openapi: 3.0.3 info: title: Databunker Pro API description: | Databunker Pro is a privacy-compliant user data vault and tokenization engine that provides secure storage and management of user data with built-in privacy controls, consent management, and audit capabilities. ## Key Features - **User Management**: Create, update, and manage user profiles with privacy controls - **Consent Management**: Handle legal basis and user agreements for GDPR/DPDP compliance - **Token Management**: Secure tokenization of sensitive data like credit cards - **Audit Trail**: Complete audit logging of all data access and modifications - **Multi-tenant**: Support for multiple tenants with isolated data - **Role-based Access**: Fine-grained access control with policies and roles - **Bulk Operations**: Efficient bulk data operations with unlock mechanisms - **Connector Support**: Integration with external databases and systems ## Authentication All API calls require authentication via the `X-Bunker-Token` header. For multi-tenant setups, use the `X-Bunker-Tenant` header to specify the tenant context. ### Multi-Tenant Usage Multi-tenancy is supported when DataBunker Pro is configured to work with PostgreSQL database. When using DataBunker Pro in a multi-tenant environment: - **Single Tenant**: Omit the `X-Bunker-Tenant` header (default behavior) - **Multi-Tenant**: Include `X-Bunker-Tenant: your-tenant-name` header **Example:** ```bash # Single tenant curl -X POST http://localhost:3000/v2/UserCreate \ -H "X-Bunker-Token: your-token" \ -d '{"profile":{"login":"user1"}}' # Multi-tenant curl -X POST http://localhost:3000/v2/UserCreate \ -H "X-Bunker-Token: your-token" \ -H "X-Bunker-Tenant: acme-corp" \ -d '{"profile":{"login":"user1"}}' ``` ## Base URL The API is available at `/v2/` endpoint with all requests using POST method. version: 2.0.0 contact: name: Databunker Support url: https://databunker.com license: name: MIT url: https://opensource.org/licenses/MIT servers: - url: http://localhost:3000 description: Local development server security: - XBunkerToken: [] paths: # ======================================== # USER MANAGEMENT # ======================================== /v2/UserCreate: post: summary: Create a new user description: Creates a new user with profile information and optional group/role assignment tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [profile] properties: profile: type: object description: User profile information additionalProperties: true groupname: type: string description: Name of the group to assign the user to groupid: type: integer description: ID of the group to assign the user to rolename: type: string description: Name of the role to assign the user to roleid: type: integer description: ID of the role to assign the user to slidingtime: type: string description: Sliding time period for user data retention (e.g., '30d', '1y') finaltime: type: string description: Absolute expiration time for user data (Unix timestamp format) request_metadata: type: object description: Additional metadata for the request responses: '200': description: User created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" token: type: string description: User's unique token /v2/UserGet: post: summary: Get user information description: Retrieves user information by login, token, or other identifiers tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode request_metadata: type: object description: Additional metadata for the request responses: '200': description: User information retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" profile: type: object description: User profile information token: type: string description: User's unique token /v2/UserUpdate: post: summary: Update user profile description: Updates user profile information tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, profile] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode profile: type: object description: Updated profile information additionalProperties: true request_metadata: type: object description: Additional metadata for the request responses: '200': description: User updated successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/UserPatch: post: summary: Patch user profile using JSON Patch description: Updates user profile using JSON Patch operations (RFC 6902) tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, patch] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode patch: type: array items: type: object required: [op, path] properties: op: type: string enum: [add, remove, replace, move, copy, test] description: JSON Patch operation path: type: string description: JSON Pointer path value: description: Value for add/replace operations request_metadata: type: object description: Additional metadata for the request responses: '200': description: User patched successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/UserDelete: post: summary: Delete user description: Deletes a user and their associated data tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode request_metadata: type: object description: Additional metadata for the request responses: '200': description: User deleted successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/UserDeleteRequest: post: summary: Request user deletion description: Creates a deletion request for a user (requires approval) tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode request_metadata: type: object description: Additional metadata for the request responses: '200': description: User deletion request created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" requestuuid: type: string description: UUID of the deletion request /v2/UserUpdateRequest: post: summary: Request user update description: Creates an update request for a user (requires approval) tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, profile] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode profile: type: object description: Updated profile information additionalProperties: true request_metadata: type: object description: Additional metadata for the request responses: '200': description: User update request created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" requestuuid: type: string description: UUID of the update request /v2/UserPatchRequest: post: summary: Request user patch description: Creates a patch request for a user (requires approval) tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, patch] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode patch: type: array items: type: object required: [op, path] properties: op: type: string enum: [add, remove, replace, move, copy, test] description: JSON Patch operation path: type: string description: JSON Pointer path value: description: Value for add/replace operations request_metadata: type: object description: Additional metadata for the request responses: '200': description: User patch request created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" requestuuid: type: string description: UUID of the patch request # ======================================== # BULK OPERATIONS # ======================================== /v2/BulkListUnlock: post: summary: Create bulk list unlock description: Creates an unlock mechanism for bulk list operations tags: [Bulk Operations] requestBody: content: application/json: schema: type: object properties: request_metadata: type: object description: Additional metadata for the request responses: '200': description: Bulk list unlock created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" unlockuuid: type: string description: UUID for the unlock mechanism /v2/BulkListUsers: post: summary: List users in bulk description: Lists users using the bulk unlock mechanism tags: [Bulk Operations] requestBody: required: true content: application/json: schema: type: object required: [unlockuuid] properties: unlockuuid: type: string description: UUID from bulk list unlock offset: type: integer default: 0 description: Offset for pagination limit: type: integer default: 10 description: Limit for pagination request_metadata: type: object description: Additional metadata for the request responses: '200': description: Users listed successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: token: type: string description: User's unique token profile: type: object description: User profile information /v2/BulkListGroupUsers: post: summary: List users in group in bulk description: Lists users in a specific group using the bulk unlock mechanism tags: [Bulk Operations] requestBody: required: true content: application/json: schema: type: object required: [unlockuuid] properties: unlockuuid: type: string description: UUID from bulk list unlock groupid: type: integer description: ID of the group groupname: type: string description: Name of the group offset: type: integer default: 0 description: Offset for pagination limit: type: integer default: 10 description: Limit for pagination request_metadata: type: object description: Additional metadata for the request responses: '200': description: Group users listed successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: token: type: string description: User's unique token profile: type: object description: User profile information /v2/BulkListAuditEvents: post: summary: List audit events in bulk description: Lists audit events using the bulk unlock mechanism tags: [Bulk Operations] requestBody: required: true content: application/json: schema: type: object required: [unlockuuid] properties: unlockuuid: type: string description: UUID from bulk list unlock offset: type: integer default: 0 description: Offset for pagination limit: type: integer default: 10 description: Limit for pagination request_metadata: type: object description: Additional metadata for the request responses: '200': description: Audit events listed successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: auditeventuuid: type: string description: UUID of the audit event eventtype: type: string description: Type of the audit event timestamp: type: string description: Timestamp of the event more: type: boolean description: Whether there are more details available for this event /v2/BulkListTokens: post: summary: List tokens in bulk description: Lists tokens using the bulk unlock mechanism tags: [Bulk Operations] requestBody: required: true content: application/json: schema: type: object required: [unlockuuid, tokens] properties: unlockuuid: type: string description: UUID from bulk list unlock tokens: type: array items: type: string description: Array of token UUIDs to retrieve request_metadata: type: object description: Additional metadata for the request responses: '200': description: Tokens listed successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: tokenuuid: type: string description: UUID of the token tokenbase: type: string description: The token value record: type: string description: The original sensitive data tokentype: type: string description: Type of the token (e.g., creditcard, email) /v2/BulkDeleteTokens: post: summary: Delete tokens in bulk description: Deletes multiple tokens using the bulk unlock mechanism tags: [Bulk Operations] requestBody: required: true content: application/json: schema: type: object required: [unlockuuid, tokens] properties: unlockuuid: type: string description: UUID from bulk list unlock tokens: type: array items: type: string description: Array of token UUIDs to delete request_metadata: type: object description: Additional metadata for the request responses: '200': description: Tokens deleted successfully content: application/json: schema: type: object properties: status: type: string example: "ok" deleted: type: integer description: Number of tokens successfully deleted /v2/UserCreateBulk: post: summary: Create multiple users in bulk description: Creates multiple users with their profiles and group information tags: [User Management] requestBody: required: true content: application/json: schema: type: object required: [records] properties: records: type: array items: type: object required: [profile] properties: profile: type: object description: User profile information additionalProperties: true groupname: type: string description: Name of the group to assign the user to groupid: type: integer description: ID of the group to assign the user to rolename: type: string description: Name of the role to assign the user to roleid: type: integer description: ID of the role to assign the user to slidingtime: type: string description: Global sliding time period for all users finaltime: type: string description: Global expiration time for all users (Unix timestamp format) request_metadata: type: object description: Additional metadata for the request responses: '200': description: Users created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" created: type: array items: type: object properties: token: type: string description: User's unique token profile: type: object description: User profile information # ======================================== # APP DATA MANAGEMENT # ======================================== /v2/AppdataCreate: post: summary: Create application data for user description: Stores application-specific data for a user tags: [App Data Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, appname, appdata] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode appname: type: string description: Name of the application appdata: type: object description: Application-specific data additionalProperties: true request_metadata: type: object description: Additional metadata for the request responses: '200': description: App data created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/AppdataGet: post: summary: Get application data for user description: Retrieves application-specific data for a user tags: [App Data Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, appname] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode appname: type: string description: Name of the application request_metadata: type: object description: Additional metadata for the request responses: '200': description: App data retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" appdata: type: object description: Application-specific data /v2/AppdataUpdate: post: summary: Update application data for user description: Updates application-specific data for a user tags: [App Data Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, appname, appdata] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode appname: type: string description: Name of the application appdata: type: object description: Updated application-specific data additionalProperties: true request_metadata: type: object description: Additional metadata for the request responses: '200': description: App data updated successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/AppdataListAppNames: post: summary: List all application names description: Retrieves a list of all application names in the system tags: [App Data Management] requestBody: content: application/json: schema: type: object properties: request_metadata: type: object description: Additional metadata for the request responses: '200': description: Application names retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" apps: type: array items: type: string description: List of application names /v2/AppdataListUserAppNames: post: summary: List user application names description: Retrieves a list of application names for a specific user tags: [App Data Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode request_metadata: type: object description: Additional metadata for the request responses: '200': description: User application names retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" apps: type: array items: type: string description: List of application names for the user /v2/AppdataUpdateRequest: post: summary: Request app data update description: Creates an update request for app data (requires approval) tags: [App Data Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, appname, appdata] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode appname: type: string description: Name of the application appdata: type: object description: Updated application-specific data additionalProperties: true request_metadata: type: object description: Additional metadata for the request responses: '200': description: App data update request created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" requestuuid: type: string description: UUID of the update request # ======================================== # LEGAL BASIS & AGREEMENT MANAGEMENT # ======================================== /v2/LegalBasisCreate: post: summary: Create legal basis description: Creates a new legal basis for data processing tags: [Legal Basis Management] requestBody: required: true content: application/json: schema: type: object required: [brief] properties: brief: type: string description: Unique identifier for the legal basis status: type: string enum: [active, inactive] description: Status of the legal basis module: type: string description: Module this legal basis applies to fulldesc: type: string description: Full description of the legal basis shortdesc: type: string description: Short description of the legal basis basistype: type: string description: Type of legal basis requiredmsg: type: string description: Required message for users requiredflag: type: boolean description: Whether this legal basis is required request_metadata: type: object description: Additional metadata for the request responses: '200': description: Legal basis created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/AgreementAccept: post: summary: Accept agreement description: Records user's acceptance of a legal basis/agreement tags: [Agreement Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, brief] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode brief: type: string description: Unique identifier of the legal basis/agreement agreementmethod: type: string description: Method of agreement (e.g., 'web-form', 'checkbox', 'signature') referencecode: type: string description: External reference code or identifier starttime: type: string description: Start time of the agreement validity (ISO 8601 format) finaltime: type: string description: End time of the agreement validity (Unix timestamp format) status: type: string enum: [pending, active, expired] description: Status of the agreement lastmodifiedby: type: string description: Identifier of the person/system that last modified this agreement request_metadata: type: object description: Additional metadata for the request responses: '200': description: Agreement accepted successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/AgreementGet: post: summary: Get user agreement description: Retrieves a specific agreement for a user tags: [Agreement Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, brief] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode brief: type: string description: Unique identifier of the legal basis/agreement request_metadata: type: object description: Additional metadata for the request responses: '200': description: User agreement retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" agreement: type: object description: Agreement information /v2/AgreementListUserAgreements: post: summary: List user agreements description: Lists all agreements for a specific user tags: [Agreement Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode request_metadata: type: object description: Additional metadata for the request responses: '200': description: User agreements retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: brief: type: string description: Agreement brief identifier status: type: string description: Agreement status /v2/AgreementCancel: post: summary: Cancel agreement description: Cancels a user's agreement tags: [Agreement Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, brief] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode brief: type: string description: Unique identifier of the legal basis/agreement request_metadata: type: object description: Additional metadata for the request responses: '200': description: Agreement cancelled successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/AgreementCancelRequest: post: summary: Request agreement cancellation description: Creates a cancellation request for an agreement (requires approval) tags: [Agreement Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity, brief] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode brief: type: string description: Unique identifier of the legal basis/agreement request_metadata: type: object description: Additional metadata for the request responses: '200': description: Agreement cancellation request created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" requestuuid: type: string description: UUID of the cancellation request /v2/AgreementRevokeAll: post: summary: Revoke all agreements description: Revokes all agreements for a specific legal basis tags: [Agreement Management] requestBody: required: true content: application/json: schema: type: object required: [brief] properties: brief: type: string description: Unique identifier of the legal basis/agreement request_metadata: type: object description: Additional metadata for the request responses: '200': description: All agreements revoked successfully content: application/json: schema: type: object properties: status: type: string example: "ok" # ======================================== # TOKENIZATION MANAGEMENT # ======================================== /v2/TokenCreate: post: summary: Create token for sensitive data description: Creates a token for sensitive data like credit card numbers tags: [Tokenization Management] requestBody: required: true content: application/json: schema: type: object required: [tokentype, record] properties: tokentype: type: string enum: [creditcard, email] description: Type of token record: type: string description: The sensitive data to tokenize unique: type: boolean description: Whether to create a unique token for each request slidingtime: type: string description: Time period for token validity (e.g., '1d', '1h') finaltime: type: string description: Absolute expiration time for the token (Unix timestamp format) request_metadata: type: object description: Additional metadata for the request responses: '200': description: Token created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" tokenbase: type: string description: The created token tokenuuid: type: string description: UUID of the token /v2/TokenGet: post: summary: Get token data description: Retrieves the original data for a given token tags: [Tokenization Management] requestBody: required: true content: application/json: schema: type: object required: [token] properties: token: type: string description: The token to retrieve data for request_metadata: type: object description: Additional metadata for the request responses: '200': description: Token data retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" record: type: string description: The original sensitive data /v2/TokenCreateBulk: post: summary: Create multiple tokens in bulk description: Creates multiple tokens for sensitive data tags: [Tokenization Management] requestBody: required: true content: application/json: schema: type: object required: [records] properties: records: type: array items: type: object required: [tokentype, record] properties: tokentype: type: string enum: [creditcard, email] description: Type of token record: type: string description: The sensitive data to tokenize unique: type: boolean description: Whether to create unique tokens for each request slidingtime: type: string description: Time period for token validity finaltime: type: string description: Absolute expiration time for the tokens (Unix timestamp format) request_metadata: type: object description: Additional metadata for the request responses: '200': description: Tokens created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" created: type: array items: type: object properties: tokenbase: type: string description: The created token tokenuuid: type: string description: UUID of the token record: type: string description: The original sensitive data summary: type: object properties: created: type: integer description: Number of tokens created # ======================================== # GROUP MANAGEMENT # ======================================== /v2/GroupCreate: post: summary: Create a new group description: Creates a new group for organizing users tags: [Group Management] requestBody: required: true content: application/json: schema: type: object required: [groupname] properties: groupname: type: string description: Name of the group groupdesc: type: string description: Description of the group grouptype: type: string description: Type of the group request_metadata: type: object description: Additional metadata for the request responses: '200': description: Group created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" groupid: type: integer description: ID of the created group /v2/GroupGet: post: summary: Get group information description: Retrieves information about a specific group tags: [Group Management] requestBody: required: true content: application/json: schema: type: object properties: groupid: type: integer description: ID of the group groupname: type: string description: Name of the group request_metadata: type: object description: Additional metadata for the request responses: '200': description: Group information retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" groupname: type: string description: Name of the group groupdesc: type: string description: Description of the group grouptype: type: string description: Type of the group /v2/GroupListAllGroups: post: summary: List all groups description: Retrieves a list of all groups in the system tags: [Group Management] requestBody: content: application/json: schema: type: object properties: request_metadata: type: object description: Additional metadata for the request responses: '200': description: Groups retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: groupid: type: integer description: ID of the group groupname: type: string description: Name of the group groupdesc: type: string description: Description of the group /v2/GroupAddUser: post: summary: Add user to group description: Adds a user to a specific group with optional role assignment tags: [Group Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode groupid: type: integer description: ID of the group groupname: type: string description: Name of the group roleid: type: integer description: ID of the role to assign rolename: type: string description: Name of the role to assign request_metadata: type: object description: Additional metadata for the request responses: '200': description: User added to group successfully content: application/json: schema: type: object properties: status: type: string example: "ok" # ======================================== # ROLE & POLICY MANAGEMENT # ======================================== /v2/RoleCreate: post: summary: Create a new role description: Creates a new role for access control tags: [Role Management] requestBody: required: true content: application/json: schema: type: object required: [rolename] properties: rolename: type: string description: Name of the role roledesc: type: string description: Description of the role request_metadata: type: object description: Additional metadata for the request responses: '200': description: Role created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" roleid: type: integer description: ID of the created role /v2/PolicyCreate: post: summary: Create a new policy description: Creates a new access control policy tags: [Policy Management] requestBody: required: true content: application/json: schema: type: object required: [policyname, policy] properties: policyname: type: string description: Name of the policy policydesc: type: string description: Description of the policy policy: type: object description: Policy definition properties: Effect: type: string enum: [Allow, Deny] description: Effect of the policy Principal: type: object description: Principal specification Action: type: array items: type: string description: Actions allowed/denied Resource: type: array items: type: string description: Resources this policy applies to Condition: type: object description: Conditions for the policy request_metadata: type: object description: Additional metadata for the request responses: '200': description: Policy created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" policyid: type: integer description: ID of the created policy /v2/PolicyUpdate: post: summary: Update a policy description: Updates an existing access control policy tags: [Policy Management] requestBody: required: true content: application/json: schema: type: object required: [policyid] properties: policyid: type: integer description: ID of the policy to update policyname: type: string description: New name of the policy policydesc: type: string description: New description of the policy policy: type: object description: Updated policy definition request_metadata: type: object description: Additional metadata for the request responses: '200': description: Policy updated successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/PolicyGet: post: summary: Get policy information description: Retrieves information about a specific policy tags: [Policy Management] requestBody: required: true content: application/json: schema: type: object properties: policyid: type: integer description: ID of the policy policyname: type: string description: Name of the policy request_metadata: type: object description: Additional metadata for the request responses: '200': description: Policy information retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" policyname: type: string description: Name of the policy policydesc: type: string description: Description of the policy policy: type: object description: Policy definition /v2/PolicyListAllPolicies: post: summary: List all policies description: Retrieves a list of all policies in the system tags: [Policy Management] requestBody: content: application/json: schema: type: object properties: request_metadata: type: object description: Additional metadata for the request responses: '200': description: Policies retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: policyid: type: integer description: ID of the policy policyname: type: string description: Name of the policy policydesc: type: string description: Description of the policy /v2/RoleLinkPolicy: post: summary: Link policy to role description: Links a policy to a role for access control tags: [Role Management] requestBody: required: true content: application/json: schema: type: object properties: roleid: type: integer description: ID of the role rolename: type: string description: Name of the role policyid: type: integer description: ID of the policy policyname: type: string description: Name of the policy request_metadata: type: object description: Additional metadata for the request responses: '200': description: Policy linked to role successfully content: application/json: schema: type: object properties: status: type: string example: "ok" # ======================================== # AUTHENTICATION & ACCESS TOKENS # ======================================== /v2/XTokenCreateForUser: post: summary: Create access token for user description: Creates an access token for a specific user tags: [Authentication] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode finaltime: type: string description: Absolute expiration time for the token slidingtime: type: string description: Sliding time period for the token request_metadata: type: object description: Additional metadata for the request responses: '200': description: Access token created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" xtoken: type: string description: The created access token /v2/XTokenCreateForRole: post: summary: Create access token for role description: Creates an access token for a specific role tags: [Authentication] requestBody: required: true content: application/json: schema: type: object properties: roleid: type: integer description: ID of the role rolename: type: string description: Name of the role finaltime: type: string description: Absolute expiration time for the token (Unix timestamp format) slidingtime: type: string description: Sliding time period for the token request_metadata: type: object description: Additional metadata for the request responses: '200': description: Access token created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" xtoken: type: string description: The created access token # ======================================== # AUDIT MANAGEMENT # ======================================== /v2/AuditListUserEvents: post: summary: List user audit events description: Retrieves audit events for a specific user tags: [Audit Management] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode offset: type: integer default: 0 description: Offset for pagination limit: type: integer default: 10 description: Limit for pagination request_metadata: type: object description: Additional metadata for the request responses: '200': description: Audit events retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: auditeventuuid: type: string description: UUID of the audit event eventtype: type: string description: Type of the audit event timestamp: type: string description: Timestamp of the event /v2/AuditGetEvent: post: summary: Get specific audit event description: Retrieves detailed information about a specific audit event tags: [Audit Management] requestBody: required: true content: application/json: schema: type: object required: [auditeventuuid] properties: auditeventuuid: type: string description: UUID of the audit event request_metadata: type: object description: Additional metadata for the request responses: '200': description: Audit event retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" eventtype: type: string description: Type of the audit event timestamp: type: string description: Timestamp of the event details: type: object description: Detailed information about the event # ======================================== # TENANT MANAGEMENT # ======================================== /v2/TenantCreate: post: summary: Create a new tenant description: Creates a new tenant for multi-tenant setups tags: [Tenant Management] requestBody: required: true content: application/json: schema: type: object required: [tenantname, tenantorg] properties: tenantname: type: string description: Name of the tenant tenantorg: type: string description: Organization name email: type: string description: Email address for tenant contact request_metadata: type: object description: Additional metadata for the request responses: '200': description: Tenant created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" tenantid: type: integer description: ID of the created tenant xtoken: type: string description: Access token for the tenant /v2/TenantGet: post: summary: Get tenant information description: Retrieves information about a specific tenant tags: [Tenant Management] requestBody: required: true content: application/json: schema: type: object required: [tenantid] properties: tenantid: type: integer description: ID of the tenant request_metadata: type: object description: Additional metadata for the request responses: '200': description: Tenant information retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" tenantname: type: string description: Name of the tenant tenantorg: type: string description: Organization name /v2/TenantUpdate: post: summary: Update tenant information description: Updates information about a specific tenant tags: [Tenant Management] requestBody: required: true content: application/json: schema: type: object required: [tenantid] properties: tenantid: type: integer description: ID of the tenant tenantname: type: string description: New name of the tenant tenantorg: type: string description: New organization name email: type: string description: New email address for tenant contact request_metadata: type: object description: Additional metadata for the request responses: '200': description: Tenant updated successfully content: application/json: schema: type: object properties: status: type: string example: "ok" /v2/TenantListTenants: post: summary: List all tenants description: Retrieves a list of all tenants in the system tags: [Tenant Management] requestBody: content: application/json: schema: type: object properties: offset: type: integer default: 0 description: Offset for pagination limit: type: integer default: 10 description: Limit for pagination request_metadata: type: object description: Additional metadata for the request responses: '200': description: Tenants retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" rows: type: array items: type: object properties: tenantid: type: integer description: ID of the tenant tenantname: type: string description: Name of the tenant tenantorg: type: string description: Organization name # ======================================== # SHARED RECORDS # ======================================== /v2/SharedRecordCreate: post: summary: Create shared record description: Creates a shared record for a user with specific fields tags: [Shared Records] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode fields: type: string description: Comma-separated list of fields to share partner: type: string description: Partner reference name appname: type: string description: Application name for app-specific data finaltime: type: string description: Expiration time for the shared record (Unix timestamp format) request_metadata: type: object description: Additional metadata for the request responses: '200': description: Shared record created successfully content: application/json: schema: type: object properties: status: type: string example: "ok" recorduuid: type: string description: UUID of the shared record /v2/SharedRecordGet: post: summary: Get shared record description: Retrieves a shared record by its UUID tags: [Shared Records] requestBody: required: true content: application/json: schema: type: object required: [recorduuid] properties: recorduuid: type: string description: UUID of the shared record request_metadata: type: object description: Additional metadata for the request responses: '200': description: Shared record retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" data: type: object description: Shared record data # ======================================== # SYSTEM OPERATIONS # ======================================== /v2/SystemGenerateWrappingKey: post: summary: Generate wrapping key from Shamir's Secret Sharing keys description: Generates a wrapping key from three Shamir's Secret Sharing keys tags: [System Operations] requestBody: required: true content: application/json: schema: type: object required: [key1, key2, key3] properties: key1: type: string description: First Shamir secret sharing key key2: type: string description: Second Shamir secret sharing key key3: type: string description: Third Shamir secret sharing key request_metadata: type: object description: Additional metadata for the request responses: '200': description: Wrapping key generated successfully content: application/json: schema: type: object properties: status: type: string example: "ok" wrappingkey: type: string description: The generated wrapping key /v2/SystemGetSystemStats: post: summary: Get system statistics description: Retrieves system statistics including user counts, tenant counts, and other metrics tags: [System Operations] requestBody: content: application/json: schema: type: object properties: request_metadata: type: object description: Additional metadata for the request responses: '200': description: System statistics retrieved successfully content: application/json: schema: type: object properties: status: type: string example: "ok" stats: type: object properties: numusers: type: integer description: Total number of users in the system numtenants: type: integer description: Total number of tenants numtokens: type: integer description: Total number of tokens numsessions: type: integer description: Total number of active sessions /v2/SystemGetUserReport: post: summary: Get user report description: Generates a detailed report for a specific user tags: [System Operations] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode request_metadata: type: object description: Additional metadata for the request responses: '200': description: User report generated successfully content: application/json: schema: type: object properties: status: type: string example: "ok" report: type: object description: User report data /v2/SystemGetUserHTMLReport: post: summary: Get user HTML report description: Generates an HTML report for a specific user tags: [System Operations] requestBody: required: true content: application/json: schema: type: object required: [mode, identity] properties: mode: type: string enum: [login, token, email, phone, custom] description: Mode of user identification identity: type: string description: User identifier corresponding to the mode request_metadata: type: object description: Additional metadata for the request responses: '200': description: User HTML report generated successfully content: text/html: schema: type: string description: HTML report content components: securitySchemes: XBunkerToken: type: apiKey in: header name: X-Bunker-Token description: API token for authentication XBunkerTenant: type: apiKey in: header name: X-Bunker-Tenant description: Tenant identifier for multi-tenant setups schemas: Error: type: object properties: status: type: string example: "error" message: type: string description: Error message Success: type: object properties: status: type: string example: "ok" UserProfile: type: object properties: login: type: string description: User login identifier email: type: string format: email description: User email address phone: type: string description: User phone number name: type: string description: User's full name address: type: object properties: street: type: string city: type: string country: type: string additionalProperties: true Policy: type: object properties: Effect: type: string enum: [Allow, Deny] description: Effect of the policy Principal: type: object description: Principal specification Action: type: array items: type: string description: Actions allowed/denied Resource: type: array items: type: string description: Resources this policy applies to Condition: type: object description: Conditions for the policy AuditEvent: type: object properties: auditeventuuid: type: string description: UUID of the audit event eventtype: type: string description: Type of the audit event timestamp: type: string format: date-time description: Timestamp of the event details: type: object description: Detailed information about the event tags: - name: User Management description: Operations for creating, reading, updating, and deleting users - name: App Data Management description: Operations for managing application-specific user data - name: Legal Basis Management description: Operations for managing legal basis for data processing - name: Agreement Management description: Operations for managing user agreements and consent - name: Tokenization Management description: Operations for tokenizing sensitive data - name: Group Management description: Operations for managing user groups - name: Role Management description: Operations for managing user roles - name: Policy Management description: Operations for managing access control policies - name: Authentication description: Operations for creating access tokens - name: Bulk Operations description: Operations for bulk data processing - name: Audit Management description: Operations for accessing audit logs - name: Tenant Management description: Operations for managing multi-tenant setups - name: Shared Records description: Operations for creating and accessing shared user records - name: System Operations description: Operations for system administration and monitoring