNATIVES
- MFA_RECOVERY_CODE
- BLOCKED_ACCOUNT
- COMPLETE_PROFILE
- WEBAUTHN_REGISTER
- WEBAUTHN_REGISTER_SUCCESS
- WEBAUTHN_LOGIN
- IDENTIFIER_FIRST_LOGIN
- ERROR
- CERTIFICATE_EXPIRATION
- VERIFY_ATTEMPT
responses:
"200":
description: Form successfully fetched
"500":
description: Internal server error
post:
tags:
- form
summary: Create a form
description: "User must have the ORGANIZATION_FORM[CREATE] permission on the\
\ specified organization"
operationId: create_7
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewForm"
required: true
responses:
"201":
description: Form successfully created
"500":
description: Internal server error
/organizations/{organizationId}/forms/{form}:
put:
tags:
- form
summary: Update a form
description: "User must have the ORGANIZATION_FORM[UPDATE] permission on the\
\ specified organization"
operationId: update_7
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: form
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateForm"
required: true
responses:
"201":
description: Form successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Form"
"500":
description: Internal server error
delete:
tags:
- form
summary: Delete a form
description: "User must have the ORGANIZATION_FORM[DELETE] permission on the\
\ specified organization"
operationId: delete_11
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: form
in: path
required: true
schema:
type: string
responses:
"204":
description: Form successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/groups:
get:
tags:
- group
summary: List groups of the organization
description: "User must have the ORGANIZATION[LIST] permission on the specified\
\ organization. Each returned group is filtered and contains only basic information\
\ such as id and name."
operationId: list_19
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 100
responses:
"200":
description: List groups of the organization
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Group"
"500":
description: Internal server error
post:
tags:
- group
summary: Create a platform group
description: "User must have the ORGANIZATION_GROUP[CREATE] permission on the\
\ specified organization"
operationId: create_8
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewGroup"
required: true
responses:
"201":
description: Group successfully created
"500":
description: Internal server error
/organizations/{organizationId}/groups/{group}:
get:
tags:
- group
summary: Get a platform group
description: "User must have the ORGANIZATION_GROUP[READ] permission on the\
\ specified organization"
operationId: getOrganizationGroup
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
responses:
"200":
description: Group successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Group"
"500":
description: Internal server error
put:
tags:
- group
summary: Update a platform group
description: "User must have the ORGANIZATION_GROUP[READ] permission on the\
\ specified organization"
operationId: updateOrganizationGroup
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateGroup"
required: true
responses:
"201":
description: Group successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
delete:
tags:
- group
summary: Delete a platform group
description: "User must have the ORGANIZATION_GROUP[READ] permission on the\
\ specified organization"
operationId: deleteOrganizationGroup
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
responses:
"204":
description: Group successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/groups/{group}/members:
get:
tags:
- group
summary: List group members
description: "User must have the ORGANIZATION_GROUP[READ] permission on the\
\ specified organization"
operationId: list_18
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 30
responses:
"200":
description: Group members successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/groups/{group}/members/{member}:
post:
tags:
- group
summary: Add a group member
description: "User must have the ORGANIZATION_GROUP[UPDATE] permission on the\
\ specified organization"
operationId: addMember
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
- name: member
in: path
required: true
schema:
type: string
responses:
"200":
description: Member has been added successfully
"400":
description: User does not exist
"500":
description: Internal server error
delete:
tags:
- group
summary: Remove a group member
description: "User must have the ORGANIZATION_GROUP[UPDATE] permission on the\
\ specified organization"
operationId: removeMember_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: group
in: path
required: true
schema:
type: string
- name: member
in: path
required: true
schema:
type: string
responses:
"200":
description: Member has been removed successfully
"400":
description: User does not exist
"500":
description: Internal server error
/organizations/{organizationId}/identities:
get:
tags:
- identity provider
summary: List registered identity providers of the organization
description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[LIST] permission\
\ on the specified organization. Each returned identity provider is filtered\
\ and contains only basic information such as id, name, type and isExternal."
operationId: list_20
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: userProvider
in: query
schema:
type: boolean
responses:
"200":
description: List registered identity providers of the organization
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/FilteredIdentityProviderInfo"
"500":
description: Internal server error
post:
tags:
- identity provider
summary: Create an identity provider for the organization
description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[CREATE] permission\
\ on the specified organization"
operationId: create_9
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewIdentityProvider"
required: true
responses:
"201":
description: Identity provider successfully created
"500":
description: Internal server error
/organizations/{organizationId}/identities/{identity}:
get:
tags:
- identity provider
summary: Get an identity provider
description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[READ] permission\
\ on the specified organization"
operationId: get_18
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
responses:
"200":
description: Identity provider
content:
application/json:
schema:
$ref: "#/components/schemas/IdentityProvider"
"500":
description: Internal server error
put:
tags:
- identity provider
summary: Update an identity provider
description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[UPDATE] permission\
\ on the specified organization"
operationId: update_8
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateIdentityProvider"
required: true
responses:
"201":
description: Identity provider successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/IdentityProvider"
"500":
description: Internal server error
delete:
tags:
- identity provider
summary: Delete an identity provider
description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[DELETE] permission\
\ on the specified organization"
operationId: delete_12
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: identity
in: path
required: true
schema:
type: string
responses:
"204":
description: Identity provider successfully deleted
"400":
description: Identity provider is bind to existing clients
"500":
description: Internal server error
/organizations/{organizationId}/members:
get:
summary: List members for an organization
description: "User must have ORGANIZATION_MEMBER[LIST] permission on the specified\
\ organization"
operationId: getMembers_1
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
responses:
"200":
description: List members for an organization
content:
application/json:
schema:
$ref: "#/components/schemas/MembershipListItem"
"500":
description: Internal server error
post:
summary: Add or update an organization member
description: "User must have ORGANIZATION_MEMBER[READ] permission on the specified\
\ organization"
operationId: addOrUpdateMember_2
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewMembership"
required: true
responses:
"201":
description: Member has been added or updated successfully
"400":
description: Membership parameter is not valid
"500":
description: Internal server error
/organizations/{organizationId}/members/{member}:
delete:
summary: Remove a membership of the organization
description: "User must have ORGANIZATION_MEMBER[DELETE] permission on the specified\
\ organization"
operationId: removeMember_3
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: member
in: path
required: true
schema:
type: string
responses:
"204":
description: Membership successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/reporters:
get:
tags:
- reporter
summary: List registered reporters for a security domain
description: "User must have the ORGANIZATION_REPORTER[LIST] permission on the\
\ specified organization. Except if user has ORGANIZATION_REPORTER[READ] permission\
\ on the organization, each returned reporter is filtered and contains only\
\ basic information such as id and name and type."
operationId: getOrgReporters
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
responses:
"200":
description: List registered reporters for an organization
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
post:
tags:
- reporter
summary: Create a reporter for an organization
description: "User must have the ORGANIZATION_REPORTER[CREATE] permission on\
\ the specified organization"
operationId: createOrgReporter
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewReporter"
responses:
"201":
description: Reporter created for a security domain
content:
application/json:
schema:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
/organizations/{organizationId}/reporters/{reporterId}:
get:
tags:
- reporter
summary: Get a reporter
description: "User must have the ORGANIZATION_REPORTER[READ] permission on the\
\ organization"
operationId: getOrgReporter
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: reporterId
in: path
required: true
schema:
type: string
responses:
"200":
description: Reporter successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
put:
tags:
- reporter
summary: Update a reporter
description: "User must have the ORGANIZATION_REPORTER[UPDATE] permission on\
\ the specified organization"
operationId: updateOrgReporter
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: reporterId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateReporter"
required: true
responses:
"201":
description: Reporter successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Reporter"
"500":
description: Internal server error
delete:
tags:
- reporter
summary: Delete a reporter
description: "User must have the ORGANIZATION_REPORTER[DELETE] permission on\
\ the specified organization"
operationId: deleteOrgReporter
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: reporterId
in: path
required: true
schema:
type: string
responses:
"204":
description: Reporter successfully removed
content:
application/json: {}
"500":
description: Internal server error
/organizations/{organizationId}/roles:
get:
tags:
- role
summary: List registered roles of the organization
description: "User must have the ORGANIZATION_ROLE[LIST] permission on the specified\
\ organization. Each returned role is filtered and contains only basic information\
\ such as id, name, isSystem and assignableType."
operationId: list_21
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: type
in: query
schema:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
responses:
"200":
description: List registered roles of the organization
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/RoleEntity"
"500":
description: Internal server error
post:
tags:
- role
summary: Create a role for the organization
description: "User must have the ORGANIZATION_ROLE[CREATE] permission on the\
\ specified organization"
operationId: create_10
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewRole"
required: true
responses:
"201":
description: Role successfully created
"500":
description: Internal server error
/organizations/{organizationId}/roles/{role}:
get:
tags:
- role
summary: Get a platform role
description: "User must have the ORGANIZATION_ROLE[READ] permission on the specified\
\ organization"
operationId: get_19
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
responses:
"200":
description: Role successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/RoleEntity"
"500":
description: Internal server error
put:
tags:
- role
summary: Update a platform role
description: "User must have the ORGANIZATION_ROLE[UPDATE] permission on the\
\ specified organization"
operationId: update_9
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateRole"
required: true
responses:
"201":
description: Role successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/RoleEntity"
"500":
description: Internal server error
delete:
tags:
- role
summary: Delete a plaform role
description: "User must have the ORGANIZATION_ROLE[DELETE] permission on the\
\ specified organization"
operationId: delete_13
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: role
in: path
required: true
schema:
type: string
responses:
"204":
description: Role successfully deleted
"400":
description: Role is bind to existing users
"500":
description: Internal server error
/organizations/{organizationId}/settings:
get:
summary: Get organization main settings
description: "User must have the ORGANIZATION_SETTINGS[READ] permission on the\
\ specified organization"
operationId: get_20
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
responses:
"200":
description: Platform settings successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
patch:
summary: Update platform main settings
description: "User must have the ORGANIZATION_SETTINGS[UPDATE] permission on\
\ the specified organization"
operationId: patch
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PatchOrganization"
required: true
responses:
"200":
description: Platform settings successfully patched
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
/organizations/{organizationId}/tags:
get:
tags:
- sharding-tags
summary: List sharding tags
description: "User must have the ORGANIZATION[LIST] permission on the specified\
\ organization. Each returned tag is filtered and contains only basic information\
\ such as id and name."
operationId: list_22
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
responses:
"200":
description: List all the sharding tags
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/Domain"
"500":
description: Internal server error
post:
tags:
- sharding-tags
summary: Create a sharding tags
description: "User must have the ORGANIZATION_TAG[CREATE] permission on the\
\ specified organization"
operationId: create_11
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewTag"
required: true
responses:
"201":
description: Sharding tag successfully created
"500":
description: Internal server error
/organizations/{organizationId}/tags/{tag}:
get:
tags:
- sharding-tags
summary: Get a sharding tag
description: "User must have the ORGANIZATION_TAG[READ] permission on the specified\
\ organization"
operationId: get_21
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: tag
in: path
required: true
schema:
type: string
responses:
"200":
description: Sharding tag
content:
application/json:
schema:
$ref: "#/components/schemas/Tag"
"500":
description: Internal server error
put:
tags:
- sharding-tags
summary: Update the sharding tag
description: "User must have the ORGANIZATION_TAG[UPDATE] permission on the\
\ specified organization"
operationId: update_10
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: tag
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateTag"
required: true
responses:
"200":
description: Sharding tag successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/Tag"
"500":
description: Internal server error
delete:
tags:
- sharding-tags
summary: Delete the sharding tag
description: "User must have the ORGANIZATION_TAG[DELETE] permission on the\
\ specified organization"
operationId: delete_14
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: tag
in: path
required: true
schema:
type: string
responses:
"204":
description: Sharding tag successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/users:
get:
tags:
- user
summary: List users of the organization
description: "User must have the ORGANIZATION_USER[LIST] permission on the specified\
\ organization. Each returned user is filtered and contains only basic information\
\ such as id and username and displayname. Last login and identity provider\
\ name will be also returned if current user has ORGANIZATION_USER[READ] permission\
\ on the organization."
operationId: listOrganisationUsers
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: q
in: query
schema:
type: string
- name: filter
in: query
schema:
type: string
- name: page
in: query
schema:
type: integer
format: int32
default: 0
- name: size
in: query
schema:
type: integer
format: int32
default: 30
responses:
"200":
description: List users of the organization
content:
application/json:
schema:
$ref: "#/components/schemas/Page"
"500":
description: Internal server error
post:
tags:
- user
summary: Create a platform user or Service Account
description: "User must have the ORGANIZATION_USER[READ] permission on the specified\
\ organization"
operationId: createOrganisationUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewOrganizationUser"
required: true
responses:
"201":
description: User or Service Account successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/users/bulk:
post:
tags:
- user
summary: Create/update/delete platform users or Service Accounts
description: "User must have the ORGANIZATION_USER[CREATE/UPDATE/DELETE] permission\
\ on the specified organization"
operationId: bulkOrganisationUserOperation
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/OrganizationUserBulkRequest"
required: true
responses:
"200":
description: "Some users or Service Accounts got created, inspect each result\
\ for details"
content:
application/json:
schema:
$ref: "#/components/schemas/BulkResponse"
"201":
description: Users or Service Accounts successfully created
content:
application/json:
schema:
$ref: "#/components/schemas/BulkResponse"
"500":
description: Internal server error
/organizations/{organizationId}/users/{user}:
get:
tags:
- user
summary: Get a user
description: "User must have the ORGANIZATION_USER[READ] permission on the specified\
\ organization"
operationId: get_22
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: User successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/UserEntity"
"500":
description: Internal server error
put:
tags:
- user
summary: Update a user
description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\
\ specified organization"
operationId: updateOrganizationUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UpdateUser"
required: true
responses:
"201":
description: User successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
delete:
tags:
- user
summary: Delete a user
description: "User must have the ORGANIZATION_USER[DELETE] permission on the\
\ specified organization"
operationId: deleteOrganizationUser
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"204":
description: User successfully deleted
"500":
description: Internal server error
/organizations/{organizationId}/users/{user}/resetPassword:
post:
tags:
- user
summary: Reset password
description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\
\ specified organization"
operationId: resetOrganizationUserPassword
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
'*/*':
schema:
$ref: "#/components/schemas/PasswordValue"
required: true
responses:
"200":
description: Password reset
"500":
description: Internal server error
/organizations/{organizationId}/users/{user}/status:
put:
tags:
- user
summary: Update a user status
description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\
\ specified organization"
operationId: updateOrganizationUserStatus
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/StatusEntity"
required: true
responses:
"201":
description: User status successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/organizations/{organizationId}/users/{user}/tokens:
get:
tags:
- user
summary: Get tokens of a user
description: "User must have the ORGANIZATION_USER[READ] permission on the specified\
\ organization"
operationId: getUserActiveTokens
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
responses:
"200":
description: User tokens successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/AccountAccessToken"
"500":
description: Internal server error
post:
tags:
- user
summary: Generate an account access token for a user
description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\
\ specified organization"
operationId: createAccountAccessToken
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NewAccountAccessToken"
responses:
"201":
description: Account access token generated
content:
application/json:
schema:
$ref: "#/components/schemas/AccountAccessToken"
"500":
description: Internal server error
/organizations/{organizationId}/users/{user}/tokens/{tokenId}:
delete:
tags:
- user
summary: Revoke an account access token
description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\
\ specified organization"
operationId: revokeAccountAccessToken
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
- name: tokenId
in: path
required: true
schema:
type: string
responses:
"200":
description: Account access token revoked
/organizations/{organizationId}/users/{user}/username:
patch:
tags:
- user
summary: Update a user username
description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\
\ specified organization"
operationId: updateOrganisationUsername
parameters:
- name: organizationId
in: path
required: true
schema:
type: string
- name: user
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UsernameEntity"
required: true
responses:
"201":
description: User username successfully updated
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"500":
description: Internal server error
/platform/audits/events:
get:
tags:
- platform
summary: List audit event types
description: There is no particular permission needed. User must be authenticated.
operationId: list_35
responses:
default:
description: default response
content:
application/json: {}
/platform/configuration/alerts/status:
get:
tags:
- platform
summary: Get the alert service status
description: There is no particular permission needed. User must be authenticated.
operationId: getAlertServiceStatus
responses:
"200":
description: Current alert service status
content:
application/json:
schema:
$ref: "#/components/schemas/AlertServiceStatusEntity"
"500":
description: Internal server error
/platform/configuration/flow/schema:
get:
tags:
- platform
summary: Get the Policy Studio flow schema
description: There is no particular permission needed. User must be authenticated.
operationId: list_23
responses:
default:
description: default response
content:
application/json: {}
/platform/configuration/spel/grammar:
get:
tags:
- platform
summary: Get the spel grammar
description: There is no particular permission needed. User must be authenticated.
operationId: getSpelGrammar
responses:
default:
description: default response
content:
application/json: {}
/platform/configuration/users/email-required:
get:
tags:
- platform
operationId: getUserEmailRequired
responses:
default:
description: default response
content:
application/json: {}
/platform/installation:
get:
tags:
- platform
summary: Get installation information
description: "User must have the INSTALLATION[READ] permission on the platform"
operationId: get_23
responses:
"200":
description: Installation successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/InstallationEntity"
"404":
description: No installation has been found
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorEntity"
"500":
description: Internal server error
/platform/license:
get:
tags:
- platform
summary: Get current node License
operationId: get_24
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/auth-device-notifiers:
get:
tags:
- Plugin
- Authentication Device Notifier
- platform
summary: List authentication device notifier plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_24
parameters:
- name: expand
in: query
schema:
type: array
items:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/auth-device-notifiers/{authDeviceNotifierId}:
get:
tags:
- Plugin
- Authentication Device Notifier
- platform
summary: Get a Authentication Device Notifier plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_25
parameters:
- name: authDeviceNotifierId
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/auth-device-notifiers/{authDeviceNotifierId}/schema:
get:
tags:
- Plugin
- Authentication Device Notifier
- platform
summary: Get an Authentication Device Notifier plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema
parameters:
- name: authDeviceNotifierId
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/bot-detections:
get:
tags:
- Plugin
- Bot Detection
- platform
summary: List bot detection plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_25
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/bot-detections/{botDetection}:
get:
tags:
- Plugin
- Bot Detection
- platform
summary: Get a Bot Detection plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_26
parameters:
- name: botDetection
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/bot-detections/{botDetection}/schema:
get:
tags:
- Plugin
- Bot Detection
- platform
summary: Get a Bot Detection plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_1
parameters:
- name: botDetection
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/certificates:
get:
tags:
- Plugin
- Certificate
- platform
summary: List certificate plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_26
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/certificates/{certificate}:
get:
tags:
- Plugin
- Certificate
- platform
summary: Get an certificate plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_27
parameters:
- name: certificate
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/certificates/{certificate}/schema:
get:
tags:
- Plugin
- Certificate
- platform
summary: Get an certificate's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_2
parameters:
- name: certificate
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/device-identifiers:
get:
tags:
- Plugin
- Device Identifier
- platform
summary: List device identifier plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_27
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/device-identifiers/{deviceIdentifier}:
get:
tags:
- Plugin
- Device Identifier
- platform
summary: Get a device identifier plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_28
parameters:
- name: deviceIdentifier
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/device-identifiers/{deviceIdentifier}/schema:
get:
tags:
- Plugin
- Device Identifier
- platform
summary: Get a device identifier plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_3
parameters:
- name: deviceIdentifier
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/extensionGrants:
get:
tags:
- Plugin
- Extension Grant
- platform
summary: List extension grant plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_34
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/extensionGrants/{extensionGrant}:
get:
tags:
- Plugin
- Extension Grant
- platform
summary: Get an extension grant plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_35
parameters:
- name: extensionGrant
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/extensionGrants/{extensionGrant}/schema:
get:
tags:
- Plugin
- Extension Grant
- platform
summary: Get an extension grant plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_10
parameters:
- name: extensionGrant
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/factors:
get:
tags:
- Plugin
- Factor
- platform
summary: List factor plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_28
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/factors/{factor}:
get:
tags:
- Plugin
- Factor
- platform
summary: Get a factor plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_29
parameters:
- name: factor
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/factors/{factor}/schema:
get:
tags:
- Plugin
- Factor
- platform
summary: Get a factor plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_4
parameters:
- name: factor
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/identities:
get:
tags:
- Plugin
- Identity Provider
- platform
summary: List identity provider plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_29
parameters:
- name: external
in: query
schema:
type: boolean
- name: organization
in: query
schema:
type: boolean
- name: expand
in: query
schema:
type: array
items:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/identities/{identity}:
get:
tags:
- Plugin
- Identity Provider
- platform
summary: Get an identity provider
description: There is no particular permission needed. User must be authenticated.
operationId: get_30
parameters:
- name: identity
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/identities/{identity}/schema:
get:
tags:
- Plugin
- Identity Provider
- platform
summary: Get an identity provider plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_5
parameters:
- name: identity
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/notifiers:
get:
tags:
- Plugin
- Notifier
- platform
summary: List all available notifier plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_30
parameters:
- name: expand
in: query
schema:
type: array
items:
type: string
responses:
"200":
description: Notifier plugin list
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/NotifierPlugin"
"500":
description: Internal server error
/platform/plugins/notifiers/{notifierId}:
get:
tags:
- Plugin
- Notifier
- platform
summary: Get a notifier
description: There is no particular permission needed. User must be authenticated.
operationId: get_31
parameters:
- name: notifierId
in: path
required: true
schema:
type: string
responses:
"200":
description: Notifier plugin
content:
application/json:
schema:
$ref: "#/components/schemas/NotifierPlugin"
"404":
description: Notifier plugin not found
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorEntity"
"500":
description: Internal server error
/platform/plugins/notifiers/{notifierId}/schema:
get:
tags:
- Plugin
- Notifier
- platform
summary: Get a notifier plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_6
parameters:
- name: notifierId
in: path
required: true
schema:
type: string
responses:
"200":
description: Notifier plugin schema
content:
application/json:
schema:
type: string
"404":
description: Notifier plugin schema not found
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorEntity"
"500":
description: Internal server error
/platform/plugins/policies:
get:
tags:
- Plugin
- Policy
- platform
summary: List policy plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_31
parameters:
- name: expand
in: query
schema:
type: array
items:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/policies/{policy}:
get:
tags:
- Plugin
- Policy
- platform
summary: Get a policy plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_32
parameters:
- name: policy
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/policies/{policy}/documentation:
get:
tags:
- Plugin
- Policy
- platform
summary: Get a policy plugin's documentation
operationId: getDocumentation
parameters:
- name: policy
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
text/plain: {}
/platform/plugins/policies/{policy}/schema:
get:
tags:
- Plugin
- Policy
- platform
summary: Get a policy plugin's schema
operationId: getSchema_7
parameters:
- name: policy
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/reporters:
get:
tags:
- Plugin
- Reporter
- platform
summary: List reporter plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_32
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/reporters/{reporter}:
get:
tags:
- Plugin
- Reporter
- platform
summary: Get a reporter plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_33
parameters:
- name: reporter
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/reporters/{reporter}/schema:
get:
tags:
- Plugin
- Reporter
- platform
summary: Get a reporter plugin's schema
operationId: getSchema_8
parameters:
- name: reporter
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/resources:
get:
tags:
- Plugin
- Resource
- platform
summary: List resource plugins
description: There is no particular permission needed. User must be authenticated.
operationId: list_33
parameters:
- name: expand
in: query
schema:
type: array
items:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/resources/{resource}:
get:
tags:
- Plugin
- Resource
- platform
summary: Get a resource plugin
description: There is no particular permission needed. User must be authenticated.
operationId: get_34
parameters:
- name: resource
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/plugins/resources/{resource}/schema:
get:
tags:
- Plugin
- Resource
- platform
summary: Get a resource plugin's schema
description: There is no particular permission needed. User must be authenticated.
operationId: getSchema_9
parameters:
- name: resource
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/platform/roles/{role}:
get:
tags:
- platform
summary: Get a system role
description: There is no particular permission needed. User must be authenticated.
operationId: get_36
parameters:
- name: role
in: path
required: true
schema:
type: string
responses:
"200":
description: System role successfully fetched
content:
application/json:
schema:
$ref: "#/components/schemas/Role"
"500":
description: Internal server error
/user:
get:
tags:
- user
summary: Get the current user
operationId: get
responses:
"200":
description: Current user successfully fetched
content:
application/json:
schema:
type: object
additionalProperties:
type: string
"500":
description: Internal server error
/user/newsletter/_subscribe:
post:
tags:
- Newsletter
- user
summary: Subscribe to the newsletter the authenticated user
operationId: subscribeNewsletter
requestBody:
content:
'*/*':
schema:
$ref: "#/components/schemas/EmailValue"
required: true
responses:
"200":
description: Updated user
content:
application/json:
schema:
$ref: "#/components/schemas/User"
"400":
description: Invalid user profile
"404":
description: User not found
"500":
description: Internal server error
/user/newsletter/taglines:
get:
tags:
- Newsletter
- user
summary: Get taglines to display in the newsletter
operationId: getTaglines
responses:
"200":
description: Retrieved taglines
content:
application/json:
schema:
type: string
"500":
description: Internal server error
/user/notifications:
get:
tags:
- user notifications
- user
summary: List notifications received by the current user
operationId: listNotifications
responses:
"200":
description: Current user notifications successfully fetched
content:
application/json:
schema:
type: array
items:
$ref: "#/components/schemas/UserNotificationContent"
"500":
description: Internal server error
/user/notifications/{notificationId}/acknowledge:
post:
tags:
- user notifications
- user
summary: Mark User notification as read
operationId: markAsRead
parameters:
- name: notificationId
in: path
required: true
schema:
type: string
responses:
"204":
description: User notification has been marked as read
"500":
description: Internal server error
components:
schemas:
AccessPolicy:
type: object
properties:
id:
type: string
type:
type: string
enum:
- GROOVY
enabled:
type: boolean
name:
type: string
description:
type: string
order:
type: integer
format: int32
condition:
type: string
domain:
type: string
resource:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
AccessPolicyListItem:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
AccountAccessToken:
type: object
properties:
tokenId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
userId:
type: string
issuerUsername:
type: string
issuerId:
type: string
name:
type: string
token:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
AccountSettings:
type: object
properties:
inherited:
type: boolean
loginAttemptsDetectionEnabled:
type: boolean
maxLoginAttempts:
type: integer
format: int32
loginAttemptsResetTime:
type: integer
format: int32
accountBlockedDuration:
type: integer
format: int32
sendRecoverAccountEmail:
type: boolean
completeRegistrationWhenResetPassword:
type: boolean
autoLoginAfterRegistration:
type: boolean
redirectUriAfterRegistration:
type: string
dynamicUserRegistration:
type: boolean
defaultIdentityProviderForRegistration:
type: string
autoLoginAfterResetPassword:
type: boolean
redirectUriAfterResetPassword:
type: string
deletePasswordlessDevicesAfterResetPassword:
type: boolean
useBotDetection:
type: boolean
botDetectionPlugin:
type: string
rememberMe:
type: boolean
rememberMeDuration:
type: integer
format: int32
resetPasswordCustomForm:
type: boolean
resetPasswordCustomFormFields:
type: array
items:
$ref: "#/components/schemas/FormField"
resetPasswordConfirmIdentity:
type: boolean
resetPasswordInvalidateTokens:
type: boolean
mfaChallengeAttemptsDetectionEnabled:
type: boolean
mfaChallengeMaxAttempts:
type: integer
format: int32
mfaChallengeAttemptsResetTime:
type: integer
format: int32
mfaChallengeSendVerifyAlertEmail:
type: boolean
sendVerifyRegistrationAccountEmail:
type: boolean
Address:
type: object
properties:
type:
type: string
formatted:
type: string
streetAddress:
type: string
locality:
type: string
region:
type: string
postalCode:
type: string
country:
type: string
primary:
type: boolean
AlertNotifier:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
enabled:
type: boolean
configuration:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
AlertServiceStatusEntity:
type: object
properties:
available:
type: boolean
AlertTrigger:
type: object
properties:
id:
type: string
type:
type: string
enum:
- TOO_MANY_LOGIN_FAILURES
- RISK_ASSESSMENT
enabled:
type: boolean
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
alertNotifiers:
type: array
items:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
AnalyticsTypeParam:
type: object
properties:
value:
type: string
enum:
- DATE_HISTO
- COUNT
- GROUP_BY
originalParam:
type: string
Application:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
enum:
- WEB
- NATIVE
- BROWSER
- SERVICE
- RESOURCE_SERVER
description:
type: string
domain:
type: string
enabled:
type: boolean
template:
type: boolean
factors:
uniqueItems: true
type: array
items:
type: string
certificate:
type: string
metadata:
type: object
additionalProperties:
type: object
settings:
$ref: "#/components/schemas/ApplicationSettings"
identityProviders:
uniqueItems: true
type: array
items:
$ref: "#/components/schemas/ApplicationIdentityProvider"
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
secretSettings:
type: array
items:
$ref: "#/components/schemas/ApplicationSecretSettings"
secrets:
type: array
items:
$ref: "#/components/schemas/ClientSecret"
passwordSettings:
$ref: "#/components/schemas/PasswordSettings"
ApplicationAdvancedSettings:
type: object
properties:
skipConsent:
type: boolean
flowsInherited:
type: boolean
ApplicationEntity:
type: object
properties:
id:
type: string
clientId:
type: string
name:
type: string
ApplicationFactorSettings:
type: object
properties:
id:
type: string
selectionRule:
type: string
ApplicationIdentityProvider:
type: object
properties:
identity:
type: string
selectionRule:
type: string
priority:
type: integer
format: int32
ApplicationOAuthSettings:
type: object
properties:
clientId:
type: string
clientSecret:
type: string
clientType:
type: string
redirectUris:
type: array
items:
type: string
responseTypes:
type: array
items:
type: string
grantTypes:
type: array
items:
type: string
applicationType:
type: string
contacts:
type: array
items:
type: string
clientName:
type: string
logoUri:
type: string
clientUri:
type: string
policyUri:
type: string
tosUri:
type: string
jwksUri:
type: string
jwks:
$ref: "#/components/schemas/JWKSet"
sectorIdentifierUri:
type: string
subjectType:
type: string
idTokenSignedResponseAlg:
type: string
idTokenEncryptedResponseAlg:
type: string
idTokenEncryptedResponseEnc:
type: string
userinfoSignedResponseAlg:
type: string
userinfoEncryptedResponseAlg:
type: string
userinfoEncryptedResponseEnc:
type: string
requestObjectSigningAlg:
type: string
requestObjectEncryptionAlg:
type: string
requestObjectEncryptionEnc:
type: string
tokenEndpointAuthMethod:
type: string
tokenEndpointAuthSigningAlg:
type: string
defaultMaxAge:
type: integer
format: int32
requireAuthTime:
type: boolean
defaultACRvalues:
type: array
items:
type: string
initiateLoginUri:
type: string
requestUris:
type: array
items:
type: string
softwareId:
type: string
softwareVersion:
type: string
softwareStatement:
type: string
registrationAccessToken:
type: string
registrationClientUri:
type: string
clientIdIssuedAt:
type: string
format: date-time
clientSecretExpiresAt:
type: string
format: date-time
scopes:
type: array
items:
type: string
defaultScopes:
type: array
items:
type: string
scopeApprovals:
type: object
additionalProperties:
type: integer
format: int32
scopeSettings:
type: array
items:
$ref: "#/components/schemas/ApplicationScopeSettings"
enhanceScopesWithUserPermissions:
type: boolean
accessTokenValiditySeconds:
type: integer
format: int32
refreshTokenValiditySeconds:
type: integer
format: int32
idTokenValiditySeconds:
type: integer
format: int32
tokenCustomClaims:
type: array
items:
$ref: "#/components/schemas/TokenClaim"
tlsClientAuthSubjectDn:
type: string
tlsClientAuthSanDns:
type: string
tlsClientAuthSanUri:
type: string
tlsClientAuthSanIp:
type: string
tlsClientAuthSanEmail:
type: string
tlsClientCertificateBoundAccessTokens:
type: boolean
authorizationSignedResponseAlg:
type: string
authorizationEncryptedResponseAlg:
type: string
authorizationEncryptedResponseEnc:
type: string
forcePKCE:
type: boolean
forceS256CodeChallengeMethod:
type: boolean
postLogoutRedirectUris:
type: array
items:
type: string
singleSignOut:
type: boolean
silentReAuthentication:
type: boolean
requireParRequest:
type: boolean
backchannelTokenDeliveryMode:
type: string
backchannelClientNotificationEndpoint:
type: string
backchannelAuthRequestSignAlg:
type: string
backchannelUserCodeParameter:
type: boolean
disableRefreshTokenRotation:
type: boolean
ApplicationPage:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/Application"
currentPage:
type: integer
format: int32
totalCount:
type: integer
format: int64
ApplicationSAMLSettings:
type: object
properties:
entityId:
type: string
attributeConsumeServiceUrl:
type: string
singleLogoutServiceUrl:
type: string
certificate:
type: string
wantResponseSigned:
type: boolean
wantAssertionsSigned:
type: boolean
responseBinding:
type: string
ApplicationScopeSettings:
type: object
properties:
scope:
type: string
defaultScope:
type: boolean
scopeApproval:
type: integer
format: int32
ApplicationSecretSettings:
type: object
properties:
id:
type: string
algorithm:
type: string
ApplicationSettings:
type: object
properties:
oauth:
$ref: "#/components/schemas/ApplicationOAuthSettings"
saml:
$ref: "#/components/schemas/ApplicationSAMLSettings"
account:
$ref: "#/components/schemas/AccountSettings"
login:
$ref: "#/components/schemas/LoginSettings"
advanced:
$ref: "#/components/schemas/ApplicationAdvancedSettings"
passwordSettings:
$ref: "#/components/schemas/PasswordSettings"
mfa:
$ref: "#/components/schemas/MFASettings"
cookieSettings:
$ref: "#/components/schemas/CookieSettings"
riskAssessment:
$ref: "#/components/schemas/RiskAssessmentSettings"
AssessmentSettings:
type: object
properties:
enabled:
type: boolean
thresholds:
type: object
additionalProperties:
type: number
format: double
AssignPasswordPolicy:
type: object
properties:
passwordPolicy:
type: string
Attribute:
type: object
properties:
value:
type: string
type:
type: string
primary:
type: boolean
Audit:
type: object
properties:
id:
type: string
transactionId:
type: string
type:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
accessPoint:
$ref: "#/components/schemas/AuditAccessPoint"
actor:
$ref: "#/components/schemas/AuditEntity"
target:
$ref: "#/components/schemas/AuditEntity"
outcome:
$ref: "#/components/schemas/AuditOutcome"
timestamp:
type: string
format: date-time
writeOnly: true
reference:
$ref: "#/components/schemas/Reference"
AuditAccessPoint:
type: object
properties:
id:
type: string
alternativeId:
type: string
displayName:
type: string
ipAddress:
type: string
userAgent:
type: string
AuditEntity:
type: object
properties:
id:
type: string
alternativeId:
type: string
type:
type: string
displayName:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
attributes:
type: object
additionalProperties:
type: object
AuditOutcome:
type: object
properties:
status:
type: string
enum:
- SUCCESS
- FAILURE
message:
type: string
AuthenticationDeviceNotifier:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
configuration:
type: string
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
BaseJsonNode:
type: object
BotDetection:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
detectionType:
type: string
configuration:
type: string
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
BulkCreateOrganizationUser:
required:
- action
- items
type: object
properties:
action:
type: string
enum:
- CREATE
- UPDATE
- DELETE
failOnErrors:
type: integer
format: int32
items:
type: array
items:
$ref: "#/components/schemas/NewOrganizationUser"
BulkCreateUser:
required:
- action
- items
type: object
properties:
action:
type: string
enum:
- CREATE
- UPDATE
- DELETE
failOnErrors:
type: integer
format: int32
items:
type: array
items:
$ref: "#/components/schemas/NewUser"
BulkDeleteUser:
required:
- action
- items
type: object
properties:
action:
type: string
enum:
- CREATE
- UPDATE
- DELETE
failOnErrors:
type: integer
format: int32
items:
type: array
items:
type: string
BulkOperationResultObject:
type: object
properties:
index:
type: integer
format: int32
httpStatus:
maximum: 599
minimum: 100
type: integer
format: int32
body:
type: object
errorDetails:
type: object
success:
type: boolean
BulkResponse:
type: object
properties:
results:
type: array
items:
$ref: "#/components/schemas/BulkOperationResultObject"
allSuccessful:
type: boolean
BulkUpdateUser:
required:
- action
- items
type: object
properties:
action:
type: string
enum:
- CREATE
- UPDATE
- DELETE
failOnErrors:
type: integer
format: int32
items:
type: array
items:
$ref: "#/components/schemas/UpdateUserWithId"
CIBASettingNotifier:
type: object
properties:
id:
type: string
CIBASettings:
type: object
properties:
enabled:
type: boolean
authReqExpiry:
type: integer
format: int32
tokenReqInterval:
type: integer
format: int32
bindingMessageLength:
type: integer
format: int32
deviceNotifiers:
type: array
items:
$ref: "#/components/schemas/CIBASettingNotifier"
Certificate:
type: object
properties:
value:
type: string
CertificateEntity:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
createdAt:
type: string
format: date-time
expiresAt:
type: string
format: date-time
system:
type: boolean
status:
type: string
enum:
- VALID
- WILL_EXPIRE
- EXPIRED
- RENEWED
usage:
type: array
items:
type: string
applications:
type: array
items:
$ref: "#/components/schemas/Application"
identityProviders:
type: array
items:
$ref: "#/components/schemas/IdentityProvider"
CertificateKey:
type: object
properties:
fmt:
type: string
payload:
type: string
metadata:
type: object
additionalProperties:
type: object
ChallengeSettings:
type: object
properties:
active:
type: boolean
challengeRule:
type: string
type:
type: string
enum:
- REQUIRED
- CONDITIONAL
- RISK_BASED
ClientRegistrationSettings:
type: object
properties:
allowLocalhostRedirectUri:
type: boolean
allowHttpSchemeRedirectUri:
type: boolean
allowWildCardRedirectUri:
type: boolean
defaultScopes:
type: array
items:
type: string
allowedScopes:
type: array
items:
type: string
dynamicClientRegistrationEnabled:
type: boolean
openDynamicClientRegistrationEnabled:
type: boolean
clientTemplateEnabled:
type: boolean
allowedScopesEnabled:
type: boolean
ClientSecret:
type: object
properties:
id:
type: string
settingsId:
type: string
name:
type: string
createdAt:
type: string
format: date-time
CookieSettings:
type: object
properties:
inherited:
type: boolean
session:
$ref: "#/components/schemas/SessionSettings"
CorsSettings:
type: object
properties:
enabled:
type: boolean
allowedOrigins:
uniqueItems: true
type: array
items:
type: string
allowedMethods:
uniqueItems: true
type: array
items:
type: string
allowedHeaders:
uniqueItems: true
type: array
items:
type: string
maxAge:
type: integer
format: int32
allowCredentials:
type: boolean
Credential:
type: object
properties:
id:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
userId:
type: string
username:
type: string
credentialId:
type: string
publicKey:
type: string
counter:
type: integer
format: int64
aaguid:
type: string
attestationStatementFormat:
type: string
attestationStatement:
type: string
ipAddress:
type: string
userAgent:
type: string
deviceName:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
accessedAt:
type: string
format: date-time
lastCheckedAt:
type: string
format: date-time
DataPlane:
type: object
properties:
delegate:
$ref: "#/components/schemas/Plugin"
DeviceIdentifier:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
configuration:
type: string
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
Domain:
type: object
properties:
id:
type: string
hrid:
type: string
name:
type: string
version:
type: string
enum:
- V1_0
- V2_0
description:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
enabled:
type: boolean
alertEnabled:
type: boolean
path:
type: string
identities:
uniqueItems: true
type: array
items:
type: string
master:
type: boolean
vhostMode:
type: boolean
vhosts:
type: array
items:
$ref: "#/components/schemas/VirtualHost"
tags:
uniqueItems: true
type: array
items:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
oidc:
$ref: "#/components/schemas/OIDCSettings"
uma:
$ref: "#/components/schemas/UMASettings"
loginSettings:
$ref: "#/components/schemas/LoginSettings"
webAuthnSettings:
$ref: "#/components/schemas/WebAuthnSettings"
scim:
$ref: "#/components/schemas/SCIMSettings"
accountSettings:
$ref: "#/components/schemas/AccountSettings"
passwordSettings:
$ref: "#/components/schemas/PasswordSettings"
selfServiceAccountManagementSettings:
$ref: "#/components/schemas/SelfServiceAccountManagementSettings"
saml:
$ref: "#/components/schemas/SAMLSettings"
corsSettings:
$ref: "#/components/schemas/CorsSettings"
dataPlaneId:
type: string
redirectUriLocalhostAllowed:
type: boolean
redirectUriUnsecuredHttpSchemeAllowed:
type: boolean
redirectUriWildcardAllowed:
type: boolean
dynamicClientRegistrationEnabled:
type: boolean
openDynamicClientRegistrationEnabled:
type: boolean
redirectUriStrictMatching:
type: boolean
dynamicClientRegistrationTemplateEnabled:
type: boolean
DomainUserBulkRequest:
required:
- action
- items
type: object
properties:
action:
type: string
enum:
- CREATE
- UPDATE
- DELETE
failOnErrors:
type: integer
format: int32
items:
type: array
items:
$ref: "#/components/schemas/BaseJsonNode"
discriminator:
propertyName: action
mapping:
CREATE: "#/components/schemas/BulkCreateUser"
UPDATE: "#/components/schemas/BulkUpdateUser"
DELETE: "#/components/schemas/BulkDeleteUser"
oneOf:
- $ref: "#/components/schemas/BulkCreateUser"
- $ref: "#/components/schemas/BulkUpdateUser"
- $ref: "#/components/schemas/BulkDeleteUser"
Email:
type: object
properties:
id:
type: string
enabled:
type: boolean
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
client:
type: string
template:
type: string
defaultTemplate:
type: boolean
from:
type: string
fromName:
type: string
subject:
type: string
content:
type: string
expiresAfter:
type: integer
format: int32
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
EmailValue:
required:
- email
type: object
properties:
email:
type: string
EnrollSettings:
type: object
properties:
active:
type: boolean
forceEnrollment:
type: boolean
enrollmentRule:
type: string
enrollmentSkipActive:
type: boolean
enrollmentSkipRule:
type: string
skipTimeSeconds:
type: integer
format: int64
type:
type: string
enum:
- OPTIONAL
- REQUIRED
- CONDITIONAL
EnrolledFactor:
type: object
properties:
factorId:
type: string
appId:
type: string
status:
type: string
enum:
- PENDING_ACTIVATION
- ACTIVATED
- REVOKED
- "NULL"
security:
$ref: "#/components/schemas/EnrolledFactorSecurity"
channel:
$ref: "#/components/schemas/EnrolledFactorChannel"
primary:
type: boolean
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
EnrolledFactorChannel:
type: object
properties:
type:
type: string
enum:
- SMS
- EMAIL
- HTTP
- CALL
target:
type: string
additionalData:
type: object
additionalProperties:
type: object
EnrolledFactorEntity:
type: object
properties:
id:
type: string
type:
type: string
name:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
EnrolledFactorSecurity:
type: object
properties:
type:
type: string
value:
type: string
additionalData:
type: object
additionalProperties:
type: object
EnrollmentSettings:
type: object
properties:
forceEnrollment:
type: boolean
skipTimeSeconds:
type: integer
format: int64
Entrypoint:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
url:
type: string
tags:
type: array
items:
type: string
organizationId:
type: string
defaultEntrypoint:
type: boolean
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
Environment:
type: object
properties:
id:
type: string
hrids:
type: array
items:
type: string
name:
type: string
description:
type: string
domainRestrictions:
type: array
items:
type: string
organizationId:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
ErrorEntity:
type: object
properties:
message:
type: string
http_status:
type: integer
format: int32
ExtensionGrant:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
configuration:
type: string
domain:
type: string
grantType:
type: string
identityProvider:
type: string
createUser:
type: boolean
userExists:
type: boolean
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
Factor:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
factorType:
type: string
enum:
- OTP
- SMS
- EMAIL
- CALL
- HTTP
- RECOVERY_CODE
- FIDO2
- MOCK
configuration:
type: string
domain:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
FactorSettings:
type: object
properties:
defaultFactorId:
type: string
applicationFactors:
type: array
items:
$ref: "#/components/schemas/ApplicationFactorSettings"
FilteredIdentityProviderInfo:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
system:
type: boolean
external:
type: boolean
passwordPolicy:
type: string
Flow:
required:
- name
- type
type: object
properties:
id:
type: string
name:
type: string
pre:
type: array
items:
$ref: "#/components/schemas/Step"
post:
type: array
items:
$ref: "#/components/schemas/Step"
enabled:
type: boolean
type:
type: string
enum:
- ROOT
- LOGIN_IDENTIFIER
- LOGIN
- CONNECT
- CONSENT
- REGISTER
- RESET_PASSWORD
- REGISTRATION_CONFIRMATION
- TOKEN
- WEBAUTHN_REGISTER
condition:
type: string
FlowEntity:
type: object
properties:
id:
type: string
name:
type: string
pre:
type: array
items:
$ref: "#/components/schemas/Step"
post:
type: array
items:
$ref: "#/components/schemas/Step"
enabled:
type: boolean
type:
type: string
enum:
- ROOT
- LOGIN_IDENTIFIER
- LOGIN
- CONNECT
- CONSENT
- REGISTER
- RESET_PASSWORD
- REGISTRATION_CONFIRMATION
- TOKEN
- WEBAUTHN_REGISTER
condition:
type: string
icon:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
Form:
type: object
properties:
id:
type: string
enabled:
type: boolean
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
client:
type: string
template:
type: string
content:
type: string
assets:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
FormField:
type: object
properties:
key:
type: string
label:
type: string
type:
type: string
Group:
type: object
properties:
id:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
name:
type: string
description:
type: string
members:
type: array
items:
type: string
roles:
type: array
items:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
GroupPage:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/Group"
currentPage:
type: integer
format: int32
totalCount:
type: integer
format: int64
I18nDictionary:
type: object
properties:
id:
type: string
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
name:
type: string
locale:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
entries:
type: object
additionalProperties:
type: string
reference:
$ref: "#/components/schemas/Reference"
IdentityProvider:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
system:
type: boolean
configuration:
type: string
mappers:
type: object
additionalProperties:
type: string
roleMapper:
type: object
additionalProperties:
type: array
items:
type: string
groupMapper:
type: object
additionalProperties:
type: array
items:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
external:
type: boolean
domainWhitelist:
type: array
items:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
passwordPolicy:
type: string
dataPlaneId:
type: string
InstallationEntity:
type: object
properties:
id:
type: string
additionalInformation:
type: object
additionalProperties:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
JWK:
type: object
properties:
kty:
type: string
use:
type: string
keyOps:
uniqueItems: true
type: array
items:
type: string
alg:
type: string
kid:
type: string
x5u:
type: string
x5c:
uniqueItems: true
type: array
items:
type: string
x5t:
type: string
x5tS256:
type: string
JWKSet:
type: object
properties:
keys:
type: array
items:
$ref: "#/components/schemas/JWK"
LoginSettings:
type: object
properties:
inherited:
type: boolean
forgotPasswordEnabled:
type: boolean
registerEnabled:
type: boolean
rememberMeEnabled:
type: boolean
passwordlessEnabled:
type: boolean
passwordlessRememberDeviceEnabled:
type: boolean
passwordlessEnforcePasswordEnabled:
type: boolean
passwordlessEnforcePasswordMaxAge:
type: integer
format: int32
passwordlessDeviceNamingEnabled:
type: boolean
hideForm:
type: boolean
identifierFirstEnabled:
type: boolean
enforcePasswordPolicyEnabled:
type: boolean
MFASettings:
type: object
properties:
loginRule:
type: string
factor:
$ref: "#/components/schemas/FactorSettings"
stepUpAuthenticationRule:
type: string
stepUpAuthentication:
$ref: "#/components/schemas/StepUpAuthenticationSettings"
adaptiveAuthenticationRule:
type: string
rememberDevice:
$ref: "#/components/schemas/RememberDeviceSettings"
enrollment:
$ref: "#/components/schemas/EnrollmentSettings"
challenge:
$ref: "#/components/schemas/ChallengeSettings"
enroll:
$ref: "#/components/schemas/EnrollSettings"
Membership:
type: object
properties:
id:
type: string
domain:
type: string
memberId:
type: string
memberType:
type: string
enum:
- USER
- GROUP
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
roleId:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
MembershipListItem:
type: object
properties:
memberships:
type: array
items:
$ref: "#/components/schemas/Membership"
metadata:
type: object
additionalProperties:
type: object
additionalProperties:
type: object
ModifiedCertificateEntity:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
configuration:
type: string
domain:
type: string
metadata:
type: object
additionalProperties:
type: object
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
expiresAt:
type: string
format: date-time
system:
type: boolean
NewAccountAccessToken:
required:
- name
type: object
properties:
name:
type: string
NewAlertNotifier:
required:
- configuration
- type
type: object
properties:
type:
type: string
name:
type: string
writeOnly: true
enabled:
type: boolean
configuration:
type: string
NewApplication:
required:
- name
- type
type: object
properties:
name:
type: string
type:
type: string
enum:
- WEB
- NATIVE
- BROWSER
- SERVICE
- RESOURCE_SERVER
description:
type: string
clientId:
type: string
clientSecret:
type: string
redirectUris:
type: array
items:
type: string
metadata:
type: object
additionalProperties:
type: object
NewAuthenticationDeviceNotifier:
required:
- configuration
- name
- type
type: object
properties:
id:
type: string
type:
type: string
name:
type: string
configuration:
type: string
NewBotDetection:
required:
- configuration
- detectionType
- name
- type
type: object
properties:
id:
type: string
type:
type: string
detectionType:
type: string
name:
type: string
configuration:
type: string
NewCertificate:
required:
- configuration
- name
- type
type: object
properties:
type:
type: string
name:
type: string
configuration:
type: string
NewDeviceIdentifier:
required:
- configuration
- name
- type
type: object
properties:
id:
type: string
type:
type: string
name:
type: string
configuration:
type: string
NewDictionary:
required:
- locale
- name
type: object
properties:
name:
type: string
locale:
type: string
NewDomain:
required:
- dataPlaneId
- name
type: object
properties:
name:
type: string
description:
type: string
dataPlaneId:
type: string
NewEmail:
required:
- content
- expiresAfter
- from
- subject
- template
type: object
properties:
enabled:
type: boolean
from:
type: string
fromName:
type: string
subject:
type: string
content:
type: string
expiresAfter:
minimum: 1
type: integer
format: int32
template:
type: string
enum:
- LOGIN
- REGISTRATION
- REGISTRATION_CONFIRMATION
- REGISTRATION_VERIFY
- FORGOT_PASSWORD
- RESET_PASSWORD
- OAUTH2_USER_CONSENT
- MFA_ENROLL
- MFA_CHALLENGE
- MFA_CHALLENGE_ALTERNATIVES
- MFA_RECOVERY_CODE
- BLOCKED_ACCOUNT
- COMPLETE_PROFILE
- WEBAUTHN_REGISTER
- WEBAUTHN_REGISTER_SUCCESS
- WEBAUTHN_LOGIN
- IDENTIFIER_FIRST_LOGIN
- ERROR
- CERTIFICATE_EXPIRATION
- VERIFY_ATTEMPT
NewEntrypoint:
required:
- name
- tags
- url
type: object
properties:
name:
type: string
description:
type: string
url:
type: string
tags:
type: array
items:
type: string
NewExtensionGrant:
required:
- configuration
- grantType
- name
- type
type: object
properties:
type:
type: string
name:
type: string
configuration:
type: string
grantType:
pattern: "[A-Za-z][A-Za-z0-9+\\-.]*:(?://(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:]|%[0-9A-Fa-f]{2})*@)?(?:\\\
[(?:(?:(?:(?:[0-9A-Fa-f]{1,4}:){6}|::(?:[0-9A-Fa-f]{1,4}:){5}|(?:[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,1}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){3}|(?:(?:[0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){2}|(?:(?:[0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}:|(?:(?:[0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})?::)(?:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\
.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|(?:(?:[0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})?::)|[Vv][0-9A-Fa-f]+\\\
.[A-Za-z0-9\\-._~!$&'()*+,;=:]+)\\]|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\
.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|(?:[A-Za-z0-9\\-._~!$&'()*+,;=]|%[0-9A-Fa-f]{2})*)(?::[0-9]*)?(?:/(?:[A-Za-z0-9\\\
-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|/(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\
-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*)?|(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\
-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|)(?:\\?(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@/?]|%[0-9A-Fa-f]{2})*)?"
type: string
identityProvider:
type: string
createUser:
type: boolean
userExists:
type: boolean
NewFactor:
required:
- configuration
- factorType
- name
- type
type: object
properties:
id:
type: string
type:
type: string
factorType:
type: string
name:
type: string
configuration:
type: string
NewForm:
required:
- content
- template
type: object
properties:
enabled:
type: boolean
template:
type: string
enum:
- LOGIN
- REGISTRATION
- REGISTRATION_CONFIRMATION
- REGISTRATION_VERIFY
- FORGOT_PASSWORD
- RESET_PASSWORD
- OAUTH2_USER_CONSENT
- MFA_ENROLL
- MFA_CHALLENGE
- MFA_CHALLENGE_ALTERNATIVES
- MFA_RECOVERY_CODE
- BLOCKED_ACCOUNT
- COMPLETE_PROFILE
- WEBAUTHN_REGISTER
- WEBAUTHN_REGISTER_SUCCESS
- WEBAUTHN_LOGIN
- IDENTIFIER_FIRST_LOGIN
- ERROR
- CERTIFICATE_EXPIRATION
- VERIFY_ATTEMPT
content:
type: string
assets:
type: string
NewGroup:
required:
- name
type: object
properties:
name:
type: string
description:
type: string
members:
type: array
items:
type: string
NewIdentityProvider:
required:
- configuration
- name
- type
type: object
properties:
id:
type: string
type:
type: string
name:
type: string
configuration:
type: string
domainWhitelist:
type: array
items:
type: string
external:
type: boolean
NewMembership:
required:
- memberId
- memberType
- role
type: object
properties:
memberId:
type: string
memberType:
type: string
enum:
- USER
- GROUP
role:
type: string
NewOrganizationUser:
required:
- username
type: object
properties:
username:
type: string
password:
type: string
firstName:
type: string
lastName:
type: string
externalId:
type: string
accountNonExpired:
type: boolean
accountNonLocked:
type: boolean
credentialsNonExpired:
type: boolean
enabled:
type: boolean
internal:
type: boolean
preRegistration:
type: boolean
registrationCompleted:
type: boolean
domain:
type: string
source:
type: string
client:
type: string
loginsCount:
type: integer
format: int64
loggedAt:
type: string
format: date-time
preferredLanguage:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
forceResetPassword:
type: boolean
lastPasswordReset:
type: string
format: date-time
email:
type: string
serviceAccount:
type: boolean
NewPasswordPolicy:
required:
- name
type: object
properties:
name:
type: string
minLength:
type: integer
format: int32
maxLength:
type: integer
format: int32
includeNumbers:
type: boolean
includeSpecialCharacters:
type: boolean
lettersInMixedCase:
type: boolean
maxConsecutiveLetters:
type: integer
format: int32
excludePasswordsInDictionary:
type: boolean
excludeUserProfileInfoInPassword:
type: boolean
expiryDuration:
type: integer
format: int32
passwordHistoryEnabled:
type: boolean
oldPasswords:
type: integer
format: int32
NewReporter:
required:
- configuration
- name
- type
type: object
properties:
id:
type: string
enabled:
type: boolean
type:
type: string
name:
type: string
configuration:
type: string
inherited:
type: boolean
NewRole:
required:
- name
type: object
properties:
name:
type: string
assignableType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
description:
type: string
NewScope:
required:
- description
- key
- name
type: object
properties:
key:
type: string
name:
type: string
description:
type: string
iconUri:
type: string
expiresIn:
type: integer
format: int32
discovery:
type: boolean
parameterized:
type: boolean
NewServiceResource:
required:
- configuration
- name
- type
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
configuration:
type: string
NewTag:
required:
- name
type: object
properties:
name:
type: string
description:
type: string
NewTheme:
type: object
properties:
logoUrl:
type: string
logoWidth:
type: integer
format: int32
faviconUrl:
type: string
primaryButtonColorHex:
type: string
secondaryButtonColorHex:
type: string
primaryTextColorHex:
type: string
secondaryTextColorHex:
type: string
css:
type: string
NewUser:
required:
- username
type: object
properties:
username:
type: string
password:
type: string
firstName:
type: string
lastName:
type: string
externalId:
type: string
accountNonExpired:
type: boolean
accountNonLocked:
type: boolean
credentialsNonExpired:
type: boolean
enabled:
type: boolean
internal:
type: boolean
preRegistration:
type: boolean
registrationCompleted:
type: boolean
domain:
type: string
source:
type: string
client:
type: string
loginsCount:
type: integer
format: int64
loggedAt:
type: string
format: date-time
preferredLanguage:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
forceResetPassword:
type: boolean
lastPasswordReset:
type: string
format: date-time
email:
type: string
NotifierPlugin:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
version:
type: string
deployed:
type: boolean
feature:
type: string
displayName:
type: string
icon:
type: string
OIDCSettings:
type: object
properties:
clientRegistrationSettings:
$ref: "#/components/schemas/ClientRegistrationSettings"
securityProfileSettings:
$ref: "#/components/schemas/SecurityProfileSettings"
redirectUriStrictMatching:
type: boolean
postLogoutRedirectUris:
type: array
items:
type: string
requestUris:
type: array
items:
type: string
cibaSettings:
$ref: "#/components/schemas/CIBASettings"
OrganizationUserBulkRequest:
required:
- action
- items
type: object
properties:
action:
type: string
enum:
- CREATE
- UPDATE
- DELETE
failOnErrors:
type: integer
format: int32
items:
type: array
items:
$ref: "#/components/schemas/BaseJsonNode"
discriminator:
propertyName: action
mapping:
CREATE: "#/components/schemas/BulkCreateOrganizationUser"
UPDATE: "#/components/schemas/BulkUpdateUser"
DELETE: "#/components/schemas/BulkDeleteUser"
oneOf:
- $ref: "#/components/schemas/BulkCreateOrganizationUser"
- $ref: "#/components/schemas/BulkUpdateUser"
- $ref: "#/components/schemas/BulkDeleteUser"
Page:
type: object
properties:
data:
type: array
items:
type: object
currentPage:
type: integer
format: int32
totalCount:
type: integer
format: int64
PasswordEvaluationRequest:
type: object
properties:
password:
type: string
userId:
type: string
PasswordPolicy:
type: object
properties:
id:
type: string
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
name:
type: string
minLength:
type: integer
format: int32
maxLength:
type: integer
format: int32
includeNumbers:
type: boolean
includeSpecialCharacters:
type: boolean
lettersInMixedCase:
type: boolean
maxConsecutiveLetters:
type: integer
format: int32
excludePasswordsInDictionary:
type: boolean
excludeUserProfileInfoInPassword:
type: boolean
expiryDuration:
type: integer
format: int32
passwordHistoryEnabled:
type: boolean
oldPasswords:
type: integer
format: int32
regex:
type: string
defaultPolicy:
type: boolean
PasswordPolicyEntity:
type: object
properties:
id:
type: string
name:
type: string
isDefault:
type: boolean
idpsNames:
type: array
items:
type: string
PasswordSettings:
type: object
properties:
inherited:
type: boolean
minLength:
type: integer
format: int32
maxLength:
type: integer
format: int32
includeNumbers:
type: boolean
includeSpecialCharacters:
type: boolean
lettersInMixedCase:
type: boolean
maxConsecutiveLetters:
type: integer
format: int32
excludePasswordsInDictionary:
type: boolean
excludeUserProfileInfoInPassword:
type: boolean
expiryDuration:
type: integer
format: int32
passwordHistoryEnabled:
type: boolean
oldPasswords:
type: integer
format: int32
PasswordValue:
required:
- password
type: object
properties:
password:
type: string
PatchAlertNotifier:
type: object
properties:
name:
type: string
enabled:
type: boolean
configuration:
type: string
PatchAlertTrigger:
required:
- type
type: object
properties:
enabled:
type: boolean
alertNotifiers:
type: array
items:
type: string
type:
type: string
enum:
- TOO_MANY_LOGIN_FAILURES
- RISK_ASSESSMENT
PatchApplication:
type: object
properties:
name:
type: string
description:
type: string
enabled:
type: boolean
template:
type: boolean
identityProviders:
uniqueItems: true
type: array
items:
$ref: "#/components/schemas/PatchApplicationIdentityProvider"
factors:
uniqueItems: true
type: array
items:
type: string
certificate:
type: string
metadata:
type: object
additionalProperties:
type: object
settings:
$ref: "#/components/schemas/PatchApplicationSettings"
requiredPermissions:
uniqueItems: true
type: array
items:
type: string
enum:
- ORGANIZATION
- ORGANIZATION_SETTINGS
- ORGANIZATION_IDENTITY_PROVIDER
- ORGANIZATION_AUDIT
- ORGANIZATION_REPORTER
- ORGANIZATION_SCOPE
- ORGANIZATION_USER
- ORGANIZATION_GROUP
- ORGANIZATION_ROLE
- ORGANIZATION_TAG
- ORGANIZATION_ENTRYPOINT
- ORGANIZATION_FORM
- ORGANIZATION_MEMBER
- ENVIRONMENT
- DOMAIN
- DOMAIN_SETTINGS
- DOMAIN_FORM
- DOMAIN_EMAIL_TEMPLATE
- DOMAIN_EXTENSION_POINT
- DOMAIN_IDENTITY_PROVIDER
- DOMAIN_AUDIT
- DOMAIN_CERTIFICATE
- DOMAIN_USER
- DOMAIN_USER_DEVICE
- DOMAIN_GROUP
- DOMAIN_ROLE
- DOMAIN_SCIM
- DOMAIN_SCOPE
- DOMAIN_EXTENSION_GRANT
- DOMAIN_OPENID
- DOMAIN_SAML
- DOMAIN_UMA
- DOMAIN_UMA_SCOPE
- DOMAIN_REPORTER
- DOMAIN_MEMBER
- DOMAIN_ANALYTICS
- DOMAIN_FACTOR
- DOMAIN_RESOURCE
- DOMAIN_FLOW
- DOMAIN_ALERT
- DOMAIN_ALERT_NOTIFIER
- DOMAIN_BOT_DETECTION
- DOMAIN_DEVICE_IDENTIFIER
- DOMAIN_AUTHDEVICE_NOTIFIER
- DOMAIN_I18N_DICTIONARY
- DOMAIN_THEME
- APPLICATION
- APPLICATION_SETTINGS
- APPLICATION_IDENTITY_PROVIDER
- APPLICATION_FORM
- APPLICATION_EMAIL_TEMPLATE
- APPLICATION_OPENID
- APPLICATION_SAML
- APPLICATION_CERTIFICATE
- APPLICATION_MEMBER
- APPLICATION_FACTOR
- APPLICATION_RESOURCE
- APPLICATION_ANALYTICS
- APPLICATION_FLOW
- LICENSE_NOTIFICATION
- INSTALLATION
PatchApplicationAdvancedSettings:
type: object
properties:
skipConsent:
type: boolean
flowsInherited:
type: boolean
PatchApplicationFactorSettings:
type: object
properties:
id:
type: string
selectionRule:
type: string
PatchApplicationIdentityProvider:
type: object
properties:
identity:
type: string
selectionRule:
type: string
priority:
type: integer
format: int32
PatchApplicationOAuthSettings:
type: object
properties:
redirectUris:
type: array
items:
type: string
responseTypes:
type: array
items:
type: string
grantTypes:
type: array
items:
type: string
applicationType:
type: string
contacts:
type: array
items:
type: string
clientName:
type: string
logoUri:
type: string
clientUri:
type: string
policyUri:
type: string
tosUri:
type: string
jwksUri:
type: string
jwks:
$ref: "#/components/schemas/JWKSet"
sectorIdentifierUri:
type: string
subjectType:
type: string
idTokenSignedResponseAlg:
type: string
idTokenEncryptedResponseAlg:
type: string
idTokenEncryptedResponseEnc:
type: string
userinfoSignedResponseAlg:
type: string
userinfoEncryptedResponseAlg:
type: string
userinfoEncryptedResponseEnc:
type: string
requestObjectSigningAlg:
type: string
requestObjectEncryptionAlg:
type: string
requestObjectEncryptionEnc:
type: string
tokenEndpointAuthMethod:
type: string
tokenEndpointAuthSigningAlg:
type: string
defaultMaxAge:
type: integer
format: int32
requireAuthTime:
type: boolean
defaultACRvalues:
type: array
items:
type: string
initiateLoginUri:
type: string
requestUris:
type: array
items:
type: string
softwareId:
type: string
softwareVersion:
type: string
softwareStatement:
type: string
registrationAccessToken:
type: string
registrationClientUri:
type: string
clientIdIssuedAt:
type: string
format: date-time
clientSecretExpiresAt:
type: string
format: date-time
enhanceScopesWithUserPermissions:
type: boolean
accessTokenValiditySeconds:
type: integer
format: int32
refreshTokenValiditySeconds:
type: integer
format: int32
idTokenValiditySeconds:
type: integer
format: int32
tokenCustomClaims:
type: array
items:
$ref: "#/components/schemas/TokenClaim"
tlsClientAuthSubjectDn:
type: string
tlsClientAuthSanDns:
type: string
tlsClientAuthSanUri:
type: string
tlsClientAuthSanIp:
type: string
tlsClientAuthSanEmail:
type: string
tlsClientCertificateBoundAccessTokens:
type: boolean
authorizationSignedResponseAlg:
type: string
authorizationEncryptedResponseAlg:
type: string
authorizationEncryptedResponseEnc:
type: string
forcePKCE:
type: boolean
forceS256CodeChallengeMethod:
type: boolean
postLogoutRedirectUris:
type: array
items:
type: string
singleSignOut:
type: boolean
silentReAuthentication:
type: boolean
scopeSettings:
type: array
items:
$ref: "#/components/schemas/ApplicationScopeSettings"
disableRefreshTokenRotation:
type: boolean
PatchApplicationSAMLSettings:
type: object
properties:
entityId:
type: string
attributeConsumeServiceUrl:
type: string
singleLogoutServiceUrl:
type: string
certificate:
type: string
wantResponseSigned:
type: boolean
wantAssertionsSigned:
type: boolean
responseBinding:
type: string
PatchApplicationSettings:
type: object
properties:
account:
$ref: "#/components/schemas/AccountSettings"
login:
$ref: "#/components/schemas/LoginSettings"
oauth:
$ref: "#/components/schemas/PatchApplicationOAuthSettings"
saml:
$ref: "#/components/schemas/PatchApplicationSAMLSettings"
advanced:
$ref: "#/components/schemas/PatchApplicationAdvancedSettings"
passwordSettings:
$ref: "#/components/schemas/PatchPasswordSettings"
mfa:
$ref: "#/components/schemas/PatchMFASettings"
cookieSettings:
$ref: "#/components/schemas/CookieSettings"
riskAssessment:
$ref: "#/components/schemas/RiskAssessmentSettings"
requiredPermissions:
uniqueItems: true
type: array
items:
type: string
enum:
- ORGANIZATION
- ORGANIZATION_SETTINGS
- ORGANIZATION_IDENTITY_PROVIDER
- ORGANIZATION_AUDIT
- ORGANIZATION_REPORTER
- ORGANIZATION_SCOPE
- ORGANIZATION_USER
- ORGANIZATION_GROUP
- ORGANIZATION_ROLE
- ORGANIZATION_TAG
- ORGANIZATION_ENTRYPOINT
- ORGANIZATION_FORM
- ORGANIZATION_MEMBER
- ENVIRONMENT
- DOMAIN
- DOMAIN_SETTINGS
- DOMAIN_FORM
- DOMAIN_EMAIL_TEMPLATE
- DOMAIN_EXTENSION_POINT
- DOMAIN_IDENTITY_PROVIDER
- DOMAIN_AUDIT
- DOMAIN_CERTIFICATE
- DOMAIN_USER
- DOMAIN_USER_DEVICE
- DOMAIN_GROUP
- DOMAIN_ROLE
- DOMAIN_SCIM
- DOMAIN_SCOPE
- DOMAIN_EXTENSION_GRANT
- DOMAIN_OPENID
- DOMAIN_SAML
- DOMAIN_UMA
- DOMAIN_UMA_SCOPE
- DOMAIN_REPORTER
- DOMAIN_MEMBER
- DOMAIN_ANALYTICS
- DOMAIN_FACTOR
- DOMAIN_RESOURCE
- DOMAIN_FLOW
- DOMAIN_ALERT
- DOMAIN_ALERT_NOTIFIER
- DOMAIN_BOT_DETECTION
- DOMAIN_DEVICE_IDENTIFIER
- DOMAIN_AUTHDEVICE_NOTIFIER
- DOMAIN_I18N_DICTIONARY
- DOMAIN_THEME
- APPLICATION
- APPLICATION_SETTINGS
- APPLICATION_IDENTITY_PROVIDER
- APPLICATION_FORM
- APPLICATION_EMAIL_TEMPLATE
- APPLICATION_OPENID
- APPLICATION_SAML
- APPLICATION_CERTIFICATE
- APPLICATION_MEMBER
- APPLICATION_FACTOR
- APPLICATION_RESOURCE
- APPLICATION_ANALYTICS
- APPLICATION_FLOW
- LICENSE_NOTIFICATION
- INSTALLATION
PatchApplicationType:
required:
- type
type: object
properties:
type:
type: string
enum:
- WEB
- NATIVE
- BROWSER
- SERVICE
- RESOURCE_SERVER
PatchCIBASettings:
type: object
properties:
enabled:
type: boolean
authReqExpiry:
type: integer
format: int32
tokenReqInterval:
type: integer
format: int32
bindingMessageLength:
type: integer
format: int32
deviceNotifiers:
type: array
items:
$ref: "#/components/schemas/CIBASettingNotifier"
PatchChallengeSettings:
type: object
properties:
active:
type: boolean
challengeRule:
type: string
type:
type: string
enum:
- REQUIRED
- CONDITIONAL
- RISK_BASED
PatchClientRegistrationSettings:
type: object
properties:
allowLocalhostRedirectUri:
type: boolean
allowHttpSchemeRedirectUri:
type: boolean
allowWildCardRedirectUri:
type: boolean
defaultScopes:
type: array
items:
type: string
isAllowedScopesEnabled:
type: boolean
writeOnly: true
allowedScopes:
type: array
items:
type: string
dynamicClientRegistrationEnabled:
type: boolean
writeOnly: true
openDynamicClientRegistrationEnabled:
type: boolean
writeOnly: true
clientTemplateEnabled:
type: boolean
writeOnly: true
PatchDomain:
type: object
properties:
name:
type: string
description:
type: string
enabled:
type: boolean
alertEnabled:
type: boolean
path:
type: string
vhostMode:
type: boolean
vhosts:
type: array
items:
$ref: "#/components/schemas/VirtualHost"
oidc:
$ref: "#/components/schemas/PatchOIDCSettings"
uma:
$ref: "#/components/schemas/UMASettings"
scim:
$ref: "#/components/schemas/SCIMSettings"
loginSettings:
$ref: "#/components/schemas/LoginSettings"
webAuthnSettings:
$ref: "#/components/schemas/WebAuthnSettings"
accountSettings:
$ref: "#/components/schemas/AccountSettings"
passwordSettings:
$ref: "#/components/schemas/PatchPasswordSettings"
selfServiceAccountManagementSettings:
$ref: "#/components/schemas/SelfServiceAccountManagementSettings"
tags:
uniqueItems: true
type: array
items:
type: string
master:
type: boolean
saml:
$ref: "#/components/schemas/PatchSAMLSettings"
corsSettings:
$ref: "#/components/schemas/CorsSettings"
dataPlaneId:
type: string
requiredPermissions:
uniqueItems: true
type: array
items:
type: string
enum:
- ORGANIZATION
- ORGANIZATION_SETTINGS
- ORGANIZATION_IDENTITY_PROVIDER
- ORGANIZATION_AUDIT
- ORGANIZATION_REPORTER
- ORGANIZATION_SCOPE
- ORGANIZATION_USER
- ORGANIZATION_GROUP
- ORGANIZATION_ROLE
- ORGANIZATION_TAG
- ORGANIZATION_ENTRYPOINT
- ORGANIZATION_FORM
- ORGANIZATION_MEMBER
- ENVIRONMENT
- DOMAIN
- DOMAIN_SETTINGS
- DOMAIN_FORM
- DOMAIN_EMAIL_TEMPLATE
- DOMAIN_EXTENSION_POINT
- DOMAIN_IDENTITY_PROVIDER
- DOMAIN_AUDIT
- DOMAIN_CERTIFICATE
- DOMAIN_USER
- DOMAIN_USER_DEVICE
- DOMAIN_GROUP
- DOMAIN_ROLE
- DOMAIN_SCIM
- DOMAIN_SCOPE
- DOMAIN_EXTENSION_GRANT
- DOMAIN_OPENID
- DOMAIN_SAML
- DOMAIN_UMA
- DOMAIN_UMA_SCOPE
- DOMAIN_REPORTER
- DOMAIN_MEMBER
- DOMAIN_ANALYTICS
- DOMAIN_FACTOR
- DOMAIN_RESOURCE
- DOMAIN_FLOW
- DOMAIN_ALERT
- DOMAIN_ALERT_NOTIFIER
- DOMAIN_BOT_DETECTION
- DOMAIN_DEVICE_IDENTIFIER
- DOMAIN_AUTHDEVICE_NOTIFIER
- DOMAIN_I18N_DICTIONARY
- DOMAIN_THEME
- APPLICATION
- APPLICATION_SETTINGS
- APPLICATION_IDENTITY_PROVIDER
- APPLICATION_FORM
- APPLICATION_EMAIL_TEMPLATE
- APPLICATION_OPENID
- APPLICATION_SAML
- APPLICATION_CERTIFICATE
- APPLICATION_MEMBER
- APPLICATION_FACTOR
- APPLICATION_RESOURCE
- APPLICATION_ANALYTICS
- APPLICATION_FLOW
- LICENSE_NOTIFICATION
- INSTALLATION
PatchEnrollSettings:
type: object
properties:
active:
type: boolean
forceEnrollment:
type: boolean
skipTimeSeconds:
type: integer
format: int64
enrollmentRule:
type: string
enrollmentSkipActive:
type: boolean
enrollmentSkipRule:
type: string
type:
type: string
enum:
- OPTIONAL
- REQUIRED
- CONDITIONAL
PatchEnrollmentSettings:
type: object
properties:
forceEnrollment:
type: boolean
skipTimeSeconds:
type: integer
format: int64
PatchFactorSettings:
type: object
properties:
defaultFactorId:
type: string
applicationFactors:
type: array
items:
$ref: "#/components/schemas/PatchApplicationFactorSettings"
PatchMFASettings:
type: object
properties:
loginRule:
type: string
factor:
$ref: "#/components/schemas/PatchFactorSettings"
stepUpAuthenticationRule:
type: string
stepUpAuthentication:
$ref: "#/components/schemas/PatchStepUpAuthentication"
adaptiveAuthenticationRule:
type: string
rememberDevice:
$ref: "#/components/schemas/PatchRememberDeviceSettings"
enrollment:
$ref: "#/components/schemas/PatchEnrollmentSettings"
enroll:
$ref: "#/components/schemas/PatchEnrollSettings"
challenge:
$ref: "#/components/schemas/PatchChallengeSettings"
PatchOIDCSettings:
type: object
properties:
redirectUriStrictMatching:
type: boolean
postLogoutRedirectUris:
type: array
items:
type: string
requestUris:
type: array
items:
type: string
requiredPermissions:
uniqueItems: true
type: array
items:
type: string
enum:
- ORGANIZATION
- ORGANIZATION_SETTINGS
- ORGANIZATION_IDENTITY_PROVIDER
- ORGANIZATION_AUDIT
- ORGANIZATION_REPORTER
- ORGANIZATION_SCOPE
- ORGANIZATION_USER
- ORGANIZATION_GROUP
- ORGANIZATION_ROLE
- ORGANIZATION_TAG
- ORGANIZATION_ENTRYPOINT
- ORGANIZATION_FORM
- ORGANIZATION_MEMBER
- ENVIRONMENT
- DOMAIN
- DOMAIN_SETTINGS
- DOMAIN_FORM
- DOMAIN_EMAIL_TEMPLATE
- DOMAIN_EXTENSION_POINT
- DOMAIN_IDENTITY_PROVIDER
- DOMAIN_AUDIT
- DOMAIN_CERTIFICATE
- DOMAIN_USER
- DOMAIN_USER_DEVICE
- DOMAIN_GROUP
- DOMAIN_ROLE
- DOMAIN_SCIM
- DOMAIN_SCOPE
- DOMAIN_EXTENSION_GRANT
- DOMAIN_OPENID
- DOMAIN_SAML
- DOMAIN_UMA
- DOMAIN_UMA_SCOPE
- DOMAIN_REPORTER
- DOMAIN_MEMBER
- DOMAIN_ANALYTICS
- DOMAIN_FACTOR
- DOMAIN_RESOURCE
- DOMAIN_FLOW
- DOMAIN_ALERT
- DOMAIN_ALERT_NOTIFIER
- DOMAIN_BOT_DETECTION
- DOMAIN_DEVICE_IDENTIFIER
- DOMAIN_AUTHDEVICE_NOTIFIER
- DOMAIN_I18N_DICTIONARY
- DOMAIN_THEME
- APPLICATION
- APPLICATION_SETTINGS
- APPLICATION_IDENTITY_PROVIDER
- APPLICATION_FORM
- APPLICATION_EMAIL_TEMPLATE
- APPLICATION_OPENID
- APPLICATION_SAML
- APPLICATION_CERTIFICATE
- APPLICATION_MEMBER
- APPLICATION_FACTOR
- APPLICATION_RESOURCE
- APPLICATION_ANALYTICS
- APPLICATION_FLOW
- LICENSE_NOTIFICATION
- INSTALLATION
clientRegistrationSettings:
$ref: "#/components/schemas/PatchClientRegistrationSettings"
securityProfileSettings:
$ref: "#/components/schemas/PatchSecurityProfileSettings"
cibaSettings:
$ref: "#/components/schemas/PatchCIBASettings"
PatchOrganization:
type: object
properties:
identities:
type: array
writeOnly: true
items:
type: string
PatchPasswordSettings:
type: object
properties:
inherited:
type: boolean
minLength:
type: integer
format: int32
maxLength:
type: integer
format: int32
includeNumbers:
type: boolean
includeSpecialCharacters:
type: boolean
lettersInMixedCase:
type: boolean
maxConsecutiveLetters:
type: integer
format: int32
excludePasswordsInDictionary:
type: boolean
excludeUserProfileInfoInPassword:
type: boolean
expiryDuration:
type: integer
format: int32
passwordHistoryEnabled:
type: boolean
oldPasswords:
type: integer
format: int32
PatchRememberDeviceSettings:
type: object
properties:
active:
type: boolean
skipRememberDevice:
type: boolean
expirationTimeSeconds:
type: integer
format: int64
deviceIdentifierId:
type: string
PatchSAMLSettings:
type: object
properties:
enabled:
type: boolean
entityId:
type: string
certificate:
type: string
requiredPermissions:
uniqueItems: true
type: array
items:
type: string
enum:
- ORGANIZATION
- ORGANIZATION_SETTINGS
- ORGANIZATION_IDENTITY_PROVIDER
- ORGANIZATION_AUDIT
- ORGANIZATION_REPORTER
- ORGANIZATION_SCOPE
- ORGANIZATION_USER
- ORGANIZATION_GROUP
- ORGANIZATION_ROLE
- ORGANIZATION_TAG
- ORGANIZATION_ENTRYPOINT
- ORGANIZATION_FORM
- ORGANIZATION_MEMBER
- ENVIRONMENT
- DOMAIN
- DOMAIN_SETTINGS
- DOMAIN_FORM
- DOMAIN_EMAIL_TEMPLATE
- DOMAIN_EXTENSION_POINT
- DOMAIN_IDENTITY_PROVIDER
- DOMAIN_AUDIT
- DOMAIN_CERTIFICATE
- DOMAIN_USER
- DOMAIN_USER_DEVICE
- DOMAIN_GROUP
- DOMAIN_ROLE
- DOMAIN_SCIM
- DOMAIN_SCOPE
- DOMAIN_EXTENSION_GRANT
- DOMAIN_OPENID
- DOMAIN_SAML
- DOMAIN_UMA
- DOMAIN_UMA_SCOPE
- DOMAIN_REPORTER
- DOMAIN_MEMBER
- DOMAIN_ANALYTICS
- DOMAIN_FACTOR
- DOMAIN_RESOURCE
- DOMAIN_FLOW
- DOMAIN_ALERT
- DOMAIN_ALERT_NOTIFIER
- DOMAIN_BOT_DETECTION
- DOMAIN_DEVICE_IDENTIFIER
- DOMAIN_AUTHDEVICE_NOTIFIER
- DOMAIN_I18N_DICTIONARY
- DOMAIN_THEME
- APPLICATION
- APPLICATION_SETTINGS
- APPLICATION_IDENTITY_PROVIDER
- APPLICATION_FORM
- APPLICATION_EMAIL_TEMPLATE
- APPLICATION_OPENID
- APPLICATION_SAML
- APPLICATION_CERTIFICATE
- APPLICATION_MEMBER
- APPLICATION_FACTOR
- APPLICATION_RESOURCE
- APPLICATION_ANALYTICS
- APPLICATION_FLOW
- LICENSE_NOTIFICATION
- INSTALLATION
PatchScope:
type: object
properties:
name:
type: string
description:
type: string
iconUri:
type: string
expiresIn:
type: integer
format: int32
discovery:
type: boolean
parameterized:
type: boolean
PatchSecurityProfileSettings:
type: object
properties:
enablePlainFapi:
type: boolean
enableFapiBrazil:
type: boolean
PatchStepUpAuthentication:
type: object
properties:
active:
type: boolean
stepUpAuthenticationRule:
type: string
Plugin:
type: object
PreviewRequest:
required:
- template
- type
type: object
properties:
content:
type: string
theme:
$ref: "#/components/schemas/Theme"
type:
type: string
enum:
- EMAIL
- FORM
template:
type: string
PreviewResponse:
type: object
properties:
content:
type: string
type:
type: string
enum:
- EMAIL
- FORM
template:
type: string
Reference:
type: object
properties:
type:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
id:
type: string
RememberDeviceSettings:
type: object
properties:
active:
type: boolean
expirationTimeSeconds:
type: integer
format: int64
deviceIdentifierId:
type: string
skipRememberDevice:
type: boolean
Reporter:
type: object
properties:
id:
type: string
reference:
$ref: "#/components/schemas/Reference"
enabled:
type: boolean
type:
type: string
name:
type: string
system:
type: boolean
dataType:
type: string
configuration:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
inherited:
type: boolean
ResetPasswordSettings:
type: object
properties:
oldPasswordRequired:
type: boolean
tokenAge:
type: integer
format: int32
Resource:
type: object
properties:
id:
type: string
resourceScopes:
type: array
items:
type: string
description:
type: string
iconUri:
type: string
name:
type: string
type:
type: string
domain:
type: string
userId:
type: string
clientId:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
ResourceEntity:
type: object
properties:
id:
type: string
resourceScopes:
type: array
items:
type: string
description:
type: string
iconUri:
type: string
name:
type: string
type:
type: string
domain:
type: string
userId:
type: string
userDisplayName:
type: string
clientId:
type: string
policies:
type: integer
format: int64
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
ResourceListItem:
type: object
properties:
resources:
type: array
items:
$ref: "#/components/schemas/ResourceEntity"
metadata:
type: object
additionalProperties:
type: object
additionalProperties:
type: object
RiskAssessmentSettings:
type: object
properties:
enabled:
type: boolean
deviceAssessment:
$ref: "#/components/schemas/AssessmentSettings"
ipReputationAssessment:
$ref: "#/components/schemas/AssessmentSettings"
geoVelocityAssessment:
$ref: "#/components/schemas/AssessmentSettings"
Role:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
assignableType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
system:
type: boolean
defaultRole:
type: boolean
permissionAcls:
type: object
additionalProperties:
uniqueItems: true
type: array
items:
type: string
enum:
- CREATE
- READ
- LIST
- UPDATE
- DELETE
oauthScopes:
type: array
items:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
internalOnly:
type: boolean
RoleEntity:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
assignableType:
type: string
permissions:
type: array
items:
type: string
availablePermissions:
type: array
items:
type: string
system:
type: boolean
defaultRole:
type: boolean
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
RolePage:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/Role"
currentPage:
type: integer
format: int32
totalCount:
type: integer
format: int64
SAMLSettings:
type: object
properties:
enabled:
type: boolean
entityId:
type: string
certificate:
type: string
SCIMSettings:
type: object
properties:
enabled:
type: boolean
idpSelectionEnabled:
type: boolean
idpSelectionRule:
type: string
Scope:
type: object
properties:
id:
type: string
key:
type: string
name:
type: string
description:
type: string
iconUri:
type: string
domain:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
system:
type: boolean
claims:
type: array
items:
type: string
expiresIn:
type: integer
format: int32
discovery:
type: boolean
parameterized:
type: boolean
ScopeApprovalEntity:
type: object
properties:
id:
type: string
transactionId:
type: string
userId:
$ref: "#/components/schemas/UserId"
clientId:
type: string
domain:
type: string
scope:
type: string
status:
type: string
enum:
- APPROVED
- DENIED
expiresAt:
type: string
format: date-time
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
clientEntity:
$ref: "#/components/schemas/ApplicationEntity"
scopeEntity:
$ref: "#/components/schemas/ScopeEntity"
ScopeEntity:
type: object
properties:
id:
type: string
key:
type: string
name:
type: string
description:
type: string
ScopePage:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/Scope"
currentPage:
type: integer
format: int32
totalCount:
type: integer
format: int64
SecurityProfileSettings:
type: object
properties:
enablePlainFapi:
type: boolean
enableFapiBrazil:
type: boolean
SelfServiceAccountManagementSettings:
type: object
properties:
enabled:
type: boolean
resetPassword:
$ref: "#/components/schemas/ResetPasswordSettings"
ServiceResource:
type: object
properties:
id:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
name:
type: string
type:
type: string
configuration:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
SessionSettings:
type: object
properties:
persistent:
type: boolean
StatusEntity:
type: object
properties:
enabled:
type: boolean
Step:
type: object
properties:
name:
type: string
policy:
type: string
description:
type: string
configuration:
type: string
enabled:
type: boolean
condition:
type: string
StepUpAuthenticationSettings:
type: object
properties:
active:
type: boolean
stepUpAuthenticationRule:
type: string
Tag:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
organizationId:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
Theme:
type: object
properties:
id:
type: string
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
logoUrl:
type: string
logoWidth:
type: integer
format: int32
faviconUrl:
type: string
primaryButtonColorHex:
type: string
secondaryButtonColorHex:
type: string
primaryTextColorHex:
type: string
secondaryTextColorHex:
type: string
css:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
ThemeEntity:
type: object
properties:
id:
type: string
referenceId:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
logoUrl:
type: string
logoWidth:
type: integer
format: int32
faviconUrl:
type: string
primaryButtonColorHex:
type: string
secondaryButtonColorHex:
type: string
primaryTextColorHex:
type: string
secondaryTextColorHex:
type: string
css:
type: string
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
TokenClaim:
type: object
properties:
tokenType:
type: string
enum:
- ACCESS_TOKEN
- REFRESH_TOKEN
- ID_TOKEN
claimName:
type: string
claimValue:
type: string
UMASettings:
type: object
properties:
enabled:
type: boolean
UpdateAuthenticationDeviceNotifier:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
UpdateBotDetection:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
UpdateCertificate:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
UpdateDeviceIdentifier:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
UpdateEmail:
required:
- content
- expiresAfter
- from
- subject
type: object
properties:
enabled:
type: boolean
from:
type: string
fromName:
type: string
subject:
type: string
content:
type: string
expiresAfter:
minimum: 1
type: integer
format: int32
UpdateEntrypoint:
required:
- name
- tags
- url
type: object
properties:
name:
type: string
description:
type: string
url:
type: string
tags:
type: array
items:
type: string
UpdateExtensionGrant:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
grantType:
pattern: "[A-Za-z][A-Za-z0-9+\\-.]*:(?://(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:]|%[0-9A-Fa-f]{2})*@)?(?:\\\
[(?:(?:(?:(?:[0-9A-Fa-f]{1,4}:){6}|::(?:[0-9A-Fa-f]{1,4}:){5}|(?:[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,1}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){3}|(?:(?:[0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){2}|(?:(?:[0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}:|(?:(?:[0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})?::)(?:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\
.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|(?:(?:[0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})?::)|[Vv][0-9A-Fa-f]+\\\
.[A-Za-z0-9\\-._~!$&'()*+,;=:]+)\\]|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\
.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|(?:[A-Za-z0-9\\-._~!$&'()*+,;=]|%[0-9A-Fa-f]{2})*)(?::[0-9]*)?(?:/(?:[A-Za-z0-9\\\
-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|/(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\
-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*)?|(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\
-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|)(?:\\?(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@/?]|%[0-9A-Fa-f]{2})*)?"
type: string
identityProvider:
type: string
createUser:
type: boolean
userExists:
type: boolean
UpdateFactor:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
UpdateForm:
type: object
properties:
enabled:
type: boolean
content:
type: string
assets:
type: string
UpdateGroup:
required:
- name
type: object
properties:
name:
type: string
description:
type: string
members:
type: array
items:
type: string
roles:
type: array
items:
type: string
UpdateI18nDictionary:
type: object
properties:
name:
type: string
locale:
type: string
entries:
type: object
additionalProperties:
type: string
UpdateIdentityProvider:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
mappers:
type: object
additionalProperties:
type: string
roleMapper:
type: object
additionalProperties:
type: array
items:
type: string
groupMapper:
type: object
additionalProperties:
type: array
items:
type: string
domainWhitelist:
type: array
items:
type: string
passwordPolicy:
type: string
UpdatePasswordPolicy:
required:
- name
type: object
properties:
name:
type: string
minLength:
type: integer
format: int32
maxLength:
type: integer
format: int32
includeNumbers:
type: boolean
includeSpecialCharacters:
type: boolean
lettersInMixedCase:
type: boolean
maxConsecutiveLetters:
type: integer
format: int32
excludePasswordsInDictionary:
type: boolean
excludeUserProfileInfoInPassword:
type: boolean
expiryDuration:
type: integer
format: int32
passwordHistoryEnabled:
type: boolean
oldPasswords:
type: integer
format: int32
defaultPolicy:
type: boolean
UpdateReporter:
required:
- configuration
- name
- type
type: object
properties:
enabled:
type: boolean
name:
type: string
type:
type: string
configuration:
type: string
inherited:
type: boolean
UpdateRole:
required:
- name
type: object
properties:
name:
type: string
description:
type: string
permissions:
type: array
items:
type: string
oauthScopes:
type: array
items:
type: string
UpdateScope:
required:
- description
- name
type: object
properties:
name:
type: string
description:
type: string
expiresIn:
type: integer
format: int32
discovery:
type: boolean
parameterized:
type: boolean
iconUri:
type: string
UpdateServiceResource:
required:
- configuration
- name
- type
type: object
properties:
name:
type: string
type:
type: string
configuration:
type: string
UpdateTag:
required:
- name
type: object
properties:
name:
type: string
description:
type: string
UpdateUser:
type: object
properties:
email:
maxLength: 320
minLength: 0
type: string
firstName:
type: string
lastName:
type: string
displayName:
type: string
externalId:
type: string
accountNonExpired:
type: boolean
accountNonLocked:
type: boolean
credentialsNonExpired:
type: boolean
enabled:
type: boolean
preRegistration:
type: boolean
registrationCompleted:
type: boolean
source:
type: string
client:
type: string
loginsCount:
type: integer
format: int64
loggedAt:
type: string
format: date-time
preferredLanguage:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
forceResetPassword:
type: boolean
UpdateUserWithId:
type: object
properties:
email:
maxLength: 320
minLength: 0
type: string
firstName:
type: string
lastName:
type: string
displayName:
type: string
externalId:
type: string
accountNonExpired:
type: boolean
accountNonLocked:
type: boolean
credentialsNonExpired:
type: boolean
enabled:
type: boolean
preRegistration:
type: boolean
registrationCompleted:
type: boolean
source:
type: string
client:
type: string
loginsCount:
type: integer
format: int64
loggedAt:
type: string
format: date-time
preferredLanguage:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
forceResetPassword:
type: boolean
id:
type: string
User:
type: object
properties:
id:
type: string
externalId:
type: string
username:
type: string
password:
type: string
email:
type: string
displayName:
type: string
nickName:
type: string
firstName:
type: string
lastName:
type: string
title:
type: string
type:
type: string
preferredLanguage:
type: string
picture:
type: string
emails:
type: array
items:
$ref: "#/components/schemas/Attribute"
phoneNumbers:
type: array
items:
$ref: "#/components/schemas/Attribute"
ims:
type: array
items:
$ref: "#/components/schemas/Attribute"
photos:
type: array
items:
$ref: "#/components/schemas/Attribute"
entitlements:
type: array
items:
type: string
addresses:
type: array
items:
$ref: "#/components/schemas/Address"
roles:
type: array
items:
type: string
dynamicRoles:
type: array
items:
type: string
dynamicGroups:
type: array
items:
type: string
rolesPermissions:
uniqueItems: true
type: array
items:
$ref: "#/components/schemas/Role"
groups:
type: array
items:
type: string
x509Certificates:
type: array
items:
$ref: "#/components/schemas/Certificate"
accountNonExpired:
type: boolean
accountNonLocked:
type: boolean
accountLockedAt:
type: string
format: date-time
accountLockedUntil:
type: string
format: date-time
credentialsNonExpired:
type: boolean
enabled:
type: boolean
internal:
type: boolean
preRegistration:
type: boolean
registrationCompleted:
type: boolean
newsletter:
type: boolean
registrationUserUri:
type: string
registrationAccessToken:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
source:
type: string
client:
type: string
loginsCount:
type: integer
format: int64
factors:
type: array
items:
$ref: "#/components/schemas/EnrolledFactor"
identities:
type: array
items:
$ref: "#/components/schemas/UserIdentity"
lastIdentityUsed:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
loggedAt:
type: string
format: date-time
lastLoginWithCredentials:
type: string
format: date-time
lastPasswordReset:
type: string
format: date-time
lastUsernameReset:
type: string
format: date-time
lastLogoutAt:
type: string
format: date-time
mfaEnrollmentSkippedAt:
type: string
format: date-time
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
forceResetPassword:
type: boolean
serviceAccount:
type: boolean
address:
type: object
additionalProperties:
type: object
locale:
type: string
zoneInfo:
type: string
fullId:
$ref: "#/components/schemas/UserId"
middleName:
type: string
lastIdentityInformation:
type: object
additionalProperties:
type: object
identitiesAsMap:
type: object
additionalProperties:
type: object
inactive:
type: boolean
profile:
type: string
website:
type: string
birthdate:
type: string
phoneNumber:
type: string
disabled:
type: boolean
UserEntity:
type: object
properties:
id:
type: string
externalId:
type: string
username:
type: string
password:
type: string
email:
type: string
displayName:
type: string
nickName:
type: string
firstName:
type: string
lastName:
type: string
title:
type: string
type:
type: string
preferredLanguage:
type: string
picture:
type: string
emails:
type: array
items:
$ref: "#/components/schemas/Attribute"
phoneNumbers:
type: array
items:
$ref: "#/components/schemas/Attribute"
ims:
type: array
items:
$ref: "#/components/schemas/Attribute"
photos:
type: array
items:
$ref: "#/components/schemas/Attribute"
entitlements:
type: array
items:
type: string
addresses:
type: array
items:
$ref: "#/components/schemas/Address"
roles:
type: array
items:
type: string
dynamicRoles:
type: array
items:
type: string
dynamicGroups:
type: array
items:
type: string
rolesPermissions:
uniqueItems: true
type: array
items:
$ref: "#/components/schemas/Role"
groups:
type: array
items:
type: string
x509Certificates:
type: array
items:
$ref: "#/components/schemas/Certificate"
accountNonExpired:
type: boolean
accountNonLocked:
type: boolean
accountLockedAt:
type: string
format: date-time
accountLockedUntil:
type: string
format: date-time
credentialsNonExpired:
type: boolean
enabled:
type: boolean
internal:
type: boolean
preRegistration:
type: boolean
registrationCompleted:
type: boolean
newsletter:
type: boolean
registrationUserUri:
type: string
registrationAccessToken:
type: string
referenceType:
type: string
enum:
- PLATFORM
- DOMAIN
- APPLICATION
- ORGANIZATION
- ENVIRONMENT
referenceId:
type: string
source:
type: string
client:
type: string
loginsCount:
type: integer
format: int64
factors:
type: array
items:
$ref: "#/components/schemas/EnrolledFactor"
identities:
type: array
items:
$ref: "#/components/schemas/UserIdentity"
lastIdentityUsed:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
loggedAt:
type: string
format: date-time
lastLoginWithCredentials:
type: string
format: date-time
lastPasswordReset:
type: string
format: date-time
lastUsernameReset:
type: string
format: date-time
lastLogoutAt:
type: string
format: date-time
mfaEnrollmentSkippedAt:
type: string
format: date-time
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
forceResetPassword:
type: boolean
serviceAccount:
type: boolean
applicationEntity:
$ref: "#/components/schemas/ApplicationEntity"
sourceId:
type: string
address:
type: object
additionalProperties:
type: object
locale:
type: string
zoneInfo:
type: string
fullId:
$ref: "#/components/schemas/UserId"
middleName:
type: string
lastIdentityInformation:
type: object
additionalProperties:
type: object
identitiesAsMap:
type: object
additionalProperties:
type: object
inactive:
type: boolean
profile:
type: string
website:
type: string
birthdate:
type: string
phoneNumber:
type: string
disabled:
type: boolean
UserId:
type: object
properties:
id:
type: string
externalId:
type: string
source:
type: string
UserIdentity:
type: object
properties:
userId:
type: string
username:
type: string
providerId:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
linkedAt:
type: string
format: date-time
UserIdentityEntity:
type: object
properties:
userId:
type: string
username:
type: string
providerId:
type: string
additionalInformation:
type: object
additionalProperties:
type: object
linkedAt:
type: string
format: date-time
providerName:
type: string
UserNotificationContent:
type: object
properties:
id:
type: string
status:
type: string
enum:
- UNREAD
- READ
title:
type: string
message:
type: string
createdAt:
type: string
format: date-time
UserPage:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/User"
currentPage:
type: integer
format: int32
totalCount:
type: integer
format: int64
UsernameEntity:
required:
- username
type: object
properties:
username:
type: string
VirtualHost:
type: object
properties:
host:
type: string
path:
type: string
overrideEntrypoint:
type: boolean
WebAuthnSettings:
type: object
properties:
origin:
type: string
relyingPartyId:
type: string
relyingPartyName:
type: string
requireResidentKey:
type: boolean
userVerification:
type: string
enum:
- REQUIRED
- PREFERRED
- DISCOURAGED
authenticatorAttachment:
type: string
enum:
- CROSS_PLATFORM
- PLATFORM
attestationConveyancePreference:
type: string
enum:
- NONE
- INDIRECT
- DIRECT
forceRegistration:
type: boolean
certificates:
type: object
additionalProperties:
type: object
enforceAuthenticatorIntegrity:
type: boolean
enforceAuthenticatorIntegrityMaxAge:
type: integer
format: int32
securitySchemes:
gravitee-auth:
type: http
scheme: Bearer