mirror of
https://github.com/netbirdio/netbird.git
synced 2024-12-03 13:34:41 +01:00
8be6e92563
Extend the peer and peers API endpoints with accessible peers.
2413 lines
72 KiB
YAML
2413 lines
72 KiB
YAML
openapi: 3.0.1
|
|
servers:
|
|
- url: https://api.netbird.io
|
|
description: Default server
|
|
info:
|
|
title: NetBird REST API
|
|
description: API to manipulate groups, rules, policies and retrieve information about peers and users
|
|
version: 0.0.1
|
|
tags:
|
|
- name: Users
|
|
description: Interact with and view information about users.
|
|
- name: Tokens
|
|
description: Interact with and view information about tokens.
|
|
- name: Peers
|
|
description: Interact with and view information about peers.
|
|
- name: Setup Keys
|
|
description: Interact with and view information about setup keys.
|
|
- name: Groups
|
|
description: Interact with and view information about groups.
|
|
- name: Rules
|
|
description: Interact with and view information about rules.
|
|
- name: Policies
|
|
description: Interact with and view information about policies.
|
|
- name: Routes
|
|
description: Interact with and view information about routes.
|
|
- name: DNS
|
|
description: Interact with and view information about DNS configuration.
|
|
- name: Events
|
|
description: View information about the account and network events.
|
|
- name: Accounts
|
|
description: View information about the accounts.
|
|
components:
|
|
schemas:
|
|
Account:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Account ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7l0
|
|
settings:
|
|
$ref: '#/components/schemas/AccountSettings'
|
|
required:
|
|
- id
|
|
- settings
|
|
AccountSettings:
|
|
type: object
|
|
properties:
|
|
peer_login_expiration_enabled:
|
|
description: Enables or disables peer login expiration globally. After peer's login has expired the user has to log in (authenticate). Applies only to peers that were added by a user (interactive SSO login).
|
|
type: boolean
|
|
example: true
|
|
peer_login_expiration:
|
|
description: Period of time after which peer login expires (seconds).
|
|
type: integer
|
|
example: 43200
|
|
groups_propagation_enabled:
|
|
description: Allows propagate the new user auto groups to peers that belongs to the user
|
|
type: boolean
|
|
example: true
|
|
jwt_groups_enabled:
|
|
description: Allows extract groups from JWT claim and add it to account groups.
|
|
type: boolean
|
|
example: true
|
|
jwt_groups_claim_name:
|
|
description: Name of the claim from which we extract groups names to add it to account groups.
|
|
type: string
|
|
example: "roles"
|
|
required:
|
|
- peer_login_expiration_enabled
|
|
- peer_login_expiration
|
|
AccountRequest:
|
|
type: object
|
|
properties:
|
|
settings:
|
|
$ref: '#/components/schemas/AccountSettings'
|
|
required:
|
|
- settings
|
|
User:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: User ID
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
email:
|
|
description: User's email address
|
|
type: string
|
|
example: demo@netbird.io
|
|
name:
|
|
description: User's name from idp provider
|
|
type: string
|
|
example: Tom Schulz
|
|
role:
|
|
description: User's NetBird account role
|
|
type: string
|
|
example: admin
|
|
status:
|
|
description: User's status
|
|
type: string
|
|
enum: [ "active","invited","blocked" ]
|
|
example: active
|
|
last_login:
|
|
description: Last time this user performed a login to the dashboard
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
auto_groups:
|
|
description: Groups to auto-assign to peers registered by this user
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: devs
|
|
is_current:
|
|
description: Is true if authenticated user is the same as this user
|
|
type: boolean
|
|
readOnly: true
|
|
example: true
|
|
is_service_user:
|
|
description: Is true if this user is a service user
|
|
type: boolean
|
|
readOnly: true
|
|
example: false
|
|
is_blocked:
|
|
description: Is true if this user is blocked. Blocked users can't use the system
|
|
type: boolean
|
|
example: false
|
|
issued:
|
|
description: How user was issued by API or Integration
|
|
type: string
|
|
example: api
|
|
required:
|
|
- id
|
|
- email
|
|
- name
|
|
- role
|
|
- auto_groups
|
|
- status
|
|
- is_blocked
|
|
UserRequest:
|
|
type: object
|
|
properties:
|
|
role:
|
|
description: User's NetBird account role
|
|
type: string
|
|
example: admin
|
|
auto_groups:
|
|
description: Groups to auto-assign to peers registered by this user
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: devs
|
|
is_blocked:
|
|
description: If set to true then user is blocked and can't use the system
|
|
type: boolean
|
|
example: false
|
|
required:
|
|
- role
|
|
- auto_groups
|
|
- is_blocked
|
|
UserCreateRequest:
|
|
type: object
|
|
properties:
|
|
email:
|
|
description: User's Email to send invite to
|
|
type: string
|
|
example: demo@netbird.io
|
|
name:
|
|
description: User's full name
|
|
type: string
|
|
example: Tom Schulz
|
|
role:
|
|
description: User's NetBird account role
|
|
type: string
|
|
example: admin
|
|
auto_groups:
|
|
description: Groups to auto-assign to peers registered by this user
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: devs
|
|
is_service_user:
|
|
description: Is true if this user is a service user
|
|
type: boolean
|
|
example: false
|
|
required:
|
|
- role
|
|
- auto_groups
|
|
- is_service_user
|
|
PeerMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Peer ID
|
|
type: string
|
|
example: chacbco6lnnbn6cg5s90
|
|
name:
|
|
description: Peer's hostname
|
|
type: string
|
|
example: stage-host-1
|
|
required:
|
|
- id
|
|
- name
|
|
PeerRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
example: stage-host-1
|
|
ssh_enabled:
|
|
type: boolean
|
|
example: true
|
|
login_expiration_enabled:
|
|
type: boolean
|
|
example: false
|
|
required:
|
|
- name
|
|
- ssh_enabled
|
|
- login_expiration_enabled
|
|
PeerBase:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerMinimum'
|
|
- type: object
|
|
properties:
|
|
ip:
|
|
description: Peer's IP address
|
|
type: string
|
|
example: 10.64.0.1
|
|
connected:
|
|
description: Peer to Management connection status
|
|
type: boolean
|
|
example: true
|
|
last_seen:
|
|
description: Last time peer connected to Netbird's management service
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T10:05:26.420578Z
|
|
os:
|
|
description: Peer's operating system and version
|
|
type: string
|
|
example: Darwin 13.2.1
|
|
version:
|
|
description: Peer's daemon or cli version
|
|
type: string
|
|
example: 0.14.0
|
|
groups:
|
|
description: Groups that the peer belongs to
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
ssh_enabled:
|
|
description: Indicates whether SSH server is enabled on this peer
|
|
type: boolean
|
|
example: true
|
|
user_id:
|
|
description: User ID of the user that enrolled this peer
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
hostname:
|
|
description: Hostname of the machine
|
|
type: string
|
|
example: stage-host-1
|
|
ui_version:
|
|
description: Peer's desktop UI version
|
|
type: string
|
|
example: 0.14.0
|
|
dns_label:
|
|
description: Peer's DNS label is the parsed peer name for domain resolution. It is used to form an FQDN by appending the account's domain to the peer label. e.g. peer-dns-label.netbird.cloud
|
|
type: string
|
|
example: stage-host-1.netbird.cloud
|
|
login_expiration_enabled:
|
|
description: Indicates whether peer login expiration has been enabled or not
|
|
type: boolean
|
|
example: false
|
|
login_expired:
|
|
description: Indicates whether peer's login expired or not
|
|
type: boolean
|
|
example: false
|
|
last_login:
|
|
description: Last time this peer performed log in (authentication). E.g., user authenticated.
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
required:
|
|
- ip
|
|
- connected
|
|
- last_seen
|
|
- os
|
|
- version
|
|
- groups
|
|
- ssh_enabled
|
|
- hostname
|
|
- dns_label
|
|
- login_expiration_enabled
|
|
- login_expired
|
|
- last_login
|
|
AccessiblePeer:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerMinimum'
|
|
- type: object
|
|
properties:
|
|
ip:
|
|
description: Peer's IP address
|
|
type: string
|
|
example: 10.64.0.1
|
|
dns_label:
|
|
description: Peer's DNS label is the parsed peer name for domain resolution. It is used to form an FQDN by appending the account's domain to the peer label. e.g. peer-dns-label.netbird.cloud
|
|
type: string
|
|
example: stage-host-1.netbird.cloud
|
|
user_id:
|
|
description: User ID of the user that enrolled this peer
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
required:
|
|
- ip
|
|
- dns_label
|
|
- user_id
|
|
Peer:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerBase'
|
|
- type: object
|
|
properties:
|
|
accessible_peers:
|
|
description: List of accessible peers
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AccessiblePeer'
|
|
required:
|
|
- accessible_peers
|
|
PeerBatch:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PeerBase'
|
|
- type: object
|
|
properties:
|
|
accessible_peers_count:
|
|
description: Number of accessible peers
|
|
type: integer
|
|
example: 5
|
|
required:
|
|
- accessible_peers_count
|
|
SetupKey:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Setup Key ID
|
|
type: string
|
|
example: 2531583362
|
|
key:
|
|
description: Setup Key value
|
|
type: string
|
|
example: A616097E-FCF0-48FA-9354-CA4A61142761
|
|
name:
|
|
description: Setup key name identifier
|
|
type: string
|
|
example: Default key
|
|
expires:
|
|
description: Setup Key expiration date
|
|
type: string
|
|
format: date-time
|
|
example: 2023-06-01T14:47:22.291057Z
|
|
type:
|
|
description: Setup key type, one-off for single time usage and reusable
|
|
type: string
|
|
example: reusable
|
|
valid:
|
|
description: Setup key validity status
|
|
type: boolean
|
|
example: true
|
|
revoked:
|
|
description: Setup key revocation status
|
|
type: boolean
|
|
example: false
|
|
used_times:
|
|
description: Usage count of setup key
|
|
type: integer
|
|
example: 2
|
|
last_used:
|
|
description: Setup key last usage date
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
state:
|
|
description: Setup key status, "valid", "overused","expired" or "revoked"
|
|
type: string
|
|
example: valid
|
|
auto_groups:
|
|
description: List of group IDs to auto-assign to peers registered with this key
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "devs"
|
|
updated_at:
|
|
description: Setup key last update date
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T09:00:35.477782Z
|
|
usage_limit:
|
|
description: A number of times this key can be used. The value of 0 indicates the unlimited usage.
|
|
type: integer
|
|
example: 0
|
|
ephemeral:
|
|
description: Indicate that the peer will be ephemeral or not
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- id
|
|
- key
|
|
- name
|
|
- expires
|
|
- type
|
|
- valid
|
|
- revoked
|
|
- used_times
|
|
- last_used
|
|
- state
|
|
- auto_groups
|
|
- updated_at
|
|
- usage_limit
|
|
- ephemeral
|
|
SetupKeyRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Setup Key name
|
|
type: string
|
|
example: Default key
|
|
type:
|
|
description: Setup key type, one-off for single time usage and reusable
|
|
type: string
|
|
example: reusable
|
|
expires_in:
|
|
description: Expiration time in seconds
|
|
type: integer
|
|
minimum: 86400
|
|
maximum: 31536000
|
|
example: 86400
|
|
revoked:
|
|
description: Setup key revocation status
|
|
type: boolean
|
|
example: false
|
|
auto_groups:
|
|
description: List of group IDs to auto-assign to peers registered with this key
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "devs"
|
|
usage_limit:
|
|
description: A number of times this key can be used. The value of 0 indicates the unlimited usage.
|
|
type: integer
|
|
example: 0
|
|
ephemeral:
|
|
description: Indicate that the peer will be ephemeral or not
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- name
|
|
- type
|
|
- expires_in
|
|
- revoked
|
|
- auto_groups
|
|
- usage_limit
|
|
PersonalAccessToken:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: ID of a token
|
|
type: string
|
|
example: ch8i54g6lnn4g9hqv7n0
|
|
name:
|
|
description: Name of the token
|
|
type: string
|
|
example: My first token
|
|
expiration_date:
|
|
description: Date the token expires
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T14:38:28.977616Z
|
|
created_by:
|
|
description: User ID of the user who created the token
|
|
type: string
|
|
example: google-oauth2|277474792786460067937
|
|
created_at:
|
|
description: Date the token was created
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-02T14:48:20.465209Z
|
|
last_used:
|
|
description: Date the token was last used
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-04T12:45:25.9723616Z
|
|
required:
|
|
- id
|
|
- name
|
|
- expiration_date
|
|
- created_by
|
|
- created_at
|
|
PersonalAccessTokenGenerated:
|
|
type: object
|
|
properties:
|
|
plain_token:
|
|
description: Plain text representation of the generated token
|
|
type: string
|
|
example: 2023-05-02T14:48:20.465209Z
|
|
personal_access_token:
|
|
$ref: '#/components/schemas/PersonalAccessToken'
|
|
required:
|
|
- plain_token
|
|
- personal_access_token
|
|
PersonalAccessTokenRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Name of the token
|
|
type: string
|
|
example: My first token
|
|
expires_in:
|
|
description: Expiration in days
|
|
type: integer
|
|
minimum: 1
|
|
maximum: 365
|
|
example: 30
|
|
required:
|
|
- name
|
|
- expires_in
|
|
GroupMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Group ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
name:
|
|
description: Group Name identifier
|
|
type: string
|
|
example: devs
|
|
peers_count:
|
|
description: Count of peers associated to the group
|
|
type: integer
|
|
example: 2
|
|
issued:
|
|
description: How group was issued by API or from JWT token
|
|
type: string
|
|
example: api
|
|
required:
|
|
- id
|
|
- name
|
|
- peers_count
|
|
GroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: Group name identifier
|
|
example: devs
|
|
peers:
|
|
type: array
|
|
description: List of peers ids
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m1"
|
|
required:
|
|
- name
|
|
Group:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMinimum'
|
|
- type: object
|
|
properties:
|
|
peers:
|
|
description: List of peers object
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PeerMinimum'
|
|
required:
|
|
- peers
|
|
RuleMinimum:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Rule name identifier
|
|
type: string
|
|
example: Default
|
|
description:
|
|
description: Rule friendly description
|
|
type: string
|
|
example: This is a default rule that allows connections between all the resources
|
|
disabled:
|
|
description: Rules status
|
|
type: boolean
|
|
example: false
|
|
flow:
|
|
description: Rule flow, currently, only "bidirect" for bi-directional traffic is accepted
|
|
type: string
|
|
example: bidirect
|
|
required:
|
|
- name
|
|
- description
|
|
- disabled
|
|
- flow
|
|
RuleRequest:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
type: array
|
|
description: List of source groups
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m1"
|
|
destinations:
|
|
type: array
|
|
description: List of destination groups
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv7m0"
|
|
Rule:
|
|
allOf:
|
|
- type: object
|
|
properties:
|
|
id:
|
|
description: Rule ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
required:
|
|
- id
|
|
- $ref: '#/components/schemas/RuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
description: Rule source groups
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
destinations:
|
|
description: Rule destination groups
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
required:
|
|
- sources
|
|
- destinations
|
|
PolicyRuleMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Policy rule ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
name:
|
|
description: Policy rule name identifier
|
|
type: string
|
|
example: Default
|
|
description:
|
|
description: Policy rule friendly description
|
|
type: string
|
|
example: This is a default rule that allows connections between all the resources
|
|
enabled:
|
|
description: Policy rule status
|
|
type: boolean
|
|
example: true
|
|
action:
|
|
description: Policy rule accept or drops packets
|
|
type: string
|
|
enum: ["accept","drop"]
|
|
example: "accept"
|
|
bidirectional:
|
|
description: Define if the rule is applicable in both directions, sources, and destinations.
|
|
type: boolean
|
|
example: true
|
|
protocol:
|
|
description: Policy rule type of the traffic
|
|
type: string
|
|
enum: ["all", "tcp", "udp", "icmp"]
|
|
example: "tcp"
|
|
ports:
|
|
description: Policy rule affected ports or it ranges list
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "80"
|
|
required:
|
|
- name
|
|
- enabled
|
|
- bidirectional
|
|
- protocol
|
|
- action
|
|
PolicyRuleUpdate:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyRuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
description: Policy rule source groups
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9hqv797"
|
|
destinations:
|
|
description: Policy rule destination groups
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "ch8i4ug6lnn4g9h7v7m0"
|
|
required:
|
|
- sources
|
|
- destinations
|
|
PolicyRule:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyRuleMinimum'
|
|
- type: object
|
|
properties:
|
|
sources:
|
|
description: Policy rule source groups
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
destinations:
|
|
description: Policy rule destination groups
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMinimum'
|
|
required:
|
|
- sources
|
|
- destinations
|
|
PolicyMinimum:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Policy ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
name:
|
|
description: Policy name identifier
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7mg
|
|
description:
|
|
description: Policy friendly description
|
|
type: string
|
|
example: This is a default policy that allows connections between all the resources
|
|
enabled:
|
|
description: Policy status
|
|
type: boolean
|
|
example: true
|
|
query:
|
|
description: Policy Rego query
|
|
type: string
|
|
example: "package netbird\\n\\nall[rule] {\\n is_peer_in_any_group([\\\"ch8i4ug6lnn4g9hqv7m0\\\",\\\"ch8i4ug6lnn4g9hqv7m0\\\"])\\n rule := {\\n rules_from_group(\\\"ch8i4ug6lnn4g9hqv7m0\\\", \\\"dst\\\", \\\"accept\\\", \\\"\\\"),\\n rules_from_group(\\\"ch8i4ug6lnn4g9hqv7m0\\\", \\\"src\\\", \\\"accept\\\", \\\"\\\"),\\n }[_][_]\\n}\\n"
|
|
required:
|
|
- name
|
|
- description
|
|
- enabled
|
|
- query
|
|
PolicyUpdate:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyMinimum'
|
|
- type: object
|
|
properties:
|
|
rules:
|
|
description: Policy rule object for policy UI editor
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PolicyRuleUpdate'
|
|
required:
|
|
- rules
|
|
Policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PolicyMinimum'
|
|
- type: object
|
|
properties:
|
|
rules:
|
|
description: Policy rule object for policy UI editor
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PolicyRule'
|
|
required:
|
|
- rules
|
|
RouteRequest:
|
|
type: object
|
|
properties:
|
|
description:
|
|
description: Route description
|
|
type: string
|
|
example: My first route
|
|
network_id:
|
|
description: Route network identifier, to group HA routes
|
|
type: string
|
|
maxLength: 40
|
|
minLength: 1
|
|
example: Route 1
|
|
enabled:
|
|
description: Route status
|
|
type: boolean
|
|
example: true
|
|
peer:
|
|
description: Peer Identifier associated with route. This property can not be set together with `peer_groups`
|
|
type: string
|
|
example: chacbco6lnnbn6cg5s91
|
|
peer_groups:
|
|
description: Peers Group Identifier associated with route. This property can not be set together with `peer`
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: chacbco6lnnbn6cg5s91
|
|
network:
|
|
description: Network range in CIDR format
|
|
type: string
|
|
example: 10.64.0.0/24
|
|
metric:
|
|
description: Route metric number. Lowest number has higher priority
|
|
type: integer
|
|
maximum: 9999
|
|
minimum: 1
|
|
example: 9999
|
|
masquerade:
|
|
description: Indicate if peer should masquerade traffic to this route's prefix
|
|
type: boolean
|
|
example: true
|
|
groups:
|
|
description: Route group tag groups
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: "chacdk86lnnboviihd70"
|
|
required:
|
|
- id
|
|
- description
|
|
- network_id
|
|
- enabled
|
|
# Only one property has to be set
|
|
#- peer
|
|
#- peer_groups
|
|
- network
|
|
- metric
|
|
- masquerade
|
|
- groups
|
|
Route:
|
|
allOf:
|
|
- type: object
|
|
properties:
|
|
id:
|
|
description: Route Id
|
|
type: string
|
|
example: chacdk86lnnboviihd7g
|
|
network_type:
|
|
description: Network type indicating if it is IPv4 or IPv6
|
|
type: string
|
|
example: IPv4
|
|
required:
|
|
- id
|
|
- network_type
|
|
- $ref: '#/components/schemas/RouteRequest'
|
|
Nameserver:
|
|
type: object
|
|
properties:
|
|
ip:
|
|
description: Nameserver IP
|
|
type: string
|
|
example: 8.8.8.8
|
|
ns_type:
|
|
description: Nameserver Type
|
|
type: string
|
|
enum: [ "udp" ]
|
|
example: udp
|
|
port:
|
|
description: Nameserver Port
|
|
type: integer
|
|
example: 53
|
|
required:
|
|
- ip
|
|
- ns_type
|
|
- port
|
|
NameserverGroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
description: Nameserver group name
|
|
type: string
|
|
maxLength: 40
|
|
minLength: 1
|
|
example: Google DNS
|
|
description:
|
|
description: Nameserver group description
|
|
type: string
|
|
example: Google DNS servers
|
|
nameservers:
|
|
description: Nameserver group
|
|
minLength: 1
|
|
maxLength: 2
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Nameserver'
|
|
enabled:
|
|
description: Nameserver group status
|
|
type: boolean
|
|
example: true
|
|
groups:
|
|
description: Nameserver group tag groups
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
primary:
|
|
description: Nameserver group primary status
|
|
type: boolean
|
|
example: true
|
|
domains:
|
|
description: Nameserver group match domain list
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
example: "example.com"
|
|
search_domains_enabled:
|
|
description: Nameserver group search domain status for match domains. It should be true only if domains list is not empty.
|
|
type: boolean
|
|
example: true
|
|
required:
|
|
- name
|
|
- description
|
|
- nameservers
|
|
- enabled
|
|
- groups
|
|
- primary
|
|
- domains
|
|
- search_domains_enabled
|
|
NameserverGroup:
|
|
allOf:
|
|
- type: object
|
|
properties:
|
|
id:
|
|
description: Nameserver group ID
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
required:
|
|
- id
|
|
- $ref: '#/components/schemas/NameserverGroupRequest'
|
|
DNSSettings:
|
|
type: object
|
|
properties:
|
|
disabled_management_groups:
|
|
description: Groups whose DNS management is disabled
|
|
type: array
|
|
items:
|
|
type: string
|
|
example: ch8i4ug6lnn4g9hqv7m0
|
|
required:
|
|
- disabled_management_groups
|
|
Event:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description: Event unique identifier
|
|
type: string
|
|
example: 10
|
|
timestamp:
|
|
description: The date and time when the event occurred
|
|
type: string
|
|
format: date-time
|
|
example: 2023-05-05T10:04:37.473542Z
|
|
activity:
|
|
description: The activity that occurred during the event
|
|
type: string
|
|
example: Route created
|
|
activity_code:
|
|
description: The string code of the activity that occurred during the event
|
|
type: string
|
|
enum: [ "user.peer.delete", "user.join", "user.invite", "user.peer.add", "user.group.add", "user.group.delete",
|
|
"user.role.update", "user.block", "user.unblock", "user.peer.login",
|
|
"setupkey.peer.add", "setupkey.add", "setupkey.update", "setupkey.revoke", "setupkey.overuse",
|
|
"setupkey.group.delete", "setupkey.group.add",
|
|
"rule.add", "rule.delete", "rule.update",
|
|
"policy.add", "policy.delete", "policy.update",
|
|
"group.add", "group.update", "dns.setting.disabled.management.group.add", "dns.setting.disabled.management.group.delete",
|
|
"account.create", "account.setting.peer.login.expiration.update", "account.setting.peer.login.expiration.disable", "account.setting.peer.login.expiration.enable",
|
|
"route.add", "route.delete", "route.update",
|
|
"nameserver.group.add", "nameserver.group.delete", "nameserver.group.update",
|
|
"peer.ssh.disable", "peer.ssh.enable", "peer.rename", "peer.login.expiration.disable", "peer.login.expiration.enable", "peer.login.expire",
|
|
"service.user.create", "personal.access.token.create", "service.user.delete", "personal.access.token.delete" ]
|
|
example: route.add
|
|
initiator_id:
|
|
description: The ID of the initiator of the event. E.g., an ID of a user that triggered the event.
|
|
type: string
|
|
example: google-oauth2|123456789012345678901
|
|
initiator_name:
|
|
description: The name of the initiator of the event.
|
|
type: string
|
|
example: John Doe
|
|
initiator_email:
|
|
description: The e-mail address of the initiator of the event. E.g., an e-mail of a user that triggered the event.
|
|
type: string
|
|
example: demo@netbird.io
|
|
target_id:
|
|
description: The ID of the target of the event. E.g., an ID of the peer that a user removed.
|
|
type: string
|
|
example: chad9d86lnnc59g18ou0
|
|
meta:
|
|
description: The metadata of the event
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
example: { "name": "my route", "network_range": "10.64.0.0/24", "peer_id": "chacbco6lnnbn6cg5s91"}
|
|
required:
|
|
- id
|
|
- timestamp
|
|
- activity
|
|
- activity_code
|
|
- initiator_id
|
|
- initiator_name
|
|
- initiator_email
|
|
- target_id
|
|
- meta
|
|
responses:
|
|
not_found:
|
|
description: Resource not found
|
|
content: { }
|
|
validation_failed_simple:
|
|
description: Validation failed
|
|
content: { }
|
|
bad_request:
|
|
description: Bad Request
|
|
content: { }
|
|
internal_error:
|
|
description: Internal Server Error
|
|
content: { }
|
|
validation_failed:
|
|
description: Validation failed
|
|
content: { }
|
|
forbidden:
|
|
description: Forbidden
|
|
content: { }
|
|
requires_authentication:
|
|
description: Requires authentication
|
|
content: { }
|
|
securitySchemes:
|
|
BearerAuth:
|
|
type: http
|
|
scheme: bearer
|
|
bearerFormat: JWT
|
|
TokenAuth:
|
|
type: apiKey
|
|
in: header
|
|
name: Authorization
|
|
description: >-
|
|
Enter the token with the `Token` prefix, e.g. "Token nbp_F3f0d.....".
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
paths:
|
|
/api/accounts:
|
|
get:
|
|
summary: List all Accounts
|
|
description: Returns a list of accounts of a user. Always returns a list of one account.
|
|
tags: [ Accounts ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON array of accounts
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Account'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/accounts/{accountId}:
|
|
put:
|
|
summary: Update an Account
|
|
description: Update information about an account
|
|
tags: [ Accounts ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: accountId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of an account
|
|
requestBody:
|
|
description: update an account
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/AccountRequest'
|
|
responses:
|
|
'200':
|
|
description: An Account object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Account'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users:
|
|
get:
|
|
summary: List all Users
|
|
description: Returns a list of all users
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: query
|
|
name: service_user
|
|
schema:
|
|
type: boolean
|
|
description: Filters users and returns either regular users or service users
|
|
responses:
|
|
'200':
|
|
description: A JSON array of Users
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/User'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a User
|
|
description: Creates a new service user or sends an invite to a regular user
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: User invite information
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/UserCreateRequest'
|
|
responses:
|
|
'200':
|
|
description: A User object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}:
|
|
put:
|
|
summary: Update a User
|
|
description: Update information about a User
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
requestBody:
|
|
description: User update
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
responses:
|
|
'200':
|
|
description: A User object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a User
|
|
description: This method removes a user from accessing the system. For this leaves the IDP user intact unless the `--user-delete-from-idp` is passed to management startup.
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}/tokens:
|
|
get:
|
|
summary: List all Tokens
|
|
description: Returns a list of all tokens for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of PersonalAccessTokens
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PersonalAccessToken'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Token
|
|
description: Create a new token for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
requestBody:
|
|
description: PersonalAccessToken create parameters
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PersonalAccessTokenRequest'
|
|
responses:
|
|
'200':
|
|
description: The token in plain text
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PersonalAccessTokenGenerated'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}/tokens/{tokenId}:
|
|
get:
|
|
summary: Retrieve a Token
|
|
description: Returns a specific token for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
- in: path
|
|
name: tokenId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a token
|
|
responses:
|
|
'200':
|
|
description: A PersonalAccessTokens Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PersonalAccessToken'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Token
|
|
description: Delete a token for a user
|
|
tags: [ Tokens ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
- in: path
|
|
name: tokenId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a token
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/users/{userId}/invite:
|
|
post:
|
|
summary: Resend user invitation
|
|
description: Resend user invitation
|
|
tags: [ Users ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: userId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a user
|
|
responses:
|
|
'200':
|
|
description: Invite status code
|
|
content: {}
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/peers:
|
|
get:
|
|
summary: List all Peers
|
|
description: Returns a list of all peers
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Peers
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PeerBatch'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/peers/{peerId}:
|
|
get:
|
|
summary: Retrieve a Peer
|
|
description: Get information about a peer
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: peerId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a peer
|
|
responses:
|
|
'200':
|
|
description: A Peer object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Peer'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Peer
|
|
description: Update information about a peer
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: peerId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a peer
|
|
requestBody:
|
|
description: update a peer
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PeerRequest'
|
|
responses:
|
|
'200':
|
|
description: A Peer object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Peer'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Peer
|
|
description: Delete a peer
|
|
tags: [ Peers ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: peerId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a peer
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/setup-keys:
|
|
get:
|
|
summary: List all Setup Keys
|
|
description: Returns a list of all Setup Keys
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Setup keys
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Setup Key
|
|
description: Creates a setup key
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Setup Key request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKeyRequest'
|
|
responses:
|
|
'200':
|
|
description: A Setup Keys Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/setup-keys/{keyId}:
|
|
get:
|
|
summary: Retrieve a Setup Key
|
|
description: Get information about a setup key
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: keyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a setup key
|
|
responses:
|
|
'200':
|
|
description: A Setup Key object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Setup Key
|
|
description: Update information about a setup key
|
|
tags: [ Setup Keys ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: keyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a setup key
|
|
requestBody:
|
|
description: update to Setup Key
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKeyRequest'
|
|
responses:
|
|
'200':
|
|
description: A Setup Key object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SetupKey'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/groups:
|
|
get:
|
|
summary: List all Groups
|
|
description: Returns a list of all groups
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Groups
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Group
|
|
description: Creates a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Group request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Group Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/groups/{groupId}:
|
|
get:
|
|
summary: Retrieve a Group
|
|
description: Get information about a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: groupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a group
|
|
responses:
|
|
'200':
|
|
description: A Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Group
|
|
description: Update/Replace a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: groupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a group
|
|
requestBody:
|
|
description: Update Group request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Group
|
|
description: Delete a group
|
|
tags: [ Groups ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: groupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a group
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/rules:
|
|
get:
|
|
summary: List all Rules
|
|
description: Returns a list of all rules
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Rules
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Rule'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Rule
|
|
description: Creates a rule
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Rule request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/RuleRequest'
|
|
responses:
|
|
'200':
|
|
description: A Rule Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Rule'
|
|
/api/rules/{ruleId}:
|
|
get:
|
|
summary: Retrieve a Rule
|
|
description: Get information about a rules
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: ruleId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a rule
|
|
responses:
|
|
'200':
|
|
description: A Rule object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Rule'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Rule
|
|
description: Update/Replace a rule
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: ruleId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a rule
|
|
requestBody:
|
|
description: Update Rule request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/RuleRequest'
|
|
responses:
|
|
'200':
|
|
description: A Rule object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Rule'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Rule
|
|
description: Delete a rule
|
|
tags: [ Rules ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: ruleId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a rule
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/policies:
|
|
get:
|
|
summary: List all Policies
|
|
description: Returns a list of all policies
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Policies
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Policy'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Policy
|
|
description: Creates a policy
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Policy request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyUpdate'
|
|
responses:
|
|
'200':
|
|
description: A Policy Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
/api/policies/{policyId}:
|
|
get:
|
|
summary: Retrieve a Policy
|
|
description: Get information about a Policies
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: policyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a policy
|
|
responses:
|
|
'200':
|
|
description: A Policy object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Policy
|
|
description: Update/Replace a Policy
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: policyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a policy
|
|
requestBody:
|
|
description: Update Policy request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyUpdate'
|
|
responses:
|
|
'200':
|
|
description: A Policy object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Policy
|
|
description: Delete a policy
|
|
tags: [ Policies ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: policyId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a policy
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/routes:
|
|
get:
|
|
summary: List all Routes
|
|
description: Returns a list of all routes
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Routes
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Route
|
|
description: Creates a Route
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Routes request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/RouteRequest'
|
|
responses:
|
|
'200':
|
|
description: A Route Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
|
|
/api/routes/{routeId}:
|
|
get:
|
|
summary: Retrieve a Route
|
|
description: Get information about a Routes
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: routeId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a route
|
|
responses:
|
|
'200':
|
|
description: A Route object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Route
|
|
description: Update/Replace a Route
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: routeId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a route
|
|
requestBody:
|
|
description: Update Route request
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RouteRequest'
|
|
responses:
|
|
'200':
|
|
description: A Route object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Route'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Route
|
|
description: Delete a route
|
|
tags: [ Routes ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: routeId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a route
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/dns/nameservers:
|
|
get:
|
|
summary: List all Nameserver Groups
|
|
description: Returns a list of all Nameserver Groups
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Nameserver Groups
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
post:
|
|
summary: Create a Nameserver Group
|
|
description: Creates a Nameserver Group
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: New Nameserver Groups request
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Nameserver Groups Object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
|
|
/api/dns/nameservers/{nsgroupId}:
|
|
get:
|
|
summary: Retrieve a Nameserver Group
|
|
description: Get information about a Nameserver Groups
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: nsgroupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a Nameserver Group
|
|
responses:
|
|
'200':
|
|
description: A Nameserver Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update a Nameserver Group
|
|
description: Update/Replace a Nameserver Group
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: nsgroupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a Nameserver Group
|
|
requestBody:
|
|
description: Update Nameserver Group request
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroupRequest'
|
|
responses:
|
|
'200':
|
|
description: A Nameserver Group object
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NameserverGroup'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
delete:
|
|
summary: Delete a Nameserver Group
|
|
description: Delete a Nameserver Group
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
parameters:
|
|
- in: path
|
|
name: nsgroupId
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: The unique identifier of a Nameserver Group
|
|
responses:
|
|
'200':
|
|
description: Delete status code
|
|
content: { }
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
|
|
/api/dns/settings:
|
|
get:
|
|
summary: Retrieve DNS settings
|
|
description: Returns a DNS settings object
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Object of DNS Setting
|
|
content:
|
|
application/json:
|
|
schema:
|
|
items:
|
|
$ref: '#/components/schemas/DNSSettings'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
put:
|
|
summary: Update DNS Settings
|
|
description: Updates a DNS settings object
|
|
tags: [ DNS ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
requestBody:
|
|
description: A DNS settings object
|
|
content:
|
|
'application/json':
|
|
schema:
|
|
$ref: '#/components/schemas/DNSSettings'
|
|
responses:
|
|
'200':
|
|
description: A JSON Object of DNS Setting
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DNSSettings'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|
|
/api/events:
|
|
get:
|
|
summary: List all Events
|
|
description: Returns a list of all events
|
|
tags: [ Events ]
|
|
security:
|
|
- BearerAuth: [ ]
|
|
- TokenAuth: [ ]
|
|
responses:
|
|
'200':
|
|
description: A JSON Array of Events
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Event'
|
|
'400':
|
|
"$ref": "#/components/responses/bad_request"
|
|
'401':
|
|
"$ref": "#/components/responses/requires_authentication"
|
|
'403':
|
|
"$ref": "#/components/responses/forbidden"
|
|
'500':
|
|
"$ref": "#/components/responses/internal_error"
|