From 1f4c697a2afd95c5632f065cacb505b6ec6e0515 Mon Sep 17 00:00:00 2001
From: Michael Quigley <michael@quigley.com>
Date: Tue, 2 Aug 2022 13:54:40 -0400
Subject: [PATCH] cleaned out and regenerated api; new list identities endpoint
 (#18)

---
 controller/controller.go                      |   1 +
 controller/list.go                            |  13 ++
 .../metadata/list_identities_parameters.go    | 126 ++++++++++++++++++
 .../metadata/list_identities_responses.go     | 101 ++++++++++++++
 rest_client_zrok/metadata/metadata_client.go  |  41 ++++++
 rest_model_zrok/enable_request.go             |  50 -------
 rest_model_zrok/identities.go                 |  73 ++++++++++
 rest_model_zrok/identity.go                   |  59 ++++++++
 rest_server_zrok/embedded_spec.go             | 100 ++++++++++++++
 .../operations/metadata/list_identities.go    |  71 ++++++++++
 .../metadata/list_identities_parameters.go    |  46 +++++++
 .../metadata/list_identities_responses.go     | 103 ++++++++++++++
 .../metadata/list_identities_urlbuilder.go    |  87 ++++++++++++
 rest_server_zrok/operations/zrok_api.go       |  12 ++
 specs/zrok.yml                                |  31 +++++
 ui/src/api/identity.js                        |   2 +-
 ui/src/api/metadata.js                        |  16 +++
 ui/src/api/types.js                           |  10 ++
 18 files changed, 891 insertions(+), 51 deletions(-)
 create mode 100644 controller/list.go
 create mode 100644 rest_client_zrok/metadata/list_identities_parameters.go
 create mode 100644 rest_client_zrok/metadata/list_identities_responses.go
 delete mode 100644 rest_model_zrok/enable_request.go
 create mode 100644 rest_model_zrok/identities.go
 create mode 100644 rest_model_zrok/identity.go
 create mode 100644 rest_server_zrok/operations/metadata/list_identities.go
 create mode 100644 rest_server_zrok/operations/metadata/list_identities_parameters.go
 create mode 100644 rest_server_zrok/operations/metadata/list_identities_responses.go
 create mode 100644 rest_server_zrok/operations/metadata/list_identities_urlbuilder.go

diff --git a/controller/controller.go b/controller/controller.go
index b6246220..476d82f5 100644
--- a/controller/controller.go
+++ b/controller/controller.go
@@ -25,6 +25,7 @@ func Run(cfg *Config) error {
 	api.IdentityCreateAccountHandler = identity.CreateAccountHandlerFunc(createAccountHandler)
 	api.IdentityEnableHandler = identity.EnableHandlerFunc(enableHandler)
 	api.IdentityLoginHandler = identity.LoginHandlerFunc(loginHandler)
+	api.MetadataListIdentitiesHandler = metadata.ListIdentitiesHandlerFunc(listIdentitiesHandler)
 	api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler)
 	api.TunnelTunnelHandler = tunnel.TunnelHandlerFunc(tunnelHandler)
 	api.TunnelUntunnelHandler = tunnel.UntunnelHandlerFunc(untunnelHandler)
diff --git a/controller/list.go b/controller/list.go
new file mode 100644
index 00000000..9226cc41
--- /dev/null
+++ b/controller/list.go
@@ -0,0 +1,13 @@
+package controller
+
+import (
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/metadata"
+	"github.com/sirupsen/logrus"
+)
+
+func listIdentitiesHandler(params metadata.ListIdentitiesParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	logrus.Infof("principal: %v", principal.Username)
+	return metadata.NewListIdentitiesOK()
+}
diff --git a/rest_client_zrok/metadata/list_identities_parameters.go b/rest_client_zrok/metadata/list_identities_parameters.go
new file mode 100644
index 00000000..c286d86f
--- /dev/null
+++ b/rest_client_zrok/metadata/list_identities_parameters.go
@@ -0,0 +1,126 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package metadata
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"net/http"
+	"time"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	cr "github.com/go-openapi/runtime/client"
+	"github.com/go-openapi/strfmt"
+)
+
+// NewListIdentitiesParams creates a new ListIdentitiesParams object,
+// with the default timeout for this client.
+//
+// Default values are not hydrated, since defaults are normally applied by the API server side.
+//
+// To enforce default values in parameter, use SetDefaults or WithDefaults.
+func NewListIdentitiesParams() *ListIdentitiesParams {
+	return &ListIdentitiesParams{
+		timeout: cr.DefaultTimeout,
+	}
+}
+
+// NewListIdentitiesParamsWithTimeout creates a new ListIdentitiesParams object
+// with the ability to set a timeout on a request.
+func NewListIdentitiesParamsWithTimeout(timeout time.Duration) *ListIdentitiesParams {
+	return &ListIdentitiesParams{
+		timeout: timeout,
+	}
+}
+
+// NewListIdentitiesParamsWithContext creates a new ListIdentitiesParams object
+// with the ability to set a context for a request.
+func NewListIdentitiesParamsWithContext(ctx context.Context) *ListIdentitiesParams {
+	return &ListIdentitiesParams{
+		Context: ctx,
+	}
+}
+
+// NewListIdentitiesParamsWithHTTPClient creates a new ListIdentitiesParams object
+// with the ability to set a custom HTTPClient for a request.
+func NewListIdentitiesParamsWithHTTPClient(client *http.Client) *ListIdentitiesParams {
+	return &ListIdentitiesParams{
+		HTTPClient: client,
+	}
+}
+
+/* ListIdentitiesParams contains all the parameters to send to the API endpoint
+   for the list identities operation.
+
+   Typically these are written to a http.Request.
+*/
+type ListIdentitiesParams struct {
+	timeout    time.Duration
+	Context    context.Context
+	HTTPClient *http.Client
+}
+
+// WithDefaults hydrates default values in the list identities params (not the query body).
+//
+// All values with no default are reset to their zero value.
+func (o *ListIdentitiesParams) WithDefaults() *ListIdentitiesParams {
+	o.SetDefaults()
+	return o
+}
+
+// SetDefaults hydrates default values in the list identities params (not the query body).
+//
+// All values with no default are reset to their zero value.
+func (o *ListIdentitiesParams) SetDefaults() {
+	// no default values defined for this parameter
+}
+
+// WithTimeout adds the timeout to the list identities params
+func (o *ListIdentitiesParams) WithTimeout(timeout time.Duration) *ListIdentitiesParams {
+	o.SetTimeout(timeout)
+	return o
+}
+
+// SetTimeout adds the timeout to the list identities params
+func (o *ListIdentitiesParams) SetTimeout(timeout time.Duration) {
+	o.timeout = timeout
+}
+
+// WithContext adds the context to the list identities params
+func (o *ListIdentitiesParams) WithContext(ctx context.Context) *ListIdentitiesParams {
+	o.SetContext(ctx)
+	return o
+}
+
+// SetContext adds the context to the list identities params
+func (o *ListIdentitiesParams) SetContext(ctx context.Context) {
+	o.Context = ctx
+}
+
+// WithHTTPClient adds the HTTPClient to the list identities params
+func (o *ListIdentitiesParams) WithHTTPClient(client *http.Client) *ListIdentitiesParams {
+	o.SetHTTPClient(client)
+	return o
+}
+
+// SetHTTPClient adds the HTTPClient to the list identities params
+func (o *ListIdentitiesParams) SetHTTPClient(client *http.Client) {
+	o.HTTPClient = client
+}
+
+// WriteToRequest writes these params to a swagger request
+func (o *ListIdentitiesParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error {
+
+	if err := r.SetTimeout(o.timeout); err != nil {
+		return err
+	}
+	var res []error
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
diff --git a/rest_client_zrok/metadata/list_identities_responses.go b/rest_client_zrok/metadata/list_identities_responses.go
new file mode 100644
index 00000000..91c62db8
--- /dev/null
+++ b/rest_client_zrok/metadata/list_identities_responses.go
@@ -0,0 +1,101 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package metadata
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"fmt"
+	"io"
+
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/strfmt"
+
+	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
+)
+
+// ListIdentitiesReader is a Reader for the ListIdentities structure.
+type ListIdentitiesReader struct {
+	formats strfmt.Registry
+}
+
+// ReadResponse reads a server response into the received o.
+func (o *ListIdentitiesReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
+	switch response.Code() {
+	case 200:
+		result := NewListIdentitiesOK()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return result, nil
+	case 500:
+		result := NewListIdentitiesInternalServerError()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
+	default:
+		return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code())
+	}
+}
+
+// NewListIdentitiesOK creates a ListIdentitiesOK with default headers values
+func NewListIdentitiesOK() *ListIdentitiesOK {
+	return &ListIdentitiesOK{}
+}
+
+/* ListIdentitiesOK describes a response with status code 200, with default header values.
+
+success
+*/
+type ListIdentitiesOK struct {
+	Payload rest_model_zrok.Identities
+}
+
+func (o *ListIdentitiesOK) Error() string {
+	return fmt.Sprintf("[GET /listIdentities][%d] listIdentitiesOK  %+v", 200, o.Payload)
+}
+func (o *ListIdentitiesOK) GetPayload() rest_model_zrok.Identities {
+	return o.Payload
+}
+
+func (o *ListIdentitiesOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	// response payload
+	if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF {
+		return err
+	}
+
+	return nil
+}
+
+// NewListIdentitiesInternalServerError creates a ListIdentitiesInternalServerError with default headers values
+func NewListIdentitiesInternalServerError() *ListIdentitiesInternalServerError {
+	return &ListIdentitiesInternalServerError{}
+}
+
+/* ListIdentitiesInternalServerError describes a response with status code 500, with default header values.
+
+internal server error
+*/
+type ListIdentitiesInternalServerError struct {
+	Payload rest_model_zrok.ErrorMessage
+}
+
+func (o *ListIdentitiesInternalServerError) Error() string {
+	return fmt.Sprintf("[GET /listIdentities][%d] listIdentitiesInternalServerError  %+v", 500, o.Payload)
+}
+func (o *ListIdentitiesInternalServerError) GetPayload() rest_model_zrok.ErrorMessage {
+	return o.Payload
+}
+
+func (o *ListIdentitiesInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	// response payload
+	if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF {
+		return err
+	}
+
+	return nil
+}
diff --git a/rest_client_zrok/metadata/metadata_client.go b/rest_client_zrok/metadata/metadata_client.go
index 43a1729a..557cc2e4 100644
--- a/rest_client_zrok/metadata/metadata_client.go
+++ b/rest_client_zrok/metadata/metadata_client.go
@@ -30,11 +30,52 @@ type ClientOption func(*runtime.ClientOperation)
 
 // ClientService is the interface for Client methods
 type ClientService interface {
+	ListIdentities(params *ListIdentitiesParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*ListIdentitiesOK, error)
+
 	Version(params *VersionParams, opts ...ClientOption) (*VersionOK, error)
 
 	SetTransport(transport runtime.ClientTransport)
 }
 
+/*
+  ListIdentities list identities API
+*/
+func (a *Client) ListIdentities(params *ListIdentitiesParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*ListIdentitiesOK, error) {
+	// TODO: Validate the params before sending
+	if params == nil {
+		params = NewListIdentitiesParams()
+	}
+	op := &runtime.ClientOperation{
+		ID:                 "listIdentities",
+		Method:             "GET",
+		PathPattern:        "/listIdentities",
+		ProducesMediaTypes: []string{"application/zrok.v1+json"},
+		ConsumesMediaTypes: []string{"application/zrok.v1+json"},
+		Schemes:            []string{"http"},
+		Params:             params,
+		Reader:             &ListIdentitiesReader{formats: a.formats},
+		AuthInfo:           authInfo,
+		Context:            params.Context,
+		Client:             params.HTTPClient,
+	}
+	for _, opt := range opts {
+		opt(op)
+	}
+
+	result, err := a.transport.Submit(op)
+	if err != nil {
+		return nil, err
+	}
+	success, ok := result.(*ListIdentitiesOK)
+	if ok {
+		return success, nil
+	}
+	// unexpected success response
+	// safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue
+	msg := fmt.Sprintf("unexpected success response for listIdentities: API contract not enforced by server. Client expected to get an error, but got: %T", result)
+	panic(msg)
+}
+
 /*
   Version version API
 */
diff --git a/rest_model_zrok/enable_request.go b/rest_model_zrok/enable_request.go
deleted file mode 100644
index ac458444..00000000
--- a/rest_model_zrok/enable_request.go
+++ /dev/null
@@ -1,50 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-package rest_model_zrok
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-import (
-	"context"
-
-	"github.com/go-openapi/strfmt"
-	"github.com/go-openapi/swag"
-)
-
-// EnableRequest enable request
-//
-// swagger:model enableRequest
-type EnableRequest struct {
-
-	// token
-	Token string `json:"token,omitempty"`
-}
-
-// Validate validates this enable request
-func (m *EnableRequest) Validate(formats strfmt.Registry) error {
-	return nil
-}
-
-// ContextValidate validates this enable request based on context it is used
-func (m *EnableRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *EnableRequest) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *EnableRequest) UnmarshalBinary(b []byte) error {
-	var res EnableRequest
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
diff --git a/rest_model_zrok/identities.go b/rest_model_zrok/identities.go
new file mode 100644
index 00000000..218a316a
--- /dev/null
+++ b/rest_model_zrok/identities.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package rest_model_zrok
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// Identities identities
+//
+// swagger:model identities
+type Identities []*Identity
+
+// Validate validates this identities
+func (m Identities) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	for i := 0; i < len(m); i++ {
+		if swag.IsZero(m[i]) { // not required
+			continue
+		}
+
+		if m[i] != nil {
+			if err := m[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName(strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName(strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// ContextValidate validate this identities based on the context it is used
+func (m Identities) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	for i := 0; i < len(m); i++ {
+
+		if m[i] != nil {
+			if err := m[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName(strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName(strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
diff --git a/rest_model_zrok/identity.go b/rest_model_zrok/identity.go
new file mode 100644
index 00000000..b4caa290
--- /dev/null
+++ b/rest_model_zrok/identity.go
@@ -0,0 +1,59 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package rest_model_zrok
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// Identity identity
+//
+// swagger:model identity
+type Identity struct {
+
+	// active
+	Active bool `json:"active,omitempty"`
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// updated at
+	UpdatedAt string `json:"updatedAt,omitempty"`
+
+	// ziti Id
+	ZitiID string `json:"zitiId,omitempty"`
+}
+
+// Validate validates this identity
+func (m *Identity) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this identity based on context it is used
+func (m *Identity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *Identity) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *Identity) UnmarshalBinary(b []byte) error {
+	var res Identity
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
diff --git a/rest_server_zrok/embedded_spec.go b/rest_server_zrok/embedded_spec.go
index e6ba34c4..837f1125 100644
--- a/rest_server_zrok/embedded_spec.go
+++ b/rest_server_zrok/embedded_spec.go
@@ -105,6 +105,33 @@ func init() {
         }
       }
     },
+    "/listIdentities": {
+      "get": {
+        "security": [
+          {
+            "key": []
+          }
+        ],
+        "tags": [
+          "metadata"
+        ],
+        "operationId": "listIdentities",
+        "responses": {
+          "200": {
+            "description": "success",
+            "schema": {
+              "$ref": "#/definitions/identities"
+            }
+          },
+          "500": {
+            "description": "internal server error",
+            "schema": {
+              "$ref": "#/definitions/errorMessage"
+            }
+          }
+        }
+      }
+    },
     "/login": {
       "post": {
         "tags": [
@@ -265,6 +292,29 @@ func init() {
     "errorMessage": {
       "type": "string"
     },
+    "identities": {
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/identity"
+      }
+    },
+    "identity": {
+      "type": "object",
+      "properties": {
+        "active": {
+          "type": "boolean"
+        },
+        "createdAt": {
+          "type": "string"
+        },
+        "updatedAt": {
+          "type": "string"
+        },
+        "zitiId": {
+          "type": "string"
+        }
+      }
+    },
     "loginRequest": {
       "type": "object",
       "properties": {
@@ -420,6 +470,33 @@ func init() {
         }
       }
     },
+    "/listIdentities": {
+      "get": {
+        "security": [
+          {
+            "key": []
+          }
+        ],
+        "tags": [
+          "metadata"
+        ],
+        "operationId": "listIdentities",
+        "responses": {
+          "200": {
+            "description": "success",
+            "schema": {
+              "$ref": "#/definitions/identities"
+            }
+          },
+          "500": {
+            "description": "internal server error",
+            "schema": {
+              "$ref": "#/definitions/errorMessage"
+            }
+          }
+        }
+      }
+    },
     "/login": {
       "post": {
         "tags": [
@@ -580,6 +657,29 @@ func init() {
     "errorMessage": {
       "type": "string"
     },
+    "identities": {
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/identity"
+      }
+    },
+    "identity": {
+      "type": "object",
+      "properties": {
+        "active": {
+          "type": "boolean"
+        },
+        "createdAt": {
+          "type": "string"
+        },
+        "updatedAt": {
+          "type": "string"
+        },
+        "zitiId": {
+          "type": "string"
+        }
+      }
+    },
     "loginRequest": {
       "type": "object",
       "properties": {
diff --git a/rest_server_zrok/operations/metadata/list_identities.go b/rest_server_zrok/operations/metadata/list_identities.go
new file mode 100644
index 00000000..5cc119d4
--- /dev/null
+++ b/rest_server_zrok/operations/metadata/list_identities.go
@@ -0,0 +1,71 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package metadata
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+
+	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
+)
+
+// ListIdentitiesHandlerFunc turns a function with the right signature into a list identities handler
+type ListIdentitiesHandlerFunc func(ListIdentitiesParams, *rest_model_zrok.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn ListIdentitiesHandlerFunc) Handle(params ListIdentitiesParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// ListIdentitiesHandler interface for that can handle valid list identities params
+type ListIdentitiesHandler interface {
+	Handle(ListIdentitiesParams, *rest_model_zrok.Principal) middleware.Responder
+}
+
+// NewListIdentities creates a new http.Handler for the list identities operation
+func NewListIdentities(ctx *middleware.Context, handler ListIdentitiesHandler) *ListIdentities {
+	return &ListIdentities{Context: ctx, Handler: handler}
+}
+
+/* ListIdentities swagger:route GET /listIdentities metadata listIdentities
+
+ListIdentities list identities API
+
+*/
+type ListIdentities struct {
+	Context *middleware.Context
+	Handler ListIdentitiesHandler
+}
+
+func (o *ListIdentities) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewListIdentitiesParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *rest_model_zrok.Principal
+	if uprinc != nil {
+		principal = uprinc.(*rest_model_zrok.Principal) // this is really a rest_model_zrok.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
diff --git a/rest_server_zrok/operations/metadata/list_identities_parameters.go b/rest_server_zrok/operations/metadata/list_identities_parameters.go
new file mode 100644
index 00000000..1af5f70d
--- /dev/null
+++ b/rest_server_zrok/operations/metadata/list_identities_parameters.go
@@ -0,0 +1,46 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package metadata
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime/middleware"
+)
+
+// NewListIdentitiesParams creates a new ListIdentitiesParams object
+//
+// There are no default values defined in the spec.
+func NewListIdentitiesParams() ListIdentitiesParams {
+
+	return ListIdentitiesParams{}
+}
+
+// ListIdentitiesParams contains all the bound params for the list identities operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters listIdentities
+type ListIdentitiesParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewListIdentitiesParams() beforehand.
+func (o *ListIdentitiesParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
diff --git a/rest_server_zrok/operations/metadata/list_identities_responses.go b/rest_server_zrok/operations/metadata/list_identities_responses.go
new file mode 100644
index 00000000..b28a9f8c
--- /dev/null
+++ b/rest_server_zrok/operations/metadata/list_identities_responses.go
@@ -0,0 +1,103 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package metadata
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+
+	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
+)
+
+// ListIdentitiesOKCode is the HTTP code returned for type ListIdentitiesOK
+const ListIdentitiesOKCode int = 200
+
+/*ListIdentitiesOK success
+
+swagger:response listIdentitiesOK
+*/
+type ListIdentitiesOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload rest_model_zrok.Identities `json:"body,omitempty"`
+}
+
+// NewListIdentitiesOK creates ListIdentitiesOK with default headers values
+func NewListIdentitiesOK() *ListIdentitiesOK {
+
+	return &ListIdentitiesOK{}
+}
+
+// WithPayload adds the payload to the list identities o k response
+func (o *ListIdentitiesOK) WithPayload(payload rest_model_zrok.Identities) *ListIdentitiesOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the list identities o k response
+func (o *ListIdentitiesOK) SetPayload(payload rest_model_zrok.Identities) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *ListIdentitiesOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	payload := o.Payload
+	if payload == nil {
+		// return empty array
+		payload = rest_model_zrok.Identities{}
+	}
+
+	if err := producer.Produce(rw, payload); err != nil {
+		panic(err) // let the recovery middleware deal with this
+	}
+}
+
+// ListIdentitiesInternalServerErrorCode is the HTTP code returned for type ListIdentitiesInternalServerError
+const ListIdentitiesInternalServerErrorCode int = 500
+
+/*ListIdentitiesInternalServerError internal server error
+
+swagger:response listIdentitiesInternalServerError
+*/
+type ListIdentitiesInternalServerError struct {
+
+	/*
+	  In: Body
+	*/
+	Payload rest_model_zrok.ErrorMessage `json:"body,omitempty"`
+}
+
+// NewListIdentitiesInternalServerError creates ListIdentitiesInternalServerError with default headers values
+func NewListIdentitiesInternalServerError() *ListIdentitiesInternalServerError {
+
+	return &ListIdentitiesInternalServerError{}
+}
+
+// WithPayload adds the payload to the list identities internal server error response
+func (o *ListIdentitiesInternalServerError) WithPayload(payload rest_model_zrok.ErrorMessage) *ListIdentitiesInternalServerError {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the list identities internal server error response
+func (o *ListIdentitiesInternalServerError) SetPayload(payload rest_model_zrok.ErrorMessage) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *ListIdentitiesInternalServerError) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(500)
+	payload := o.Payload
+	if err := producer.Produce(rw, payload); err != nil {
+		panic(err) // let the recovery middleware deal with this
+	}
+}
diff --git a/rest_server_zrok/operations/metadata/list_identities_urlbuilder.go b/rest_server_zrok/operations/metadata/list_identities_urlbuilder.go
new file mode 100644
index 00000000..ff3b90dc
--- /dev/null
+++ b/rest_server_zrok/operations/metadata/list_identities_urlbuilder.go
@@ -0,0 +1,87 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package metadata
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// ListIdentitiesURL generates an URL for the list identities operation
+type ListIdentitiesURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *ListIdentitiesURL) WithBasePath(bp string) *ListIdentitiesURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *ListIdentitiesURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *ListIdentitiesURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/listIdentities"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *ListIdentitiesURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *ListIdentitiesURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *ListIdentitiesURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on ListIdentitiesURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on ListIdentitiesURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *ListIdentitiesURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}
diff --git a/rest_server_zrok/operations/zrok_api.go b/rest_server_zrok/operations/zrok_api.go
index 4a676592..014b421d 100644
--- a/rest_server_zrok/operations/zrok_api.go
+++ b/rest_server_zrok/operations/zrok_api.go
@@ -53,6 +53,9 @@ func NewZrokAPI(spec *loads.Document) *ZrokAPI {
 		IdentityEnableHandler: identity.EnableHandlerFunc(func(params identity.EnableParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation identity.Enable has not yet been implemented")
 		}),
+		MetadataListIdentitiesHandler: metadata.ListIdentitiesHandlerFunc(func(params metadata.ListIdentitiesParams, principal *rest_model_zrok.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation metadata.ListIdentities has not yet been implemented")
+		}),
 		IdentityLoginHandler: identity.LoginHandlerFunc(func(params identity.LoginParams) middleware.Responder {
 			return middleware.NotImplemented("operation identity.Login has not yet been implemented")
 		}),
@@ -119,6 +122,8 @@ type ZrokAPI struct {
 	IdentityCreateAccountHandler identity.CreateAccountHandler
 	// IdentityEnableHandler sets the operation handler for the enable operation
 	IdentityEnableHandler identity.EnableHandler
+	// MetadataListIdentitiesHandler sets the operation handler for the list identities operation
+	MetadataListIdentitiesHandler metadata.ListIdentitiesHandler
 	// IdentityLoginHandler sets the operation handler for the login operation
 	IdentityLoginHandler identity.LoginHandler
 	// TunnelTunnelHandler sets the operation handler for the tunnel operation
@@ -214,6 +219,9 @@ func (o *ZrokAPI) Validate() error {
 	if o.IdentityEnableHandler == nil {
 		unregistered = append(unregistered, "identity.EnableHandler")
 	}
+	if o.MetadataListIdentitiesHandler == nil {
+		unregistered = append(unregistered, "metadata.ListIdentitiesHandler")
+	}
 	if o.IdentityLoginHandler == nil {
 		unregistered = append(unregistered, "identity.LoginHandler")
 	}
@@ -333,6 +341,10 @@ func (o *ZrokAPI) initHandlerCache() {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
 	o.handlers["POST"]["/enable"] = identity.NewEnable(o.context, o.IdentityEnableHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
+	o.handlers["GET"]["/listIdentities"] = metadata.NewListIdentities(o.context, o.MetadataListIdentitiesHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
diff --git a/specs/zrok.yml b/specs/zrok.yml
index 989fa82d..ba45a9e4 100644
--- a/specs/zrok.yml
+++ b/specs/zrok.yml
@@ -55,6 +55,22 @@ paths:
           description: internal server error
           schema:
             $ref: "#/definitions/errorMessage"
+  /listIdentities:
+    get:
+      tags:
+        - metadata
+      security:
+        - key: []
+      operationId: listIdentities
+      responses:
+        200:
+          description: success
+          schema:
+            $ref: "#/definitions/identities"
+        500:
+          description: internal server error
+          schema:
+            $ref: "#/definitions/errorMessage"
   /login:
     post:
       tags:
@@ -153,6 +169,21 @@ definitions:
         type: string
   errorMessage:
     type: string
+  identities:
+    type: array
+    items:
+      $ref: "#/definitions/identity"
+  identity:
+    type: object
+    properties:
+      zitiId:
+        type: string
+      active:
+        type: boolean
+      createdAt:
+        type: string
+      updatedAt:
+        type: string
   loginRequest:
     type: object
     properties:
diff --git a/ui/src/api/identity.js b/ui/src/api/identity.js
index fa4bce45..e25bc4be 100644
--- a/ui/src/api/identity.js
+++ b/ui/src/api/identity.js
@@ -24,7 +24,7 @@ export function enable() {
 }
 
 /**
- * @param {{password: string, email: string}} options Optional options
+ * @param {object} options Optional options
  * @param {module:types.loginRequest} [options.body] 
  * @return {Promise<module:types.loginResponse>} login successful
  */
diff --git a/ui/src/api/metadata.js b/ui/src/api/metadata.js
index b782394b..61c36080 100644
--- a/ui/src/api/metadata.js
+++ b/ui/src/api/metadata.js
@@ -2,12 +2,28 @@
 // Auto-generated, edits will be overwritten
 import * as gateway from './gateway'
 
+/**
+ */
+export function listIdentities() {
+  return gateway.request(listIdentitiesOperation)
+}
+
 /**
  */
 export function version() {
   return gateway.request(versionOperation)
 }
 
+const listIdentitiesOperation = {
+  path: '/listIdentities',
+  method: 'get',
+  security: [
+    {
+      id: 'key'
+    }
+  ]
+}
+
 const versionOperation = {
   path: '/version',
   method: 'get'
diff --git a/ui/src/api/types.js b/ui/src/api/types.js
index 6f34bece..d83f880f 100644
--- a/ui/src/api/types.js
+++ b/ui/src/api/types.js
@@ -24,6 +24,16 @@
  * @property {string} cfg 
  */
 
+/**
+ * @typedef identity
+ * @memberof module:types
+ * 
+ * @property {string} zitiId 
+ * @property {boolean} active 
+ * @property {string} createdAt 
+ * @property {string} updatedAt 
+ */
+
 /**
  * @typedef loginRequest
  * @memberof module:types