mirror of
https://github.com/netbirdio/netbird.git
synced 2024-12-01 20:43:43 +01:00
a47c69c472
* wip: Add PrivateNetworkCheck checks interface implementation * use generic CheckAction constant * Add private network check to posture checks * Fix copy function target in posture checks * Add network check functionality to posture package * regenerate the openapi specs * Update Posture Check actions in test file * Remove unused function * Refactor network address handling in PrivateNetworkCheck * Refactor Prefixes to Ranges in private network checks * Implement private network checks in posture checks handler tests * Add test for check copy * Add gorm serializer for network range
2870 lines
86 KiB
YAML
2870 lines
86 KiB
YAML
openapi: 3.1.0
|
|
servers:
|
|
- url: https://api.netbird.io
|
|
description: Default server
|
|
info:
|
|
title: NetBird REST API
|
|
description: API to manipulate groups, rules, policies and retrieve information about peers and users
|
|
version: 0.0.1
|
|
tags:
|
|
- name: Users
|
|
description: Interact with and view information about users.
|
|
- name: Tokens
|
|
description: Interact with and view information about tokens.
|
|
- name: Peers
|
|
description: Interact with and view information about peers.
|
|
- name: Setup Keys
|
|
description: Interact with and view information about setup keys.
|
|
- name: Groups
|
|
description: Interact with and view information about groups.
|
|
- name: Rules
|
|
description: Interact with and view information about rules.
|
|
- name: Policies
|
|
description: Interact with and view information about policies.
|
|
- name: Posture Checks
|
|
description: Interact with and view information about posture checks.
|
|
- name: Routes
|
|
description: Interact with and view information about routes.
|
|
- name: DNS
|
|
description: Interact with and view information about DNS configuration.
|
|
- name: Events
|
|
description: View information about the account and network events.
|
|
- name: Accounts
|
|
description: View information about the accounts.
|
|
components:
|
|
schemas:
|
|
Account:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Account ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7l0
|
|
settings:
|
|
$ref: '#/components/schemas/AccountSettings'
|
|
required:
|
|
- id
|
|
- settings
|
|
AccountSettings:
|
|
type: object
|
|
properties:
|
|
peer_login_expiration_enabled:
|
|
description: Enables or disables peer login expiration globally. After peer's login has expired the user has to log in (authenticate). Applies only to peers that were added by a user (interactive SSO login).
|
|
type: boolean
|
|
example: true
|
|
peer_login_expiration:
|
|
description: Period of time after which peer login expires (seconds).
|
|
type: integer
|
|
example: 43200
|
|
groups_propagation_enabled:
|
|
description: Allows propagate the new user auto groups to peers that belongs to the user
|
|
type: boolean
|
|
example: true
|
|
jwt_groups_enabled:
|
|
description: Allows extract groups from JWT claim and add it to account groups.
|
|
type: boolean
|
|
example: true
|
|
jwt_groups_claim_name:
|
|
description: Name of the claim from which we extract groups names to add it to account groups.
|
|
type: string
|
|
example: "roles"
|
|
jwt_allow_groups:
|
|
description: List of groups to which users are allowed access
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: Administrators
|
|
extra:
|
|
$ref: '#/components/schemas/AccountExtraSettings'
|
|
required:
|
|
- peer_login_expiration_enabled
|
|
- peer_login_expiration
|
|
AccountExtraSettings:
|
|
type: object
|
|
properties:
|
|
peer_approval_enabled:
|
|
description: (Cloud only) Enables or disables peer approval globally. If enabled, all peers added will be in pending state until approved by an admin.
|
|
type: boolean
|
|
example: true
|
|
AccountRequest:
|
|
type: object
|
|
properties:
|
|
settings:
|
|
$ref: '#/components/schemas/AccountSettings'
|
|
required:
|
|
- settings
|
|
User:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: User ID
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
email:
|
|
description: User's email address
|
|
type: string
|
|
example: demo@netbird.io
|
|
name:
|
|
description: User's name from idp provider
|
|
type: string
|
|
example: Tom Schulz
|
|
role:
|
|
description: User's NetBird account role
|
|
type: string
|
|
example: admin
|
|
status:
|
|
description: User's status
|
|
type: string
|
|
enum: [ "active","invited","blocked" ]
|
|
example: active
|
|
last_login:
|
|
description: Last time this user performed a login to the dashboard
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
auto_groups:
|
|
description: Group IDs to auto-assign to peers registered by this user
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
is_current:
|
|
description: Is true if authenticated user is the same as this user
|
|
type: boolean
|
|
readOnly: true
|
|
example: true
|
|
is_service_user:
|
|
description: Is true if this user is a service user
|
|
type: boolean
|
|
readOnly: true
|
|
example: false
|
|
is_blocked:
|
|
description: Is true if this user is blocked. Blocked users can't use the system
|
|
type: boolean
|
|
example: false
|
|
issued:
|
|
description: How user was issued by API or Integration
|
|
type: string
|
|
example: api
|
|
required:
|
|
- id
|
|
- email
|
|
- name
|
|
- role
|
|
- auto_groups
|
|
- status
|
|
- is_blocked
|
|
UserRequest:
|
|
type: object
|
|
properties:
|
|
role:
|
|
description: User's NetBird account role
|
|
type: string
|
|
example: admin
|
|
auto_groups:
|
|
description: Group IDs to auto-assign to peers registered by this user
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
is_blocked:
|
|
description: If set to true then user is blocked and can't use the system
|
|
type: boolean
|
|
example: false
|
|
required:
|
|
- role
|
|
- auto_groups
|
|
- is_blocked
|
|
UserCreateRequest:
|
|
type: object
|
|
properties:
|
|
email:
|
|
description: User's Email to send invite to
|
|
type: string
|
|
example: demo@netbird.io
|
|
name:
|
|
description: User's full name
|
|
type: string
|
|
example: Tom Schulz
|
|
role:
|
|
description: User's NetBird account role
|
|
type: string
|
|
example: admin
|
|
auto_groups:
|
|
description: Group IDs to auto-assign to peers registered by this user
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
is_service_user:
|
|
description: Is true if this user is a service user
|
|
type: boolean
|
|
example: false
|
|
required:
|
|
- role
|
|
- auto_groups
|
|
- is_service_user
|
|
PeerMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Peer ID
|
|
type: string
|
|
example: chacbco6lnnbn6cg5s90
|
|
name:
|
|
description: Peer's hostname
|
|
type: string
|
|
example: stage-host-1
|
|
required:
|
|
- id
|
|
- name
|
|
PeerRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
example: stage-host-1
|
|
ssh_enabled:
|
|
type: boolean
|
|
example: true
|
|
login_expiration_enabled:
|
|
type: boolean
|
|
example: false
|
|
approval_required:
|
|
description: (Cloud only) Indicates whether peer needs approval
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- name
|
|
- ssh_enabled
|
|
- login_expiration_enabled
|
|
PeerBase:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerMinimum'
|
|
- type: object
|
|
properties:
|
|
ip:
|
|
description: Peer's IP address
|
|
type: string
|
|
example: 10.64.0.1
|
|
connection_ip:
|
|
description: Peer's public connection IP address
|
|
type: string
|
|
example: 35.64.0.1
|
|
connected:
|
|
description: Peer to Management connection status
|
|
type: boolean
|
|
example: true
|
|
last_seen:
|
|
description: Last time peer connected to Netbird's management service
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T10:05:26.420578Z
|
|
os:
|
|
description: Peer's operating system and version
|
|
type: string
|
|
example: Darwin 13.2.1
|
|
kernel_version:
|
|
description: Peer's operating system kernel version
|
|
type: string
|
|
example: 23.2.0
|
|
geoname_id:
|
|
description: Unique identifier from the GeoNames database for a specific geographical location.
|
|
type: integer
|
|
example: 2643743
|
|
version:
|
|
description: Peer's daemon or cli version
|
|
type: string
|
|
example: 0.14.0
|
|
groups:
|
|
description: Groups that the peer belongs to
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
ssh_enabled:
|
|
description: Indicates whether SSH server is enabled on this peer
|
|
type: boolean
|
|
example: true
|
|
user_id:
|
|
description: User ID of the user that enrolled this peer
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
hostname:
|
|
description: Hostname of the machine
|
|
type: string
|
|
example: stage-host-1
|
|
ui_version:
|
|
description: Peer's desktop UI version
|
|
type: string
|
|
example: 0.14.0
|
|
dns_label:
|
|
description: Peer's DNS label is the parsed peer name for domain resolution. It is used to form an FQDN by appending the account's domain to the peer label. e.g. peer-dns-label.netbird.cloud
|
|
type: string
|
|
example: stage-host-1.netbird.cloud
|
|
login_expiration_enabled:
|
|
description: Indicates whether peer login expiration has been enabled or not
|
|
type: boolean
|
|
example: false
|
|
login_expired:
|
|
description: Indicates whether peer's login expired or not
|
|
type: boolean
|
|
example: false
|
|
last_login:
|
|
description: Last time this peer performed log in (authentication). E.g., user authenticated.
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
approval_required:
|
|
description: (Cloud only) Indicates whether peer needs approval
|
|
type: boolean
|
|
example: true
|
|
country_code:
|
|
$ref: '#/components/schemas/CountryCode'
|
|
city_name:
|
|
$ref: '#/components/schemas/CityName'
|
|
required:
|
|
- city_name
|
|
- connected
|
|
- connection_ip
|
|
- country_code
|
|
- dns_label
|
|
- geoname_id
|
|
- groups
|
|
- hostname
|
|
- ip
|
|
- kernel_version
|
|
- last_login
|
|
- last_seen
|
|
- login_expiration_enabled
|
|
- login_expired
|
|
- os
|
|
- ssh_enabled
|
|
- user_id
|
|
- version
|
|
- ui_version
|
|
AccessiblePeer:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerMinimum'
|
|
- type: object
|
|
properties:
|
|
ip:
|
|
description: Peer's IP address
|
|
type: string
|
|
example: 10.64.0.1
|
|
dns_label:
|
|
description: Peer's DNS label is the parsed peer name for domain resolution. It is used to form an FQDN by appending the account's domain to the peer label. e.g. peer-dns-label.netbird.cloud
|
|
type: string
|
|
example: stage-host-1.netbird.cloud
|
|
user_id:
|
|
description: User ID of the user that enrolled this peer
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
required:
|
|
- ip
|
|
- dns_label
|
|
- user_id
|
|
Peer:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerBase'
|
|
- type: object
|
|
properties:
|
|
accessible_peers:
|
|
description: List of accessible peers
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AccessiblePeer'
|
|
required:
|
|
- accessible_peers
|
|
PeerBatch:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerBase'
|
|
- type: object
|
|
properties:
|
|
accessible_peers_count:
|
|
description: Number of accessible peers
|
|
type: integer
|
|
example: 5
|
|
required:
|
|
- accessible_peers_count
|
|
SetupKey:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Setup Key ID
|
|
type: string
|
|
example: 2531583362
|
|
key:
|
|
description: Setup Key value
|
|
type: string
|
|
example: A616097E-FCF0-48FA-9354-CA4A61142761
|
|
name:
|
|
description: Setup key name identifier
|
|
type: string
|
|
example: Default key
|
|
expires:
|
|
description: Setup Key expiration date
|
|
type: string
|
|
format: date-time
|
|
example: 2023-06-01T14:47:22.291057Z
|
|
type:
|
|
description: Setup key type, one-off for single time usage and reusable
|
|
type: string
|
|
example: reusable
|
|
valid:
|
|
description: Setup key validity status
|
|
type: boolean
|
|
example: true
|
|
revoked:
|
|
description: Setup key revocation status
|
|
type: boolean
|
|
example: false
|
|
used_times:
|
|
description: Usage count of setup key
|
|
type: integer
|
|
example: 2
|
|
last_used:
|
|
description: Setup key last usage date
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
state:
|
|
description: Setup key status, "valid", "overused","expired" or "revoked"
|
|
type: string
|
|
example: valid
|
|
auto_groups:
|
|
description: List of group IDs to auto-assign to peers registered with this key
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m0"
|
|
updated_at:
|
|
description: Setup key last update date
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
usage_limit:
|
|
description: A number of times this key can be used. The value of 0 indicates the unlimited usage.
|
|
type: integer
|
|
example: 0
|
|
ephemeral:
|
|
description: Indicate that the peer will be ephemeral or not
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- id
|
|
- key
|
|
- name
|
|
- expires
|
|
- type
|
|
- valid
|
|
- revoked
|
|
- used_times
|
|
- last_used
|
|
- state
|
|
- auto_groups
|
|
- updated_at
|
|
- usage_limit
|
|
- ephemeral
|
|
SetupKeyRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Setup Key name
|
|
type: string
|
|
example: Default key
|
|
type:
|
|
description: Setup key type, one-off for single time usage and reusable
|
|
type: string
|
|
example: reusable
|
|
expires_in:
|
|
description: Expiration time in seconds
|
|
type: integer
|
|
minimum: 86400
|
|
maximum: 31536000
|
|
example: 86400
|
|
revoked:
|
|
description: Setup key revocation status
|
|
type: boolean
|
|
example: false
|
|
auto_groups:
|
|
description: List of group IDs to auto-assign to peers registered with this key
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m0"
|
|
usage_limit:
|
|
description: A number of times this key can be used. The value of 0 indicates the unlimited usage.
|
|
type: integer
|
|
example: 0
|
|
ephemeral:
|
|
description: Indicate that the peer will be ephemeral or not
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- name
|
|
- type
|
|
- expires_in
|
|
- revoked
|
|
- auto_groups
|
|
- usage_limit
|
|
PersonalAccessToken:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: ID of a token
|
|
type: string
|
|
example: ch8i54g6lnn4g9hqv7n0
|
|
name:
|
|
description: Name of the token
|
|
type: string
|
|
example: My first token
|
|
expiration_date:
|
|
description: Date the token expires
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T14:38:28.977616Z
|
|
created_by:
|
|
description: User ID of the user who created the token
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
created_at:
|
|
description: Date the token was created
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-02T14:48:20.465209Z
|
|
last_used:
|
|
description: Date the token was last used
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-04T12:45:25.9723616Z
|
|
required:
|
|
- id
|
|
- name
|
|
- expiration_date
|
|
- created_by
|
|
- created_at
|
|
PersonalAccessTokenGenerated:
|
|
type: object
|
|
properties:
|
|
plain_token:
|
|
description: Plain text representation of the generated token
|
|
type: string
|
|
example: 2023-05-02T14:48:20.465209Z
|
|
personal_access_token:
|
|
$ref: '#/components/schemas/PersonalAccessToken'
|
|
required:
|
|
- plain_token
|
|
- personal_access_token
|
|
PersonalAccessTokenRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Name of the token
|
|
type: string
|
|
example: My first token
|
|
expires_in:
|
|
description: Expiration in days
|
|
type: integer
|
|
minimum: 1
|
|
maximum: 365
|
|
example: 30
|
|
required:
|
|
- name
|
|
- expires_in
|
|
GroupMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Group ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
name:
|
|
description: Group Name identifier
|
|
type: string
|
|
example: devs
|
|
peers_count:
|
|
description: Count of peers associated to the group
|
|
type: integer
|
|
example: 2
|
|
issued:
|
|
description: How group was issued by API or from JWT token
|
|
type: string
|
|
example: api
|
|
required:
|
|
- id
|
|
- name
|
|
- peers_count
|
|
GroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: Group name identifier
|
|
example: devs
|
|
peers:
|
|
type: array
|
|
description: List of peers ids
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m1"
|
|
required:
|
|
- name
|
|
Group:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMinimum'
|
|
- type: object
|
|
properties:
|
|
peers:
|
|
description: List of peers object
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PeerMinimum'
|
|
required:
|
|
- peers
|
|
RuleMinimum:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Rule name identifier
|
|
type: string
|
|
example: Default
|
|
description:
|
|
description: Rule friendly description
|
|
type: string
|
|
example: This is a default rule that allows connections between all the resources
|
|
disabled:
|
|
description: Rules status
|
|
type: boolean
|
|
example: false
|
|
flow:
|
|
description: Rule flow, currently, only "bidirect" for bi-directional traffic is accepted
|
|
type: string
|
|
example: bidirect
|
|
required:
|
|
- name
|
|
- description
|
|
- disabled
|
|
- flow
|
|
RuleRequest:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
type: array
|
|
description: List of source group IDs
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m1"
|
|
destinations:
|
|
type: array
|
|
description: List of destination group IDs
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m0"
|
|
Rule:
|
|
allOf:
|
|
- type: object
|
|
properties:
|
|
id:
|
|
description: Rule ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
required:
|
|
- id
|
|
- $ref: '#/components/schemas/RuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
description: Rule source group IDs
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
destinations:
|
|
description: Rule destination group IDs
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
required:
|
|
- sources
|
|
- destinations
|
|
PolicyRuleMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Policy rule ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
name:
|
|
description: Policy rule name identifier
|
|
type: string
|
|
example: Default
|
|
description:
|
|
description: Policy rule friendly description
|
|
type: string
|
|
example: This is a default rule that allows connections between all the resources
|
|
enabled:
|
|
description: Policy rule status
|
|
type: boolean
|
|
example: true
|
|
action:
|
|
description: Policy rule accept or drops packets
|
|
type: string
|
|
enum: ["accept","drop"]
|
|
example: "accept"
|
|
bidirectional:
|
|
description: Define if the rule is applicable in both directions, sources, and destinations.
|
|
type: boolean
|
|
example: true
|
|
protocol:
|
|
description: Policy rule type of the traffic
|
|
type: string
|
|
enum: ["all", "tcp", "udp", "icmp"]
|
|
example: "tcp"
|
|
ports:
|
|
description: Policy rule affected ports or it ranges list
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "80"
|
|
required:
|
|
- name
|
|
- enabled
|
|
- bidirectional
|
|
- protocol
|
|
- action
|
|
PolicyRuleUpdate:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyRuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
description: Policy rule source group IDs
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv797"
|
|
destinations:
|
|
description: Policy rule destination group IDs
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9h7v7m0"
|
|
required:
|
|
- sources
|
|
- destinations
|
|
PolicyRule:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyRuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
description: Policy rule source group IDs
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
destinations:
|
|
description: Policy rule destination group IDs
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
required:
|
|
- sources
|
|
- destinations
|
|
PolicyMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Policy ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
name:
|
|
description: Policy name identifier
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
description:
|
|
description: Policy friendly description
|
|
type: string
|
|
example: This is a default policy that allows connections between all the resources
|
|
enabled:
|
|
description: Policy status
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- name
|
|
- description
|
|
- enabled
|
|
PolicyUpdate:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyMinimum'
|
|
- type: object
|
|
properties:
|
|
source_posture_checks:
|
|
description: Posture checks ID's applied to policy source groups
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "chacdk86lnnboviihd70"
|
|
rules:
|
|
description: Policy rule object for policy UI editor
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PolicyRuleUpdate'
|
|
required:
|
|
- rules
|
|
Policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyMinimum'
|
|
- type: object
|
|
properties:
|
|
source_posture_checks:
|
|
description: Posture checks ID's applied to policy source groups
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "chacdk86lnnboviihd70"
|
|
rules:
|
|
description: Policy rule object for policy UI editor
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PolicyRule'
|
|
required:
|
|
- rules
|
|
- source_posture_checks
|
|
PostureCheck:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Posture check ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
name:
|
|
description: Posture check unique name identifier
|
|
type: string
|
|
example: Default
|
|
description:
|
|
description: Posture check friendly description
|
|
type: string
|
|
example: This checks if the peer is running required NetBird's version
|
|
checks:
|
|
$ref: '#/components/schemas/Checks'
|
|
required:
|
|
- id
|
|
- name
|
|
- checks
|
|
Checks:
|
|
description: List of objects that perform the actual checks
|
|
type: object
|
|
properties:
|
|
nb_version_check:
|
|
$ref: '#/components/schemas/NBVersionCheck'
|
|
os_version_check:
|
|
$ref: '#/components/schemas/OSVersionCheck'
|
|
geo_location_check:
|
|
$ref: '#/components/schemas/GeoLocationCheck'
|
|
private_network_check:
|
|
$ref: '#/components/schemas/PrivateNetworkCheck'
|
|
NBVersionCheck:
|
|
description: Posture check for the version of NetBird
|
|
type: object
|
|
$ref: '#/components/schemas/MinVersionCheck'
|
|
OSVersionCheck:
|
|
description: Posture check for the version of operating system
|
|
type: object
|
|
properties:
|
|
android:
|
|
description: Minimum version of Android
|
|
$ref: '#/components/schemas/MinVersionCheck'
|
|
darwin:
|
|
$ref: '#/components/schemas/MinVersionCheck'
|
|
ios:
|
|
description: Minimum version of iOS
|
|
$ref: '#/components/schemas/MinVersionCheck'
|
|
linux:
|
|
description: Minimum Linux kernel version
|
|
$ref: '#/components/schemas/MinKernelVersionCheck'
|
|
windows:
|
|
description: Minimum Windows kernel build version
|
|
$ref: '#/components/schemas/MinKernelVersionCheck'
|
|
example:
|
|
android:
|
|
min_version: "13"
|
|
ios:
|
|
min_version: "17.3.1"
|
|
darwin:
|
|
min_version: "14.2.1"
|
|
linux:
|
|
min_kernel_version: "5.3.3"
|
|
windows:
|
|
min_kernel_version: "10.0.1234"
|
|
MinVersionCheck:
|
|
description: Posture check for the version of operating system
|
|
type: object
|
|
properties:
|
|
min_version:
|
|
description: Minimum acceptable version
|
|
type: string
|
|
example: "14.3"
|
|
required:
|
|
- min_version
|
|
MinKernelVersionCheck:
|
|
description: Posture check with the kernel version
|
|
type: object
|
|
properties:
|
|
min_kernel_version:
|
|
description: Minimum acceptable version
|
|
type: string
|
|
example: "6.6.12"
|
|
required:
|
|
- min_kernel_version
|
|
GeoLocationCheck:
|
|
description: Posture check for geo location
|
|
type: object
|
|
properties:
|
|
locations:
|
|
description: List of geo locations to which the policy applies
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Location'
|
|
action:
|
|
description: Action to take upon policy match
|
|
type: string
|
|
enum: [ "allow", "deny" ]
|
|
example: "allow"
|
|
required:
|
|
- locations
|
|
- action
|
|
PrivateNetworkCheck:
|
|
description: Posture check for allow or deny private network
|
|
type: object
|
|
properties:
|
|
ranges:
|
|
description: List of private network ranges in CIDR notation
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ["192.168.1.0/24", "10.0.0.0/8"]
|
|
action:
|
|
description: Action to take upon policy match
|
|
type: string
|
|
enum: [ "allow", "deny" ]
|
|
example: "allow"
|
|
required:
|
|
- ranges
|
|
- action
|
|
Location:
|
|
description: Describe geographical location information
|
|
type: object
|
|
properties:
|
|
country_code:
|
|
$ref: '#/components/schemas/CountryCode'
|
|
city_name:
|
|
$ref: '#/components/schemas/CityName'
|
|
required:
|
|
- country_code
|
|
CountryCode:
|
|
description: 2-letter ISO 3166-1 alpha-2 code that represents the country
|
|
type: string
|
|
example: "DE"
|
|
CityName:
|
|
description: Commonly used English name of the city
|
|
type: string
|
|
example: "Berlin"
|
|
Country:
|
|
description: Describe country geographical location information
|
|
type: object
|
|
properties:
|
|
country_name:
|
|
description: Commonly used English name of the country
|
|
type: string
|
|
example: "Germany"
|
|
country_code:
|
|
$ref: '#/components/schemas/CountryCode'
|
|
required:
|
|
- country_name
|
|
- country_code
|
|
City:
|
|
description: Describe city geographical location information
|
|
type: object
|
|
properties:
|
|
geoname_id:
|
|
description: Integer ID of the record in GeoNames database
|
|
type: integer
|
|
example: 2950158
|
|
city_name:
|
|
description: Commonly used English name of the city
|
|
type: string
|
|
example: "Berlin"
|
|
required:
|
|
- geoname_id
|
|
- city_name
|
|
PostureCheckUpdate:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Posture check name identifier
|
|
type: string
|
|
example: Default
|
|
description:
|
|
description: Posture check friendly description
|
|
type: string
|
|
example: This checks if the peer is running required NetBird's version
|
|
checks:
|
|
$ref: '#/components/schemas/Checks'
|
|
required:
|
|
- name
|
|
- description
|
|
RouteRequest:
|
|
type: object
|
|
properties:
|
|
description:
|
|
description: Route description
|
|
type: string
|
|
example: My first route
|
|
network_id:
|
|
description: Route network identifier, to group HA routes
|
|
type: string
|
|
maxLength: 40
|
|
minLength: 1
|
|
example: Route 1
|
|
enabled:
|
|
description: Route status
|
|
type: boolean
|
|
example: true
|
|
peer:
|
|
description: Peer Identifier associated with route. This property can not be set together with `peer_groups`
|
|
type: string
|
|
example: chacbco6lnnbn6cg5s91
|
|
peer_groups:
|
|
description: Peers Group Identifier associated with route. This property can not be set together with `peer`
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: chacbco6lnnbn6cg5s91
|
|
network:
|
|
description: Network range in CIDR format
|
|
type: string
|
|
example: 10.64.0.0/24
|
|
metric:
|
|
description: Route metric number. Lowest number has higher priority
|
|
type: integer
|
|
maximum: 9999
|
|
minimum: 1
|
|
example: 9999
|
|
masquerade:
|
|
description: Indicate if peer should masquerade traffic to this route's prefix
|
|
type: boolean
|
|
example: true
|
|
groups:
|
|
description: Group IDs containing routing peers
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "chacdk86lnnboviihd70"
|
|
required:
|
|
- id
|
|
- description
|
|
- network_id
|
|
- enabled
|
|
# Only one property has to be set
|
|
#- peer
|
|
#- peer_groups
|
|
- network
|
|
- metric
|
|
- masquerade
|
|
- groups
|
|
Route:
|
|
allOf:
|
|
- type: object
|
|
properties:
|
|
id:
|
|
description: Route Id
|
|
type: string
|
|
example: chacdk86lnnboviihd7g
|
|
network_type:
|
|
description: Network type indicating if it is IPv4 or IPv6
|
|
type: string
|
|
example: IPv4
|
|
required:
|
|
- id
|
|
- network_type
|
|
- $ref: '#/components/schemas/RouteRequest'
|
|
Nameserver:
|
|
type: object
|
|
properties:
|
|
ip:
|
|
description: Nameserver IP
|
|
type: string
|
|
example: 8.8.8.8
|
|
ns_type:
|
|
description: Nameserver Type
|
|
type: string
|
|
enum: [ "udp" ]
|
|
example: udp
|
|
port:
|
|
description: Nameserver Port
|
|
type: integer
|
|
example: 53
|
|
required:
|
|
- ip
|
|
- ns_type
|
|
- port
|
|
NameserverGroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Name of nameserver group name
|
|
type: string
|
|
maxLength: 40
|
|
minLength: 1
|
|
example: Google DNS
|
|
description:
|
|
description: Description of the nameserver group
|
|
type: string
|
|
example: Google DNS servers
|
|
nameservers:
|
|
description: Nameserver list
|
|
minLength: 1
|
|
maxLength: 3
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Nameserver'
|
|
enabled:
|
|
description: Nameserver group status
|
|
type: boolean
|
|
example: true
|
|
groups:
|
|
description: Distribution group IDs that defines group of peers that will use this nameserver group
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
primary:
|
|
description: Defines if a nameserver group is primary that resolves all domains. It should be true only if domains list is empty.
|
|
type: boolean
|
|
example: true
|
|
domains:
|
|
description: Match domain list. It should be empty only if primary is true.
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
example: "example.com"
|
|
search_domains_enabled:
|
|
description: Search domain status for match domains. It should be true only if domains list is not empty.
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- name
|
|
- description
|
|
- nameservers
|
|
- enabled
|
|
- groups
|
|
- primary
|
|
- domains
|
|
- search_domains_enabled
|
|
NameserverGroup:
|
|
allOf:
|
|
- type: object
|
|
properties:
|
|
id:
|
|
description: Nameserver group ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
required:
|
|
- id
|
|
- $ref: '#/components/schemas/NameserverGroupRequest'
|
|
DNSSettings:
|
|
type: object
|
|
properties:
|
|
disabled_management_groups:
|
|
description: Groups whose DNS management is disabled
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
required:
|
|
- disabled_management_groups
|
|
Event:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Event unique identifier
|
|
type: string
|
|
example: 10
|
|
timestamp:
|
|
description: The date and time when the event occurred
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T10:04:37.473542Z
|
|
activity:
|
|
description: The activity that occurred during the event
|
|
type: string
|
|
example: Route created
|
|
activity_code:
|
|
description: The string code of the activity that occurred during the event
|
|
type: string
|
|
enum: [ "user.peer.delete", "user.join", "user.invite", "user.peer.add", "user.group.add", "user.group.delete",
|
|
"user.role.update", "user.block", "user.unblock", "user.peer.login",
|
|
"setupkey.peer.add", "setupkey.add", "setupkey.update", "setupkey.revoke", "setupkey.overuse",
|
|
"setupkey.group.delete", "setupkey.group.add",
|
|
"rule.add", "rule.delete", "rule.update",
|
|
"policy.add", "policy.delete", "policy.update",
|
|
"group.add", "group.update", "dns.setting.disabled.management.group.add", "dns.setting.disabled.management.group.delete",
|
|
"account.create", "account.setting.peer.login.expiration.update", "account.setting.peer.login.expiration.disable", "account.setting.peer.login.expiration.enable",
|
|
"route.add", "route.delete", "route.update",
|
|
"nameserver.group.add", "nameserver.group.delete", "nameserver.group.update",
|
|
"peer.ssh.disable", "peer.ssh.enable", "peer.rename", "peer.login.expiration.disable", "peer.login.expiration.enable", "peer.login.expire",
|
|
"service.user.create", "personal.access.token.create", "service.user.delete", "personal.access.token.delete" ]
|
|
example: route.add
|
|
initiator_id:
|
|
description: The ID of the initiator of the event. E.g., an ID of a user that triggered the event.
|
|
type: string
|
|
example: google-oauth2|123456789012345678901
|
|
initiator_name:
|
|
description: The name of the initiator of the event.
|
|
type: string
|
|
example: John Doe
|
|
initiator_email:
|
|
description: The e-mail address of the initiator of the event. E.g., an e-mail of a user that triggered the event.
|
|
type: string
|
|
example: demo@netbird.io
|
|
target_id:
|
|
description: The ID of the target of the event. E.g., an ID of the peer that a user removed.
|
|
type: string
|
|
example: chad9d86lnnc59g18ou0
|
|
meta:
|
|
description: The metadata of the event
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
example: { "name": "my route", "network_range": "10.64.0.0/24", "peer_id": "chacbco6lnnbn6cg5s91"}
|
|
required:
|
|
- id
|
|
- timestamp
|
|
- activity
|
|
- activity_code
|
|
- initiator_id
|
|
- initiator_name
|
|
- initiator_email
|
|
- target_id
|
|
- meta
|
|
responses:
|
|
not_found:
|
|
description: Resource not found
|
|
content: { }
|
|
validation_failed_simple:
|
|
description: Validation failed
|
|
content: { }
|
|
bad_request:
|
|
description: Bad Request
|
|
content: { }
|
|
internal_error:
|
|
description: Internal Server Error
|
|
content: { }
|
|
validation_failed:
|
|
description: Validation failed
|
|
content: { }
|
|
forbidden:
|
|
description: Forbidden
|
|
content: { }
|
|
requires_authentication:
|
|
description: Requires authentication
|
|
content: { }
|
|
securitySchemes:
|
|
BearerAuth:
|
|
type: http
|
|
scheme: bearer
|
|
bearerFormat: JWT
|
|
TokenAuth:
|
|
type: apiKey
|
|
in: header
|
|
name: Authorization
|
|
description: >-
|
|
Enter the token with the `Token` prefix, e.g. "Token nbp_F3f0d.....".
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
paths:
|
|
/api/accounts:
|
|
get:
|
|
summary: List all Accounts
|
|
description: Returns a list of accounts of a user. Always returns a list of one account.
|
|
tags: [ Accounts ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON array of accounts
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Account'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/accounts/{accountId}:
|
|
delete:
|
|
summary: Delete an Account
|
|
description: Deletes an account and all its resources. Only administrators and account owners can delete accounts.
|
|
tags: [ Accounts ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: accountId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of an account
|
|
responses:
|
|
'200':
|
|
description: Delete account status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update an Account
|
|
description: Update information about an account
|
|
tags: [ Accounts ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: accountId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of an account
|
|
requestBody:
|
|
description: update an account
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/AccountRequest'
|
|
responses:
|
|
'200':
|
|
description: An Account object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Account'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users:
|
|
get:
|
|
summary: List all Users
|
|
description: Returns a list of all users
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: query
|
|
name: service_user
|
|
schema:
|
|
type: boolean
|
|
description: Filters users and returns either regular users or service users
|
|
responses:
|
|
'200':
|
|
description: A JSON array of Users
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/User'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a User
|
|
description: Creates a new service user or sends an invite to a regular user
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: User invite information
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/UserCreateRequest'
|
|
responses:
|
|
'200':
|
|
description: A User object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}:
|
|
put:
|
|
summary: Update a User
|
|
description: Update information about a User
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
requestBody:
|
|
description: User update
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
responses:
|
|
'200':
|
|
description: A User object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a User
|
|
description: This method removes a user from accessing the system. For this leaves the IDP user intact unless the `--user-delete-from-idp` is passed to management startup.
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}/tokens:
|
|
get:
|
|
summary: List all Tokens
|
|
description: Returns a list of all tokens for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of PersonalAccessTokens
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PersonalAccessToken'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Token
|
|
description: Create a new token for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
requestBody:
|
|
description: PersonalAccessToken create parameters
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PersonalAccessTokenRequest'
|
|
responses:
|
|
'200':
|
|
description: The token in plain text
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PersonalAccessTokenGenerated'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}/tokens/{tokenId}:
|
|
get:
|
|
summary: Retrieve a Token
|
|
description: Returns a specific token for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
- in: path
|
|
name: tokenId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a token
|
|
responses:
|
|
'200':
|
|
description: A PersonalAccessTokens Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PersonalAccessToken'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Token
|
|
description: Delete a token for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
- in: path
|
|
name: tokenId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a token
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}/invite:
|
|
post:
|
|
summary: Resend user invitation
|
|
description: Resend user invitation
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
responses:
|
|
'200':
|
|
description: Invite status code
|
|
content: {}
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/peers:
|
|
get:
|
|
summary: List all Peers
|
|
description: Returns a list of all peers
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Peers
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PeerBatch'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/peers/{peerId}:
|
|
get:
|
|
summary: Retrieve a Peer
|
|
description: Get information about a peer
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: peerId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a peer
|
|
responses:
|
|
'200':
|
|
description: A Peer object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Peer'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Peer
|
|
description: Update information about a peer
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: peerId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a peer
|
|
requestBody:
|
|
description: update a peer
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PeerRequest'
|
|
responses:
|
|
'200':
|
|
description: A Peer object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Peer'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Peer
|
|
description: Delete a peer
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: peerId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a peer
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/setup-keys:
|
|
get:
|
|
summary: List all Setup Keys
|
|
description: Returns a list of all Setup Keys
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Setup keys
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Setup Key
|
|
description: Creates a setup key
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Setup Key request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKeyRequest'
|
|
responses:
|
|
'200':
|
|
description: A Setup Keys Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/setup-keys/{keyId}:
|
|
get:
|
|
summary: Retrieve a Setup Key
|
|
description: Get information about a setup key
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: keyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a setup key
|
|
responses:
|
|
'200':
|
|
description: A Setup Key object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Setup Key
|
|
description: Update information about a setup key
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: keyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a setup key
|
|
requestBody:
|
|
description: update to Setup Key
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKeyRequest'
|
|
responses:
|
|
'200':
|
|
description: A Setup Key object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/groups:
|
|
get:
|
|
summary: List all Groups
|
|
description: Returns a list of all groups
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Groups
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Group
|
|
description: Creates a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Group request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Group Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/groups/{groupId}:
|
|
get:
|
|
summary: Retrieve a Group
|
|
description: Get information about a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: groupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a group
|
|
responses:
|
|
'200':
|
|
description: A Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Group
|
|
description: Update/Replace a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: groupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a group
|
|
requestBody:
|
|
description: Update Group request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Group
|
|
description: Delete a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: groupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a group
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/rules:
|
|
get:
|
|
summary: List all Rules
|
|
description: Returns a list of all rules. This will be deprecated in favour of `/api/policies`.
|
|
tags: [ Rules ]
|
|
deprecated: true
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Rules
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Rule'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Rule
|
|
description: Creates a rule. This will be deprecated in favour of `/api/policies`.
|
|
deprecated: true
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Rule request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/RuleRequest'
|
|
responses:
|
|
'200':
|
|
description: A Rule Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Rule'
|
|
/api/rules/{ruleId}:
|
|
get:
|
|
summary: Retrieve a Rule
|
|
description: Get information about a rules. This will be deprecated in favour of `/api/policies/{policyID}`.
|
|
deprecated: true
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: ruleId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a rule
|
|
responses:
|
|
'200':
|
|
description: A Rule object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Rule'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Rule
|
|
description: Update/Replace a rule. This will be deprecated in favour of `/api/policies/{policyID}`.
|
|
deprecated: true
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: ruleId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a rule
|
|
requestBody:
|
|
description: Update Rule request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/RuleRequest'
|
|
responses:
|
|
'200':
|
|
description: A Rule object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Rule'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Rule
|
|
description: Delete a rule. This will be deprecated in favour of `/api/policies/{policyID}`.
|
|
deprecated: true
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: ruleId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a rule
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/policies:
|
|
get:
|
|
summary: List all Policies
|
|
description: Returns a list of all policies
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Policies
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Policy'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Policy
|
|
description: Creates a policy
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Policy request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyUpdate'
|
|
responses:
|
|
'200':
|
|
description: A Policy Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
/api/policies/{policyId}:
|
|
get:
|
|
summary: Retrieve a Policy
|
|
description: Get information about a Policies
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: policyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a policy
|
|
responses:
|
|
'200':
|
|
description: A Policy object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Policy
|
|
description: Update/Replace a Policy
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: policyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a policy
|
|
requestBody:
|
|
description: Update Policy request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyUpdate'
|
|
responses:
|
|
'200':
|
|
description: A Policy object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Policy
|
|
description: Delete a policy
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: policyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a policy
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/routes:
|
|
get:
|
|
summary: List all Routes
|
|
description: Returns a list of all routes
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Routes
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Route
|
|
description: Creates a Route
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Routes request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/RouteRequest'
|
|
responses:
|
|
'200':
|
|
description: A Route Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/routes/{routeId}:
|
|
get:
|
|
summary: Retrieve a Route
|
|
description: Get information about a Routes
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: routeId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a route
|
|
responses:
|
|
'200':
|
|
description: A Route object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Route
|
|
description: Update/Replace a Route
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: routeId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a route
|
|
requestBody:
|
|
description: Update Route request
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RouteRequest'
|
|
responses:
|
|
'200':
|
|
description: A Route object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Route
|
|
description: Delete a route
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: routeId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a route
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/dns/nameservers:
|
|
get:
|
|
summary: List all Nameserver Groups
|
|
description: Returns a list of all Nameserver Groups
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Nameserver Groups
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Nameserver Group
|
|
description: Creates a Nameserver Group
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Nameserver Groups request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Nameserver Groups Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/dns/nameservers/{nsgroupId}:
|
|
get:
|
|
summary: Retrieve a Nameserver Group
|
|
description: Get information about a Nameserver Groups
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: nsgroupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a Nameserver Group
|
|
responses:
|
|
'200':
|
|
description: A Nameserver Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Nameserver Group
|
|
description: Update/Replace a Nameserver Group
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: nsgroupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a Nameserver Group
|
|
requestBody:
|
|
description: Update Nameserver Group request
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Nameserver Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Nameserver Group
|
|
description: Delete a Nameserver Group
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: nsgroupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a Nameserver Group
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/dns/settings:
|
|
get:
|
|
summary: Retrieve DNS settings
|
|
description: Returns a DNS settings object
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Object of DNS Setting
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/DNSSettings'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update DNS Settings
|
|
description: Updates a DNS settings object
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: A DNS settings object
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/DNSSettings'
|
|
responses:
|
|
'200':
|
|
description: A JSON Object of DNS Setting
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DNSSettings'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/events:
|
|
get:
|
|
summary: List all Events
|
|
description: Returns a list of all events
|
|
tags: [ Events ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Events
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Event'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/posture-checks:
|
|
get:
|
|
summary: List all Posture Checks
|
|
description: Returns a list of all posture checks
|
|
tags: [ "Posture Checks" ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of posture checks
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PostureCheck'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Posture Check
|
|
description: Creates a posture check
|
|
tags: [ "Posture Checks" ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New posture check request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PostureCheckUpdate'
|
|
responses:
|
|
'200':
|
|
description: A posture check Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PostureCheck'
|
|
/api/posture-checks/{postureCheckId}:
|
|
get:
|
|
summary: Retrieve a Posture Check
|
|
description: Get information about a posture check
|
|
tags: [ "Posture Checks" ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: postureCheckId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a posture check
|
|
responses:
|
|
'200':
|
|
description: A posture check object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PostureCheck'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Posture Check
|
|
description: Update/Replace a posture check
|
|
tags: [ "Posture Checks" ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: postureCheckId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a posture check
|
|
requestBody:
|
|
description: Update Rule request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PostureCheckUpdate'
|
|
responses:
|
|
'200':
|
|
description: A posture check object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PostureCheck'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Posture Check
|
|
description: Delete a posture check
|
|
tags: [ "Posture Checks" ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: postureCheckId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a posture check
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/locations/countries:
|
|
get:
|
|
summary: List all country codes
|
|
description: Get list of all country in 2-letter ISO 3166-1 alpha-2 codes
|
|
tags: [ "Geo Locations" ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: List of country codes
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "DE"
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/locations/countries/{country}/cities:
|
|
get:
|
|
summary: List all city names by country
|
|
description: Get a list of all English city names for a given country code
|
|
tags: [ "Geo Locations" ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: country
|
|
required: true
|
|
schema:
|
|
$ref: '#/components/schemas/Country'
|
|
responses:
|
|
'200':
|
|
description: List of city names
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/City'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error" |