openapi: 3.0.1
info:
title: XPI REST API
description: XPI REST API
servers:
- url: /rest
paths:
/v1/accessrule/public:
get:
tags:
- AccessRule
operationId: getPublicAccessRule
parameters: []
responses:
default:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONAccessRule'
'/v1/accessrule/{access-rule-key}':
get:
tags:
- AccessRule
operationId: getAccessRule
parameters:
- name: access-rule-key
in: path
required: true
schema:
type: string
responses:
default:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONAccessRule'
/v1/accessrule:
get:
tags:
- AccessRule
operationId: getAccessRules
parameters: []
responses:
default:
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/JSONAccessRule'
'/v1/authentication/mechanism/{mechanism-key}':
get:
tags:
- AuthenticationMechanism
operationId: getMechanism
parameters:
- name: mechanism-key
in: path
required: true
schema:
type: string
responses:
default:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONMechanism'
/v1/authentication/mechanism:
get:
tags:
- AuthenticationMechanism
operationId: getMechanisms
parameters:
- name: type
in: query
schema:
type: string
responses:
default:
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/JSONMechanism'
'/v1/database/{database}':
get:
tags:
- Database
operationId: getDatabase
parameters:
- name: database
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
put:
tags:
- Database
operationId: updateDatabase
parameters:
- name: database
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JsonDatabaseSettings'
responses:
default:
description: default response
content:
'*/*': {}
/v1/database:
get:
tags:
- Database
operationId: listDatabases
parameters: []
responses:
default:
description: default response
content:
application/json: {}
'/v1/database/update/{database}':
post:
tags:
- Database
operationId: updateDatabaseSchema
parameters:
- name: database
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
'*/*': {}
'/v1/oauth/client/{client-id}':
get:
tags:
- OAuth2
operationId: getClient
parameters:
- name: client-id
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
put:
tags:
- OAuth2
operationId: updateClient
parameters:
- name: client-id
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONClientConfig'
responses:
default:
description: default response
content:
application/json: {}
delete:
tags:
- OAuth2
operationId: deleteClient
parameters:
- name: client-id
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
/v1/oauth/client:
get:
tags:
- OAuth2
description: Get information about an Entity
operationId: search
parameters: []
responses:
'200':
description: Operation successful
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/JSONClientConfig'
post:
tags:
- OAuth2
operationId: createClient
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONClientConfig'
responses:
default:
description: default response
content:
application/json: {}
'/v1/oauth/client/{client-id}/certificateUpload':
put:
tags:
- OAuth2
operationId: uploadUserCertificate
parameters:
- name: client-id
in: path
required: true
schema:
type: string
requestBody:
content:
multipart/form-data:
schema:
type: object
properties:
user_certificate:
type: string
format: binary
responses:
default:
description: default response
content:
application/json: {}
/v1/oauth:
get:
tags:
- OAuth2
operationId: getConfiguration
parameters: []
responses:
default:
description: default response
content:
application/json: {}
put:
tags:
- OAuth2
operationId: updateConfiguration
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONConfiguration'
responses:
default:
description: default response
content:
'*/*': {}
/v1/oauth/attribute:
get:
tags:
- OPENID
description: Get list of of all OpenId attribute groups
operationId: getAttributeGroups
parameters: []
responses:
'200':
description: Operation successful
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/JSONGroupConfig'
'404':
description: No OpenId attribute groups found
'500':
description: Internal server error
'/v1/oauth/attribute/{group-id}':
get:
tags:
- OPENID
description: Get OpenId attribute group configuration of group-id
operationId: getAttributeConfiguration
parameters:
- name: group-id
in: path
required: true
schema:
type: string
responses:
'200':
description: Operation successful
'404':
description: No OpenId attribute groups found
'500':
description: Internal server error
put:
tags:
- OPENID
description: Update OpenId attribute group configuration
operationId: updateAttribute
parameters:
- name: group-id
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONGroupConfig'
responses:
'200':
description: Operation successful
'404':
description: No OpenId attribute groups found
'500':
description: Internal server error
post:
tags:
- OPENID
description: Add new OpenId attribute group
operationId: addAttributeGroup
parameters:
- name: group-id
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONGroupConfig'
responses:
'200':
description: Operation successful
'400':
description: Attribute Group exists or Missing/invalid attribute
'500':
description: Internal server error
delete:
tags:
- OPENID
description: Delete OpenId attribute group configuration of group-id
operationId: deleteAttributeGroup
parameters:
- name: group-id
in: path
required: true
schema:
type: string
responses:
'200':
description: Operation successful
'404':
description: OpenId attribute group not found
'500':
description: Internal server error
'/v1/oauth/scope/{scope-name}':
get:
tags:
- OAuth2
operationId: getScope
parameters:
- name: scope-name
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
put:
tags:
- OAuth2
operationId: updateScope
parameters:
- name: scope-name
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONScope'
responses:
default:
description: default response
content:
'*/*': {}
delete:
tags:
- OAuth2
operationId: deleteScope
parameters:
- name: scope-name
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
'*/*': {}
/v1/oauth/scope:
get:
tags:
- OAuth2
operationId: getAllScopes
parameters: []
responses:
'200':
description: Operation successful
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/JSONScope'
post:
tags:
- OAuth2
description: Add new OScope
operationId: postScope
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONScope'
responses:
'200':
description: Operation successful
'400':
description: Scope exists or Missing/invalid attribute
'500':
description: Internal server error
'/v1/saml/idp/{idpId}/sp-metadata':
post:
tags:
- SAML
description: Add new Service Provider using SAML metadata
operationId: addSpByMetadata
parameters:
- name: idpId
in: path
description: The ID of the Identity Provider
required: true
schema:
type: string
requestBody:
description: SAML 2.0 metadata
content:
application/xml:
schema:
type: string
responses:
'201':
description: Service Provider created successfully
'400':
description: Service Provider EntityID already exists or invalid parameters
'404':
description: Identity Provider not found
'/v1/saml/idp/{idpId}/metadata':
get:
tags:
- SAML
summary: Returns SAML 2.0 metadata as XML for the Identity Provider
description: Get metadata for a IDP
operationId: getIdpMetadata
parameters:
- name: idpId
in: path
description: The entity ID of the Identity Provider
required: true
schema:
type: string
responses:
'200':
description: Identity Provider found
links:
'':
operationRef: ./swagger/definitions.json#/definitions/IDP
'404':
description: Identity Provider not found
'406':
description: Only XML is produced
/v1/saml/idp:
get:
tags:
- SAML
description: Get list of of all available IDPs and SPs
operationId: getIdps
parameters: []
responses:
'200':
description: Operation successful
content:
application/json:
schema:
$ref: '#/components/schemas/IdentityProviderInfoList'
application/xml:
schema:
$ref: '#/components/schemas/IdentityProviderInfoList'
'/v1/saml/idp/{idpId}/sp-callbackurl':
post:
tags:
- SAML
description: Add new Service Provider using a Callback URL
operationId: addSpByCallbackUrl
parameters:
- name: idpId
in: path
description: The ID of the Identity Provider
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CallbackUrlInfo'
responses:
'201':
description: Service Provider created successfully
'400':
description: Service Provider EntityID already exists or invalid parameters
'404':
description: Identity Provider not found
'/v1/saml/authentication/method/{methodId}':
get:
tags:
- SAML
description: Get information about a method
operationId: getMethod
parameters:
- name: methodId
in: path
description: The ID of the Method
required: true
schema:
type: string
responses:
'200':
description: Method found
content:
'*/*':
schema:
$ref: '#/components/schemas/MethodInfo'
'404':
description: Method not found
put:
tags:
- SAML
description: Update a method
operationId: updateMethod
parameters:
- name: methodId
in: path
description: The ID of the Method
required: true
schema:
type: string
requestBody:
content:
'*/*':
schema:
$ref: '#/components/schemas/MethodUpdateInput'
responses:
'200':
description: Method updated successfully
content:
'*/*':
schema:
$ref: '#/components/schemas/MethodInfo'
'404':
description: Method not found
delete:
tags:
- SAML
description: Delete a Method
operationId: deleteMethod
parameters:
- name: methodId
in: path
description: The ID of the Method
required: true
schema:
type: string
responses:
'204':
description: Method successfully deleted
'404':
description: Method not found
/v1/saml/authentication/method:
post:
tags:
- SAML
description: Add new Method for a given service provider
operationId: addMethod
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MethodAddInput'
responses:
'201':
description: Method successfully created
content:
application/json:
schema:
$ref: '#/components/schemas/MethodInfo'
'400':
description: Invalid input or method already exists
'404':
description: Method or Service Provider not found
'/v1/saml/sp/{spId}':
delete:
tags:
- SAML
description: Delete a Service Provider from a SAML federation
operationId: deleteServiceProvider
parameters:
- name: spId
in: path
description: The ID of the Service Provider
required: true
schema:
type: string
responses:
'204':
description: Service Provider successfully deleted
'404':
description: Identity/Service Provider not found
'409':
description: 'Service Provider has dependencies, cannot be deleted'
content:
'*/*':
schema:
$ref: '#/components/schemas/ServiceProvider'
'/v1/saml/sp/{spId}/callbackurl':
put:
tags:
- SAML
description: Update Callback URL for a Service Provider
operationId: updateServiceProvider
parameters:
- name: spId
in: path
description: The ID of the Service Provider
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CallbackUrlInfo'
responses:
'200':
description: Service Provider updated successfully
'400':
description: Callback URL is not valid or invalid parameters
'404':
description: Identity/Service Provider not found
'/v1/saml/sp/{spId}/metadata':
get:
tags:
- SAML
summary: Returns SAML 2.0 metadata as XML for the Service Provider
description: Get metadata for a SP
operationId: getSpMetadata
parameters:
- name: spId
in: path
description: The entity ID of the Service Provider
required: true
schema:
type: string
responses:
'200':
description: Service Provider found
links:
'':
operationRef: ./swagger/definitions.json#/definitions/SP
'404':
description: Service Provider not found
'406':
description: Only XML is produced
put:
tags:
- SAML
description: Update Service Provider in a SAML federation
operationId: 1_updateServiceProvider
parameters:
- name: spId
in: path
description: The ID of the Service Provider
required: true
schema:
type: string
requestBody:
description: SAML 2.0 metadata
content:
application/xml:
schema:
type: string
responses:
'200':
description: Service Provider updated successfully
'400':
description: Metadata is not valid or parameter is missing
'404':
description: Identity/Service Provider not found
/v1/logging/syslog:
get:
tags:
- SysetmLog
operationId: getSettings
parameters: []
responses:
default:
description: default response
content:
application/json: {}
put:
tags:
- SysetmLog
operationId: updateSettings
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/JSONSyslog'
responses:
default:
description: default response
content:
'*/*': {}
'/v2/usergroup/propertygroup/{key}':
get:
tags:
- PropertyGroup
description: Get an entity by using key
operationId: get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
application/xml:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
'404':
description: Requested entity not found
put:
tags:
- PropertyGroup
description: Update an entity
operationId: update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
application/xml:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
'404':
description: Entity not found
delete:
tags:
- PropertyGroup
description: Delete an entity
operationId: delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/usergroup/propertygroup:
get:
tags:
- PropertyGroup
description: Get information about an Entity
operationId: 1_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UserPropertyGroupInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/UserPropertyGroupInfo'
'404':
description: Requested entity not found
post:
tags:
- PropertyGroup
description: Add new entity
operationId: add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
application/xml:
schema:
$ref: '#/components/schemas/UserPropertyGroupInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/usergroup/propertygroup/{key}/referred-entities':
get:
tags:
- PropertyGroup
description: Get a list of refereed entities
operationId: getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/accessrule/{key}':
get:
tags:
- AccessRule
description: Get an entity by using key
operationId: 1_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
application/xml:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
'404':
description: Requested entity not found
put:
tags:
- AccessRule
description: Update an entity
operationId: 1_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
application/xml:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
'404':
description: Entity not found
delete:
tags:
- AccessRule
description: Delete an entity
operationId: 1_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/accessrule:
get:
tags:
- AccessRule
description: Get information about an Entity
operationId: 2_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
'404':
description: Requested entity not found
post:
tags:
- AccessRule
description: Add new entity
operationId: 1_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
application/xml:
schema:
$ref: '#/components/schemas/ReusableAccessRuleInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/accessrule/{key}/referred-entities':
get:
tags:
- AccessRule
description: Get a list of refereed entities
operationId: 1_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/cacertificate/{key}':
get:
tags:
- CACertificate
description: Get an entity by using key
operationId: 2_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
'404':
description: Requested entity not found
put:
tags:
- CACertificate
description: Update an entity
operationId: 2_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CaCertificateInfo'
responses:
'201':
description: Entity updated successfully
'404':
description: Entity not found
delete:
tags:
- CACertificate
description: Delete an entity
operationId: 2_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/cacertificate:
get:
tags:
- CACertificate
description: Get information about an Entity
operationId: 3_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
'404':
description: Requested entity not found
post:
tags:
- CACertificate
description: Add new entity
operationId: 2_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CaCertificateInfo'
responses:
'201':
description: Entity created successfully
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/cacertificate/{key}/referred-entities':
get:
tags:
- CACertificate
description: Get a list of refereed entities
operationId: 2_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/device/{key}':
get:
tags:
- Device
description: Get an entity by using key
operationId: 3_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/DeviceInfo'
application/xml:
schema:
$ref: '#/components/schemas/DeviceInfo'
'404':
description: Requested entity not found
put:
tags:
- Device
description: Update an entity
operationId: 3_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DeviceInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/DeviceInfo'
application/xml:
schema:
$ref: '#/components/schemas/DeviceInfo'
'404':
description: Entity not found
delete:
tags:
- Device
description: Delete an entity
operationId: 3_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/device:
get:
tags:
- Device
description: Get information about an Entity
operationId: 4_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/DeviceInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/DeviceInfo'
'404':
description: Requested entity not found
post:
tags:
- Device
description: Add new entity
operationId: 3_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DeviceInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/DeviceInfo'
application/xml:
schema:
$ref: '#/components/schemas/DeviceInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/device/{key}/referred-entities':
get:
tags:
- Device
description: Get a list of refereed entities
operationId: 3_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/dnsname/{key}':
get:
tags:
- DNS Name
description: Get an entity by using key
operationId: 4_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
application/xml:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
'404':
description: Requested entity not found
put:
tags:
- DNS Name
description: Update an entity
operationId: 4_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
application/xml:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
'404':
description: Entity not found
delete:
tags:
- DNS Name
description: Delete an entity
operationId: 4_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/dnsname:
get:
tags:
- DNS Name
description: Get information about an Entity
operationId: 5_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/MappedDNSNameInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/MappedDNSNameInfo'
'404':
description: Requested entity not found
post:
tags:
- DNS Name
description: Add new entity
operationId: 4_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
application/xml:
schema:
$ref: '#/components/schemas/MappedDNSNameInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/dnsname/{key}/referred-entities':
get:
tags:
- DNS Name
description: Get a list of refereed entities
operationId: 4_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
/v2/file_browser:
delete:
tags:
- File Browser
description: Delete a given path
operationId: 5_delete
parameters:
- name: path
in: query
schema:
type: string
responses:
'204':
description: Success
/v2/file_browser/list:
get:
tags:
- File Browser
description: List of files within path
operationId: listFiles
parameters:
- name: path
in: query
schema:
type: string
responses:
'200':
description: List of files
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/FileInfo'
/v2/file_browser/create_directory:
get:
tags:
- File Browser
description: Create a directory
operationId: mkdir
parameters:
- name: path
in: query
schema:
type: string
responses:
'200':
description: Success
/v2/file_browser/move:
get:
tags:
- File Browser
description: Move files to different paths
operationId: move
parameters:
- name: sourcePath
in: query
schema:
type: string
- name: destinationPath
in: query
schema:
type: string
responses:
'200':
description: Success
/v2/file_browser/upload:
put:
tags:
- File Browser
description: Upload file to given path
operationId: upload
parameters: []
requestBody:
content:
multipart/form-data:
schema:
type: object
properties:
file:
type: string
format: binary
path:
type: string
responses:
'200':
description: Success
/v2/file_browser/download:
get:
tags:
- File Browser
description: Download contents of a path
operationId: download
parameters:
- name: path
in: query
schema:
type: string
responses:
default:
description: default response
content:
application/octet-stream: {}
application/json: {}
'/v2/identity_orchestration/{key}':
get:
tags:
- Identity Orchestration
description: Get an entity by using key
operationId: 5_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/IDOInfo'
application/xml:
schema:
$ref: '#/components/schemas/IDOInfo'
'404':
description: Requested entity not found
put:
tags:
- Identity Orchestration
description: Update an entity
operationId: 5_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/IDOInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/IDOInfo'
application/xml:
schema:
$ref: '#/components/schemas/IDOInfo'
'404':
description: Entity not found
delete:
tags:
- Identity Orchestration
description: Delete an entity
operationId: 6_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/identity_orchestration:
get:
tags:
- Identity Orchestration
description: Get information about an Entity
operationId: 6_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/IDOInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/IDOInfo'
'404':
description: Requested entity not found
post:
tags:
- Identity Orchestration
description: Add new entity
operationId: 5_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/IDOInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/IDOInfo'
application/xml:
schema:
$ref: '#/components/schemas/IDOInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/identity_orchestration/{key}/referred-entities':
get:
tags:
- Identity Orchestration
description: Get a list of refereed entities
operationId: 5_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/internet_firewall/{key}':
get:
tags:
- Internet Firewall
description: Get an entity by using key
operationId: 6_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
application/xml:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
'404':
description: Requested entity not found
put:
tags:
- Internet Firewall
description: Update an entity
operationId: 6_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
application/xml:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
'404':
description: Entity not found
delete:
tags:
- Internet Firewall
description: Delete an entity
operationId: 7_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/internet_firewall:
get:
tags:
- Internet Firewall
description: Get information about an Entity
operationId: 7_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/InternetFirewallInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/InternetFirewallInfo'
'404':
description: Requested entity not found
post:
tags:
- Internet Firewall
description: Add new entity
operationId: 6_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
application/xml:
schema:
$ref: '#/components/schemas/InternetFirewallInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/internet_firewall/{key}/referred-entities':
get:
tags:
- Internet Firewall
description: Get a list of refereed entities
operationId: 6_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/nodes/{id}':
get:
tags:
- Nodes
description: Node with provided ID in Administration Service
operationId: getNode
parameters:
- name: id
in: path
required: true
schema:
type: integer
format: int32
responses:
'200':
description: Node information
content:
application/json:
schema:
$ref: '#/components/schemas/NodeInfo'
'404':
description: If no node is found with given ID
/v2/nodes:
get:
tags:
- Nodes
description: >-
Nodes configured with the Administration Service. If type is not
mentioned, then all nodes are returned.
operationId: getNodeByType
parameters:
- name: type
in: query
schema:
type: string
enum:
- POLICY_SERVER
- AGENT
- ACCESS_POINT
- AUTHENTICATION_SERVER
- ADMINISTRATION_SERVER
- DISTRIBUTION_SERVER
- UNKNOWN_NODETYPE
responses:
'200':
description: List of nodes
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/NodeInfo'
'/v2/openid_connect/attribute/{key}':
get:
tags:
- OpenID Connect Attribute Group
description: Get an entity by using key
operationId: 7_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
application/xml:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
'404':
description: Requested entity not found
put:
tags:
- OpenID Connect Attribute Group
description: Update an entity
operationId: 7_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
application/xml:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
'404':
description: Entity not found
delete:
tags:
- OpenID Connect Attribute Group
description: Delete an entity
operationId: 8_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/openid_connect/attribute:
get:
tags:
- OpenID Connect Attribute Group
description: Get information about an Entity
operationId: 8_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/AttributeGroupInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/AttributeGroupInfo'
'404':
description: Requested entity not found
post:
tags:
- OpenID Connect Attribute Group
description: Add new entity
operationId: 7_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
application/xml:
schema:
$ref: '#/components/schemas/AttributeGroupInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/openid_connect/attribute/{key}/referred-entities':
get:
tags:
- OpenID Connect Attribute Group
description: Get a list of refereed entities
operationId: 7_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/openid_connect/client/clientID/{client-id}':
get:
tags:
- OpenID Connect Client
operationId: 1_getClient
parameters:
- name: client-id
in: path
required: true
schema:
type: string
responses:
default:
description: default response
content:
application/json: {}
'/v2/openid_connect/client/{key}':
get:
tags:
- OpenID Connect Client
description: Get an entity by using key
operationId: 8_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/ClientInfo'
application/xml:
schema:
$ref: '#/components/schemas/ClientInfo'
'404':
description: Requested entity not found
put:
tags:
- OpenID Connect Client
description: Update an entity
operationId: 8_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ClientInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ClientInfo'
application/xml:
schema:
$ref: '#/components/schemas/ClientInfo'
'404':
description: Entity not found
delete:
tags:
- OpenID Connect Client
description: Delete an entity
operationId: 9_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/openid_connect/client:
get:
tags:
- OpenID Connect Client
description: Get information about an Entity
operationId: 9_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/ClientInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/ClientInfo'
'404':
description: Requested entity not found
post:
tags:
- OpenID Connect Client
description: Add new entity
operationId: 8_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ClientInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ClientInfo'
application/xml:
schema:
$ref: '#/components/schemas/ClientInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/openid_connect/client/{key}/referred-entities':
get:
tags:
- OpenID Connect Client
description: Get a list of refereed entities
operationId: 8_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/openid_connect/scope/{key}':
get:
tags:
- OpenId Connect Scope
description: Get an entity by using key
operationId: 9_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeInfo'
application/xml:
schema:
$ref: '#/components/schemas/ScopeInfo'
'404':
description: Requested entity not found
put:
tags:
- OpenId Connect Scope
description: Update an entity
operationId: 9_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeInfo'
application/xml:
schema:
$ref: '#/components/schemas/ScopeInfo'
'404':
description: Entity not found
delete:
tags:
- OpenId Connect Scope
description: Delete an entity
operationId: 10_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/openid_connect/scope:
get:
tags:
- OpenId Connect Scope
description: Get information about an Entity
operationId: 10_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/ScopeInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/ScopeInfo'
'404':
description: Requested entity not found
post:
tags:
- OpenId Connect Scope
description: Add new entity
operationId: 9_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeInfo'
application/xml:
schema:
$ref: '#/components/schemas/ScopeInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/openid_connect/scope/{key}/referred-entities':
get:
tags:
- OpenId Connect Scope
description: Get a list of refereed entities
operationId: 9_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/portalsettings/{key}':
get:
tags:
- Portal Settings
description: Get an entity by using key
operationId: 10_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
application/xml:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
'404':
description: Requested entity not found
put:
tags:
- Portal Settings
description: Update an entity
operationId: 10_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
application/xml:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
'404':
description: Entity not found
delete:
tags:
- Portal Settings
description: Delete an entity
operationId: 11_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/portalsettings:
get:
tags:
- Portal Settings
description: Get information about an Entity
operationId: 11_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/PortalSettingInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/PortalSettingInfo'
'404':
description: Requested entity not found
post:
tags:
- Portal Settings
description: Add new entity
operationId: 10_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
application/xml:
schema:
$ref: '#/components/schemas/PortalSettingInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/portalsettings/{key}/referred-entities':
get:
tags:
- Portal Settings
description: Get a list of refereed entities
operationId: 10_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
/v2/publishconfiguration:
get:
tags:
- Publish
description: >-
Publish HAG configuration to all nodes and get status of publish
operation
operationId: publish
parameters: []
responses:
'200':
description: List of nodes and their publish status
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/PublishStatus'
'/v2/tunnelresource/{key}':
get:
tags:
- TunnelResource
description: Get an entity by using key
operationId: 11_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
application/xml:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
'404':
description: Requested entity not found
put:
tags:
- TunnelResource
description: Update an entity
operationId: 11_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
application/xml:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
'404':
description: Entity not found
delete:
tags:
- TunnelResource
description: Delete an entity
operationId: 12_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/tunnelresource:
get:
tags:
- TunnelResource
description: Get information about an Entity
operationId: 12_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TunnelResourceInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/TunnelResourceInfo'
'404':
description: Requested entity not found
post:
tags:
- TunnelResource
description: Add new entity
operationId: 11_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
application/xml:
schema:
$ref: '#/components/schemas/TunnelResourceInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/tunnelresource/{key}/referred-entities':
get:
tags:
- TunnelResource
description: Get a list of refereed entities
operationId: 11_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/webresourcepath/resourceroot/{resourcerootkey}':
get:
tags:
- WebResourcePath
description: >-
Get the list of all the path of a webResourceRoot whose key is provided.
Key can be found using "/v2/webresourceroot" get api
operationId: getByKey
parameters:
- name: resourcerootkey
in: path
description: Key of Resource Root
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/WebResourcePathInfo'
'404':
description: Resource Root of given key is not found
'/v2/webresourcepath/{key}':
get:
tags:
- WebResourcePath
description: Get an entity by using key
operationId: 12_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
application/xml:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
'404':
description: Requested entity not found
put:
tags:
- WebResourcePath
description: Update an entity
operationId: 12_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
application/xml:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
'404':
description: Entity not found
delete:
tags:
- WebResourcePath
description: Delete an entity
operationId: 13_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/webresourcepath:
get:
tags:
- WebResourcePath
description: Get information about an Entity
operationId: 13_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/WebResourcePathInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/WebResourcePathInfo'
'404':
description: Requested entity not found
post:
tags:
- WebResourcePath
description: Add new entity
operationId: 12_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
application/xml:
schema:
$ref: '#/components/schemas/WebResourcePathInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/webresourcepath/{key}/referred-entities':
get:
tags:
- WebResourcePath
description: Get a list of refereed entities
operationId: 12_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/webresourceroot/{key}':
get:
tags:
- WebResourceRoot
description: Get an entity by using key
operationId: 13_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
application/xml:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
'404':
description: Requested entity not found
put:
tags:
- WebResourceRoot
description: Update an entity
operationId: 13_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
application/xml:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
'404':
description: Entity not found
delete:
tags:
- WebResourceRoot
description: Delete an entity
operationId: 14_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/webresourceroot:
get:
tags:
- WebResourceRoot
description: Get information about an Entity
operationId: 14_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/WebResourceRootInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/WebResourceRootInfo'
'404':
description: Requested entity not found
post:
tags:
- WebResourceRoot
description: Add new entity
operationId: 13_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
application/xml:
schema:
$ref: '#/components/schemas/WebResourceRootInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/webresourceroot/{key}/referred-entities':
get:
tags:
- WebResourceRoot
description: Get a list of refereed entities
operationId: 13_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/saml/saml_federation/{key}':
get:
tags:
- SAML
description: Get an entity by using key
operationId: 14_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
application/xml:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
'404':
description: Requested entity not found
put:
tags:
- SAML
description: Update an entity
operationId: 14_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
application/xml:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
'404':
description: Entity not found
delete:
tags:
- SAML
description: Delete an entity
operationId: 15_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/saml/saml_federation:
get:
tags:
- SAML
description: Get information about an Entity
operationId: 15_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/SAMLFederationInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/SAMLFederationInfo'
'404':
description: Requested entity not found
post:
tags:
- SAML
description: Add new entity
operationId: 14_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
application/xml:
schema:
$ref: '#/components/schemas/SAMLFederationInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/saml/saml_federation/{key}/referred-entities':
get:
tags:
- SAML
description: Get a list of refereed entities
operationId: 14_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/servercertificate/{key}':
get:
tags:
- ServerCertificate
description: Get an entity by using key
operationId: 15_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
'404':
description: Requested entity not found
put:
tags:
- ServerCertificate
description: Update an entity
operationId: 15_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ServerCertificateInfo'
responses:
'201':
description: Entity updated successfully
'404':
description: Entity not found
delete:
tags:
- ServerCertificate
description: Delete an entity
operationId: 16_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/servercertificate:
get:
tags:
- ServerCertificate
description: Get information about an Entity
operationId: 16_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
'404':
description: Requested entity not found
post:
tags:
- ServerCertificate
description: Add new entity
operationId: 15_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ServerCertificateInfo'
responses:
'201':
description: Entity created successfully
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/servercertificate/{key}/referred-entities':
get:
tags:
- ServerCertificate
description: Get a list of refereed entities
operationId: 15_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/ssodomain/{key}':
get:
tags:
- SSODomain
description: Get an entity by using key
operationId: 16_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/SSODomainInfo'
application/xml:
schema:
$ref: '#/components/schemas/SSODomainInfo'
'404':
description: Requested entity not found
put:
tags:
- SSODomain
description: Update an entity
operationId: 16_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SSODomainInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/SSODomainInfo'
application/xml:
schema:
$ref: '#/components/schemas/SSODomainInfo'
'404':
description: Entity not found
delete:
tags:
- SSODomain
description: Delete an entity
operationId: 17_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/ssodomain:
get:
tags:
- SSODomain
description: Get information about an Entity
operationId: 17_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/SSODomainInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/SSODomainInfo'
'404':
description: Requested entity not found
post:
tags:
- SSODomain
description: Add new entity
operationId: 16_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SSODomainInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/SSODomainInfo'
application/xml:
schema:
$ref: '#/components/schemas/SSODomainInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/ssodomain/{key}/referred-entities':
get:
tags:
- SSODomain
description: Get a list of refereed entities
operationId: 16_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
'/v2/tunnelset/{key}':
get:
tags:
- Tunnelset
description: Get an entity by using key
operationId: 17_get
parameters:
- name: key
in: path
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
application/xml:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
'404':
description: Requested entity not found
put:
tags:
- Tunnelset
description: Update an entity
operationId: 17_update
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
responses:
'201':
description: Entity updated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
application/xml:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
'404':
description: Entity not found
delete:
tags:
- Tunnelset
description: Delete an entity
operationId: 18_delete
parameters:
- name: key
in: path
description: The Key of Entity
required: true
schema:
type: string
responses:
'204':
description: Entity deleted successfully
'404':
description: Entity not found
'409':
description: Dependencies must be deleted before deleting an Entity
/v2/tunnelset:
get:
tags:
- Tunnelset
description: Get information about an Entity
operationId: 18_search
parameters:
- name: displayName
in: query
description: The display_name of an Entity
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TunnelsetInfo'
application/xml:
schema:
type: array
items:
$ref: '#/components/schemas/TunnelsetInfo'
'404':
description: Requested entity not found
post:
tags:
- Tunnelset
description: Add new entity
operationId: 17_add
parameters: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
responses:
'201':
description: Entity created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
application/xml:
schema:
$ref: '#/components/schemas/TunnelsetInfo'
'400':
description: Entity already exists or Missing/invalid attribute
'401':
description: HTTP request lacks valid authentication credentials
'406':
description: Missing required parameters
'/v2/tunnelset/{key}/referred-entities':
get:
tags:
- Tunnelset
description: Get a list of refereed entities
operationId: 17_getRefferedEntities
parameters:
- name: key
in: path
description: The key of the entity
required: true
schema:
type: string
responses:
'200':
description: Requested entity found
content:
application/json:
schema:
type: array
items:
type: object
'404':
description: Requested entity not found
components:
schemas:
JSONAccessRule:
type: object
properties:
key:
type: string
display_name:
type: string
JSONMechanism:
type: object
properties:
key:
type: string
display_name:
type: string
type:
type: string
JsonDatabaseSettings:
type: object
properties:
database_type:
type: string
name:
type: string
host:
type: string
url:
type: string
dialect:
type: string
driver:
type: string
user:
type: string
password:
type: string
show_sql:
type: string
store_style:
type: string
reconnect_tries:
type: integer
format: int32
copy_data:
type: boolean
up_to_date:
type: boolean
error_hint:
type: string
JSONClientConfig:
type: object
properties:
client_id:
type: string
client_secret:
type: string
client_secret_set:
type: boolean
display_name:
type: string
scopes:
type: array
items:
type: string
grant_types:
type: array
items:
type: string
access_rules:
type: array
items:
type: string
password_grant_mech:
type: string
client_cert_mech:
type: string
user_certificate_bound:
type: boolean
redirect_uris:
type: array
items:
type: string
consent_required:
type: boolean
consent_template:
type: string
hint:
type: string
key:
type: string
JSONArray:
type: array
properties:
empty:
type: boolean
items:
type: object
JSONConfiguration:
type: object
properties:
enabled:
type: boolean
openIDEnabled:
type: boolean
clientUrl:
type: string
scopeUrl:
type: string
databaseUrl:
type: string
authorizationCodeMaxAge:
type: string
accessTokenMaxAge:
type: string
idTokenMaxAge:
type: string
refreshTokenMaxAge:
type: string
futureTimestampThreshold:
type: string
dbCleanupEnabled:
type: boolean
dbCleanupIntervalInDays:
type: integer
format: int32
issuer:
type: string
serverCertList:
type: array
properties:
empty:
type: boolean
items:
type: object
currentServerCert:
type: string
signingAlgorithm:
type: string
JSONAttributeConfig:
type: object
properties:
friendlyName:
type: string
description: >-
The Friendly Name used in the Attribute Statement returned to the
Service Provider.
attributeSource:
type: string
description: Defines the Source of the user attribute value.
enum:
- >-
User Storage OR Custom OR Custom, User Storage OR User Storage,
Custom OR SAML Session OR Session OR Static Value OR Defined
value:
type: string
description: Mandatory when "Source" is set to option "Static Value"
definedSource:
type: string
description: A comma-separated string of "Source"-names in prioritized order.
enum:
- User Storage
- Custom
- SAML Session
- Session
JSONGroupConfig:
type: object
properties:
groupId:
type: string
attributes:
type: array
items:
$ref: '#/components/schemas/JSONAttributeConfig'
JSONScope:
type: object
properties:
name:
type: string
description:
type: object
additionalProperties:
type: string
key:
type: string
IdentityProvider:
type: object
properties:
federationName:
type: string
example: Sample Identity Provider
idpEntityId:
type: string
example: 'https://example.com/idp'
idpId:
type: string
example: kxynepjetnayd4i
serviceProviders:
type: array
xml:
name: serviceProvider
items:
$ref: '#/components/schemas/ServiceProvider'
IdentityProviderInfoList:
type: object
properties:
identityProviders:
type: array
xml:
name: identityProvider
items:
$ref: '#/components/schemas/IdentityProvider'
xml:
name: identityProviders
MethodInfo:
type: object
properties:
methodType:
type: string
example: Swedish Mobile BankID
spId:
type: string
example: kxynepjetnayd4iijwqbxiurs5euxy
displayName:
type: string
example: Mobilt BankID
methodId:
type: string
example: kjpuma3pfp2gl3a
methodUrl:
type: string
example: >-
https://localhost/https/api/rest/v1.0/saml/authnrequest/kxynepjetnayd4iijwqbxiurs5euxy/kjpuma3pfp2gl3a
authnContextRef:
type: string
example: 'urn:sp1.example.com:lt6v66l7z3i5cxy/kxynepjetnayd4i/MobiltBankID'
properties:
$ref: '#/components/schemas/MethodProperties'
info:
$ref: ./swagger/definitions.json#/definitions/Map
MethodProperties:
type: object
properties:
tag:
type: string
example: trial
blockCounter:
type: integer
format: int32
example: 100
blockEnabled:
type: boolean
example: true
ServiceProvider:
type: object
properties:
spEntityId:
type: string
example: 'urn:sp1.example.com:lt6v66l7z3i5cxy'
spId:
type: string
example: kxynepjetnayd4idqzcb34l5nkeeoa
authenticationMethods:
type: array
xml:
name: authenticationMethod
items:
$ref: '#/components/schemas/MethodInfo'
CallbackUrlInfo:
required:
- callbackUrl
type: object
properties:
callbackUrl:
type: string
example: 'https://sp1.example.com/saml/response'
MethodAddInput:
required:
- methodTemplate
- spId
type: object
properties:
methodTemplate:
type: string
example: swedish_mobile_bankid
spId:
type: string
example: kxynepjetnayd4idqzcb34l5nkeeoa
methodDisplayName:
type: string
example: mobile_bankid
properties:
$ref: '#/components/schemas/MethodProperties'
MethodUpdateInput:
type: object
properties:
properties:
$ref: '#/components/schemas/MethodProperties'
JSONSyslog:
type: object
properties:
enabled:
type: boolean
host:
type: string
port:
type: string
ssl:
type: boolean
octet_counting:
type: boolean
structured_data:
type: boolean
node_logs_available:
type: object
additionalProperties:
uniqueItems: true
type: array
items:
type: string
node_logs_selected:
type: object
additionalProperties:
uniqueItems: true
type: array
items:
type: string
UserPropertyGroupInfo:
required:
- attributeName
- attributeSource
- attributeValue
- displayName
- source
type: object
properties:
displayName:
type: string
description: Unique name used in the system to identify the user group.
example: UserGroup1
attributeName:
type: string
description: >-
Attribute name defined in the directory service schema.
Used to identify the members of the group.
When Attribute Source is set to Custom-defined, you can use the
custom-defined user attributes specified on the User Accounts
General Settings page.
When selecting SAML session on Attribute source and the IdP has
enabled sending certificate information some system defined
attributes can be read here see Reading User Certificate attributes
from SAML session.
Not available when Attribute Source is set to RADIUS Session.
Mandatory if Attribute Source is set to User storage location or
Custom-defined.
example: city
attributeValue:
type: string
description: >-
User attribute value.
All members of the group must have this attribute value.
When Attribute Source is set to Custom-defined, you can use the
custom-defined user attributes specified on the User Accounts
General Settings page.
Not available when Attribute Source is set to RADIUS.
Mandatory if Attribute Source is set to User storage location or
CUSTOM.
example: NewYork
attributeSource:
type: string
description: |-
Type of attribute.
Available options are: USERSTORAGE, CUSTOM, RADIUS, and SAML.
When set to RADIUS Session, Attribute Name cannot be entered.
Set to User storage location by default.
example: CUSTOM
enum:
- User storage location
- Custom-defined
- RADIUS session
- SAML session
description:
type: string
description: Describes the user property group.
example: Group of users
source:
type: string
description: >-
List of available Identity Providers.
When selected, all logged on SAML Session users are added as members
to this group.
Mandatory when Attribute Source is set to SAML Session.
example: idp
key:
type: string
readOnly: true
example: kkhhjgslsirn
AccessPointAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
accessPoints:
minItems: 1
uniqueItems: true
type: array
description: List of keys to access points
items:
type: string
example: 8nt6f2dwa9og
AccessRuleItemGroupInfo:
type: object
properties:
accessRuleItemInfos:
minItems: 1
uniqueItems: true
type: array
description: |-
List of access rule items.
Access Rule is validated against all of the AccessRuleItems.
If any AccessRuleItem is false, Access rule will fail.
items:
discriminator:
propertyName: type
mapping:
Client Device: '#/components/schemas/DeviceAccessRuleItemInfo'
Authentication Method: '#/components/schemas/AuthenticationMechanismAccessRuleItemInfo'
User Group Membership: '#/components/schemas/UserGroupMembershipAccessRuleItemInfo'
Access Point: '#/components/schemas/AccessPointAccessRuleItemInfo'
Date and Time: '#/components/schemas/DateTimeAccessRuleItemInfo'
Identity Provider: '#/components/schemas/SAMLAccessRuleItemInfo'
IP Address of Incoming Client: '#/components/schemas/ClientIpAddressAccessRuleItemInfo'
Identity Orchestration: '#/components/schemas/IdOAccessRuleItemInfo'
User Storage: '#/components/schemas/UserStorageAccessRuleItemInfo'
OAuth2 Bearer Token: '#/components/schemas/OAuth2BearerAccessRuleItemInfo'
HTTP Header: '#/components/schemas/HTTPHeaderAccessRuleItemInfo'
Assessment: '#/components/schemas/AssessAccessRuleItemInfo'
oneOf:
- $ref: '#/components/schemas/DeviceAccessRuleItemInfo'
- $ref: '#/components/schemas/AuthenticationMechanismAccessRuleItemInfo'
- $ref: '#/components/schemas/UserGroupMembershipAccessRuleItemInfo'
- $ref: '#/components/schemas/AccessPointAccessRuleItemInfo'
- $ref: '#/components/schemas/DateTimeAccessRuleItemInfo'
- $ref: '#/components/schemas/SAMLAccessRuleItemInfo'
- $ref: '#/components/schemas/ClientIpAddressAccessRuleItemInfo'
- $ref: '#/components/schemas/IdOAccessRuleItemInfo'
- $ref: '#/components/schemas/UserStorageAccessRuleItemInfo'
- $ref: '#/components/schemas/OAuth2BearerAccessRuleItemInfo'
- $ref: '#/components/schemas/HTTPHeaderAccessRuleItemInfo'
- $ref: '#/components/schemas/AssessAccessRuleItemInfo'
AccessRuleItemInfo:
type: object
discriminator:
propertyName: type
mapping:
Client Device: '#/components/schemas/DeviceAccessRuleItemInfo'
Authentication Method: '#/components/schemas/AuthenticationMechanismAccessRuleItemInfo'
User Group Membership: '#/components/schemas/UserGroupMembershipAccessRuleItemInfo'
Access Point: '#/components/schemas/AccessPointAccessRuleItemInfo'
Date and Time: '#/components/schemas/DateTimeAccessRuleItemInfo'
Identity Provider: '#/components/schemas/SAMLAccessRuleItemInfo'
IP Address of Incoming Client: '#/components/schemas/ClientIpAddressAccessRuleItemInfo'
Identity Orchestration: '#/components/schemas/IdOAccessRuleItemInfo'
User Storage: '#/components/schemas/UserStorageAccessRuleItemInfo'
OAuth2 Bearer Token: '#/components/schemas/OAuth2BearerAccessRuleItemInfo'
HTTP Header: '#/components/schemas/HTTPHeaderAccessRuleItemInfo'
Assessment: '#/components/schemas/AssessAccessRuleItemInfo'
AssessAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
displayName:
type: string
description: Display Name
example: Assessment1
operatingSystem:
type: string
description: Operating System
example: Windows
enum:
- Windows
- MacOSX
clientData:
type: string
description: >
operatingSystem = "MacOSX" -> clientData allowedValues =
{"Process" "NetworkInterface"};operatingSystem = "Windows" ->
clientData allowedValues = {"Process" "NetworkInterface"
"WindowsUserInfo" "WindowsDomain"};
example: NetworkInterface
enum:
- NetworkInterface
- Process
- WindowsDomain
- WindowsUserInfo
defaultErrorMessage:
type: string
description: Error message shown if rule fails
example: >-
The client scan is completed. Your client does not match
specified requirements and access to the resource you requested
is not allowed. Contact your system administrator for details.
requirements:
uniqueItems: true
type: array
description: >-
Requirements are matchKey and matchValue pair check on client
machine
items:
$ref: '#/components/schemas/AssessLookupAccessRuleRequirementInfo'
AssessLookupAccessRuleRequirementInfo:
type: object
properties:
matchKey:
type: string
description: >
clientData = "Process" -> matchKey allowedValues = {"Filename"
"Digest" "Pid"};
clientData = "WindowsUserInfo" -> matchKey allowedValues =
{"logonDomain" "logonServer" "othDomains" "username"};
clientData = "WindowsDomain" -> matchKey allowedValues =
{"computername" "langroup" "majorVersion" "minorVersion"
"platformId"};
clientData = "NetworkInterface" -> matchKey allowedValues =
{"description" "name" "physicalAddr"};
example: name
enum:
- Filename
- Digest
- Pid
- logonDomain
- logonServer
- othDomains
- username
- computername
- langroup
- majorVersion
- minorVersion
- platformId
- description
- name
- physicalAddr
matchValue:
type: string
description: Regular expression matched against matchKey
example: WORKGROUP
AuthenticationMechanismAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
authenticationMechanisms:
minItems: 1
uniqueItems: true
type: array
description: List of keys of authenticationMechanisms
items:
type: string
example: 8nt6f2dwa9og
operator:
type: string
description: |
Operator used between expressions
default: or
enum:
- and
- or
ClientIpAddressAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
clientIpAddressRange:
type: string
description: IP or range of ip
example: 192.168.12.12
DateTimeAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
fromDate:
pattern: '^(1[0-2]|0[1-9])/(3[01]|[12][0-9]|0[1-9])/[0-9]{4}$'
type: string
description: >-
Start Date to validate rule. This format should be same as per
the system
If fromDate is not null, toDate should also be not null
example: 05/20/2019
toDate:
pattern: '^(1[0-2]|0[1-9])/(3[01]|[12][0-9]|0[1-9])/[0-9]{4}$'
type: string
description: >-
End Date to validate rule. This format should be same as per the
system
If toDate is not null, fromDate should also be not null
example: 05/20/2019
fromTime:
pattern: '^((([0-1]?[0-9])|(2[0-3])):?[0-5][0-9])$'
type: string
description: >-
Start Time to validate rule. This format should be same as per
the system
If fromTime is not null, toTime should also be not null
example: '06:37'
toTime:
pattern: '^((([0-1]?[0-9])|(2[0-3])):?[0-5][0-9])$'
type: string
description: >-
End Date to validate rule. This format should be same as per the
system
If toTime is not null, fromTime should also be not null
example: '16:37'
days:
minItems: 1
uniqueItems: true
type: array
description: List of days
items:
type: string
example: Friday
enum:
- Sunday
- Monday
- Tuesday
- Wednesday
- Thursday
- Friday
- Saturday
DeviceAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
devices:
minItems: 1
uniqueItems: true
type: array
description: List of keys to devices
items:
type: string
example: 8nt6f2dwa9og
HTTPHeaderAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
headerField:
type: string
description: Header field value
example: User-Agent
regex:
type: string
description: Regular expression
example: .*chrome.*
IdOAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
idoChannel:
type: string
description: Key of IDO Channel
example: safgdggsg
OAuth2BearerAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
client:
type: string
description: Key of OAuth2 client
example: 8nt6f2dwa9og
scopes:
uniqueItems: true
type: array
description: Keys to OAuth2 scopes
items:
type: string
example: 8nt6f2dwa9og
ReusableAccessRuleInfo:
required:
- displayName
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: Unique name used in the system to identify the entity.
example: Entity1
accessRuleItemGroups:
minItems: 1
uniqueItems: true
type: array
description: |-
Group containing access rule items.
Access Rule is validated against any of the AccessRuleItemGroup.
If one AccessRuleItemGroup is true, Access rule will pass.
items:
$ref: '#/components/schemas/AccessRuleItemGroupInfo'
SAMLAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
federation:
type: string
description: Key of SAML Federation
example: 8nt6f2dwa9og
idpAuthenticationMechanism:
type: string
description: Key of Identity Provider under that federation
example: 8nt6f2dwa9og
UserGroupMembershipAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
operator:
type: string
description: |
Operator used between expressions
default: or
enum:
- and
- or
userGroups:
minItems: 1
uniqueItems: true
type: array
description: List of keys to user group objects
items:
type: string
example: 8nt6f2dwa9og
UserStorageAccessRuleItemInfo:
allOf:
- $ref: '#/components/schemas/AccessRuleItemInfo'
- type: object
properties:
userStorage:
type: string
description: Key of user storage
example: 8nt6f2dwa9og
CRLDistributionPoint:
type: object
properties:
address:
type: string
format: uri
fetchTimeAdjustment:
type: integer
format: int32
useDefaultUpdateTime:
type: boolean
writeOnly: true
fetchInterval:
type: integer
format: int32
retryInterval:
type: integer
format: int32
CaCertificateInfo:
required:
- displayName
- encodedDataString
- isEnabled
- performCRC
type: object
properties:
distributionPointList:
type: array
description: The list of certificate revocation checks.
example:
- address: ''
fetchInterval: 3600
retryInterval: 3600
fetchTimeAdjustment: 5
useDefaultUpdateTime: false
items:
$ref: '#/components/schemas/CRLDistributionPoint'
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: Name displayed in admin GUI
example: name
isEnabled:
type: boolean
description: Is the CA certificate enabled or disabled
example: true
performCRC:
type: boolean
description: Perform certificate revocation or not
example: false
denyAuthInvalidCRL:
type: boolean
description: Deny authentication if certificate revocation list is invalid
example: true
encodedDataString:
type: string
description: pkcs8 certificate encoded in PEM format
DeviceInfo:
required:
- displayName
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: Unique name used in the system to identify the entity.
example: Entity1
rules:
type: string
description: rules for device
example: test rule
MappedDNSNameInfo:
type: object
properties:
key:
type: string
readOnly: true
example: fsydij7xou80
cspenabled:
type: boolean
description: Protect this resource by adding CSP filters header to each response.
csp:
type: string
description: Add Content Security Policy filters to the header response.
accessPointEntrance:
type: string
description: WWW Root folder
example: wwwroot
hstsenabled:
type: boolean
description: Protect this resource by adding an HSTS header to each response.
xcontentEnabled:
type: boolean
description: >-
Protect this resource by adding X-Content-Type-Options header to
each response.
xxssenabled:
type: boolean
description: >-
Protect this resource by adding an XXSS Protection header to each
response.
xframeOption:
type: string
description: The X-Frame-Options selection
dnsname:
type: string
description: DNS name
example: sample.nexusgroup.com
serverCertificate:
type: string
description: The key to certificate to map to this DNS name
example: fsydij7xou80
FileInfo:
type: object
properties:
name:
type: string
description: Name of file
size:
type: integer
description: Size of file
format: int64
directory:
type: boolean
description: Is file a directory
IDOInfo:
required:
- displayName
type: object
properties:
displayName:
type: string
description: >-
Unique name used in the system to identify the identity
orchestartion.
example: ido
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
IncomingFirewallRuleInfo:
type: object
properties:
protocol:
type: string
description: Protocol used
enum:
- TCP
- UDP
comment:
type: string
description: Describe the rule
ipRange:
type: string
description: IP range of firewall rule
example: 192.168.56.1-192.168.56.101
device:
type: string
description: Key of client device to which the rule should be applied
portSet:
type: string
description: >-
Several port numbers or a range of port numbers, separated with a
comma sign
example: '80, 8080-8090, 9001'
rule:
type: string
description: The rule's action
enum:
- Deny
- Accept
anyDevice:
type: boolean
description: 'Apply rule on any device, even those not registered'
InternetFirewallInfo:
type: object
properties:
key:
type: string
readOnly: true
displayName:
type: string
description: Display name of firewall
outgoingFirewallRules:
type: array
description: List of outgoing firewall rules
items:
$ref: '#/components/schemas/OutgoingFirewallRuleInfo'
incomingFirewallRules:
type: array
description: List of incoming firewall rules
items:
$ref: '#/components/schemas/IncomingFirewallRuleInfo'
OutgoingFirewallRuleInfo:
type: object
properties:
protocol:
type: string
description: Protocol used
enum:
- TCP
- UDP
comment:
type: string
description: Describe the rule
ipRange:
type: string
description: IP range of firewall rule
example: 192.168.56.1-192.168.56.101
device:
type: string
description: Key of client device to which the rule should be applied
portSet:
type: string
description: >-
Several port numbers or a range of port numbers, separated with a
comma sign
example: '80, 8080-8090, 9001'
rule:
type: string
description: The rule's action
enum:
- Deny
- Accept
anyDevice:
type: boolean
description: 'Apply rule on any device, even those not registered'
NodeInfo:
type: object
properties:
id:
type: integer
description: ID of the node
format: int32
example: 3
name:
type: string
description: Display name of the node
example: Policy Service
key:
type: string
readOnly: true
example: fsydij7xou80
type:
type: string
description: Type of node
example: POLICY_SERVICE
enum:
- POLICY_SERVER
- AGENT
- ACCESS_POINT
- AUTHENTICATION_SERVER
- ADMINISTRATION_SERVER
- DISTRIBUTION_SERVER
- UNKNOWN_NODETYPE
AttributeGroupInfo:
type: object
properties:
key:
type: string
description: The string which uniquely identifies a attribute group
attributes:
type: array
description: The list of attributes.
items:
$ref: '#/components/schemas/AttributeMemberInfo'
displayName:
type: string
description: The name of the attribute group.
AttributeMemberInfo:
type: object
properties:
friendlyName:
type: string
description: >-
The Friendly Name used in the Attribute Statement returned to the
Service Provider.
attributeSource:
type: string
description: Defines the Source of the user attribute value.
example: >-
User Storage OR Custom OR Custom, User Storage OR User Storage,
Custom OR SAML Session OR Session OR Static Value OR Defined
value:
type: string
description: Mandatory when "Source" is set to option "Static Value"
definedSource:
type: string
description: A comma-separated string of "Source"-names in prioritized order.
example: 'Session, SAML Session, Custom, User Storage'
ClientInfo:
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: >-
A unique display name in order to easily identify the client in the
administrator.
example: google
clientSecret:
type: string
description: >-
The secret that should be used in combination with the identifier to
authenticate the client. This parameter is required unless Client
Certificate is chosen instead.
If you change from Client Certificate to Client Secret, any uploaded User Certificate will be discarded and cannot be recovered.
example: 49VRRRnv3vZ7ikRJFgOg
reusableAccessRules:
uniqueItems: true
type: array
description: >-
These access rules are applied to the resource owner when he or she
authorizes the client to access a resource. They are combined with
the logical operator AND.
items:
type: string
description: >-
These access rules are applied to the resource owner when he or
she authorizes the client to access a resource. They are combined
with the logical operator AND.
consentRequired:
type: boolean
description: >-
Determines if the Resource Owner will be required to give the client
consent to access the requested scopes when issuing an Access Token.
default: false
clientSecretSet:
type: boolean
description: Set true if client secret is set
default: false
clientcertMech:
type: string
description: >-
The authentication mechanism that should be used to authenticate the
client. This mechanism must be either a User Certificate mechanism,
or a custom mechanism based on the User Certificate mechanism.
example: 12ajsdksk
scopes:
uniqueItems: true
type: array
description: The scopes that this client is allowed to request access to.
items:
type: string
subjectSource:
type: string
description: >-
Available options are: User ID, E-mail, Mobile phone, User storage
attributes, Transient and Persistent.
default: User ID
subjectEncoding:
type: string
description: 'Available options are: Auto, None, Base64.'
default: Auto
clientId:
type: string
description: >-
The unique identifier that the client should use to identify itself
to Hybrid Access Gateway.
This value cannot be changed.
example: orynG1g5GWiVCMocxDWO
redirectUris:
type: array
description: >-
When requesting a token the client may include a redirect URI
parameter in the request in order to specify where the resource
owner should be redirected with the response.
items:
type: string
grantTypes:
type: array
description: >-
These are the grant flows that the client is authorized to use in
order to obtain an access token.
items:
type: string
consentTemplate:
type: string
description: >-
The relative path on the access point that the Resource Owner should
be redirected to in order to give consent. This parameter is
required if Require Consent is checked.
scopeMapping:
type: array
description: >+
This tab shows all scopes that have been selected in the Privileges
tab
Attribute Groups define sets of X.500 user attributes, that can be
sent to a OIDC Identity Provider for specific scope..
items:
$ref: '#/components/schemas/ScopeMappingInfo'
userStorageAttribute:
type: string
description: >-
This value is mandatory when subject source is user storage
attribute
example: name
enableOpenIdConnect:
type: boolean
description: >
Enables or disables openID connect for the client. If checkbox is
enabled it will show additional tab "Scope Mapping"
default: false
passwordGrantMech:
type: string
description: Password Authentication mechanism Key
example: 12ajsdksk
userCertificateBound:
type: boolean
description: >-
If Client Certificate with User Certificate binding is used as
authentication method for the client, the system requires a user
bound to the used Client Certificate.
default: false
ScopeMappingInfo:
type: object
properties:
scope:
type: string
attributeGroup:
type: string
ScopeInfo:
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: >-
A unique display name in order to easily identify the client in the
administrator
example: profile
description:
type: object
additionalProperties:
type: string
description: >-
The key is used to identify the description, if one wants to
distinguish from different types of descriptions. Which
description is used can be defined by re-branding the consent
page, otherwise the first description in this list will be
displayed.
The value is the actual text the resource owner will see when he
is prompted to consent to a client accessing this scope.
description: >-
The key is used to identify the description, if one wants to
distinguish from different types of descriptions. Which description
is used can be defined by re-branding the consent page, otherwise
the first description in this list will be displayed.
The value is the actual text the resource owner will see when he is
prompted to consent to a client accessing this scope.
AdditionalResources:
type: object
properties:
webResourcePaths:
type: array
description: Key to webresource paths
items:
type: string
webResourceRoots:
type: array
description: Key to webresource roots
items:
type: string
description: >-
Additional resources is a way to control if a Portal item should be
visible.The access rule for the Portal item is the sum of the primary
resource and the additional resources.
PortalSettingInfo:
type: object
properties:
key:
type: string
readOnly: true
protocol:
type: string
description: Protocol associated with the web resource
enum:
- HTTP
- HTTPS
iconPath:
type: string
description: path of the icon file
example: /wa/img/icons/4.10.0/chat.png
label:
type: string
description: name displayed in portal
example: JIRA
shortcut:
type: string
description: Shortcut to the Web resource
urlquery:
type: string
description: >-
Query string added to the Web resource address when item is selected
in the Portal.
tunnelSet:
type: string
description: Key to tunnel set that can be shown on portal
example: i480nwz5jiw
externalURL:
type: string
webResourceRoot:
type: string
description: Key to web resource root that can be shown on portal
example: i480nwz5jiw
showOnPortal:
type: boolean
description: Show on the Portal
webResourcePath:
type: string
description: Key to web resource path that can be shown on portal
example: i480nwz5jiw
additionalResources:
$ref: '#/components/schemas/AdditionalResources'
hideResourceInURL:
type: boolean
description: >-
The resource URL is hidden from the address bar of the new browser
window.
description: >-
Menu item associated with the tunnel set. Leave as null if you do not
want to show tunnel in portal
PublishStatus:
type: object
properties:
nodeId:
type: integer
description: ID of the node
format: int32
status:
type: string
description: >-
Publish status of a node<br/>ERROR: When node returned error during
publish<br/>OK: When node publish succeeds<br/>NOT_CONNECTED: When
node is not connected to the Administration Service<br/>NO_RESPONSE:
When node does not send response during publish<br/>PUBLISH_FAILED:
When publish to node failed
enum:
- ERROR
- OK
- NOT_CONNECTED
- NO_RESPONSE
- PUBLISH_FAILED
errorMessage:
type: string
description: Error message if the status code is ERROR
errorCode:
type: integer
description: Error code if the status code is ERROR
format: int32
ResourceAccessRuleInfo:
type: object
properties:
accessRuleItemGroups:
minItems: 1
uniqueItems: true
type: array
description: |-
Group containing access rule items.
Access Rule is validated against any of the AccessRuleItemGroup.
If one AccessRuleItemGroup is true, Access rule will pass.
items:
$ref: '#/components/schemas/AccessRuleItemGroupInfo'
description: Access rule to be associated with tunnel set
TunnelResourceInfo:
required:
- displayName
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: Unique name used in the system to identify the entity.
example: Entity1
host:
type: string
description: IP address or DNS name of the resource host
example: mydns
description:
type: string
description: Describes the tunnel resource network or host
resourceAccessRule:
$ref: '#/components/schemas/ResourceAccessRuleInfo'
reusableAccessRules:
minItems: 0
uniqueItems: true
type: array
description: |
Unique Key of Reusable access rule
items:
type: string
example: cf2uh9lnnw1s
alternativeHosts:
minItems: 0
type: array
description: >-
IP address or the DNS name of the alternative host.
Alternative hosts are necessary for link translation to work. A
specific resource host may have several alternative hosts
items:
type: string
example: 192.168.12.12
useProxy:
type: boolean
description: >
When set, the connection to the tunnel resource goes through a proxy
server.
example: false
resourceEnabled:
type: boolean
description: >-
If set true, the tunnel resource or tunnel resource network is
enabled
tcpportSet:
type: string
description: >-
Port for the TCP traffic.
This can be either a single port, a range of ports, or the wildcard
character * for all ports (1-65535).
Either TCP Port Set or UDP Port Set is mandatory.
example: 137-139
telnetSSO:
type: string
description: >-
The Key of the Telnet Single Sign-On domain that should be used for
this tunnel resource network or host
example: cf2uh9lnnw1s
rdpsso:
type: string
description: >-
The Key of Remote Desktop Single Sign-On domain that should be used
for this tunnel resource network or host
example: cf2uh9lnnw1s
sshsso:
type: string
description: >-
The Key of SSH Single Sign-On domain that should be used for this
tunnel resource. Can be used together with Telnet SSO
example: cf2uh9lnnw1s
fileshareSSO:
type: string
description: >-
The Key of the file-share Single Sign-On domain that should be used
for this tunnel resource network or host
example: cf2uh9lnnw1s
automaticAccess:
type: boolean
description: >-
When selected, the tunnel share is accessed automatically.
For resources where Automatic access is activated, the user session
time-outs are not affected when the resource is requested
automatically
sshserverCert:
type: string
description: >-
The Key of the Server Certificate for SSHSSO domain The host key
presented to the end user.
example: c030xxkl8m
sshinternalSSO:
type: string
description: >-
When set, SSH (Secure Shell) Single Sign-On with a second possible
internal SSH SSO is enabled for this tunnel resource.
If set, another Single Sign-On domains should be set in
'InternalSSO', according to the order that they should be used.
Can be used together with Telnet SSO.
example: dbeenonhvbb4
internalSSO:
type: string
description: >-
The SSH Single Sign-On domain that should be used for this tunnel
resource once a connection has already used the first SSO domain -
SSHInternalSSO
Must set this value if SSHInternalSSO is set
example: blkz1kmb0mio
udpportSet:
type: string
description: >-
Port for the UDP traffic.
This can be either a single port, a range of ports, or the wildcard
character * for all ports.
Either TCP Port Set or UDP Port Set is mandatory.
example: '445'
absoluteTimeOut:
type: integer
description: >-
Time in minutes (0-1440), since the user was last authenticated with
required authentication method, before re-authentication is
required, independent of user activity.
format: int32
example: 720
iprange:
type: string
description: >-
IP address to the first and last host for the range of tunnel
resources in the network.Don't set this for creating Tunnel Resource
Host
example: 192.168.12.12 - 192.168.12.128
sshserCertInternalSSO:
type: string
description: >-
The Key of the Server Certificate to be used when SSH SSO with
internal SSO has to be used.
The host key presented to the end user
example: c030xxkl8m
maxInactivityTime:
type: integer
description: >-
Maximum user inactivity time in minutes (0-1440) before
re-authentication is required.
The value '-1' means the values is not set
format: int32
example: 15
FormBasedConfigurationInfo:
type: object
properties:
method:
type: string
description: HTTP method POST or GET is used to request the Form Action
default: POST
enum:
- GET
- POST
verificationURL:
type: string
description: |-
URL the response from the form action is sent to for verification.
This must be an absolute URL.
example: 'http://www.thesecurecompany.com/formdata.html'
formResponse:
type: string
description: >-
Text string included in the response used to decide if the
authentication is successful or unsuccessful.
formAction:
type: string
description: URL to GET or POST data to. Must be entered as an absolute URL.
example: 'https://www.google.com/action'
formData:
type: string
description: >-
Data sent to the server. It must be URL encoded
The variables [$username], [$password] and [$domain] can be used for
dynamic replacement with internal username, password and NTLM
domain. The variables will then be replaced by the stored values in
the SSO domain.
example: >-
jazoest=2631&lsd=AVrL6P4h&email=%5B%24username%5D&pass=+%5B%24password%5D
clientRequestHeaders:
type: array
description: Client request headers that are added to the internal request.
items:
type: string
description: >-
Name of headers from the client request that are added to the
internal request and passed through the system to the resource
ssocredentialsEncoding:
type: string
description: |-
Encoding of SSO variables in form data.
Available encodings are ISO-8859-1 and UTF-8.
patternSuccessful:
type: string
description: >-
Text string included in the response used to decide if the
authentication is successful or unsuccessful.
default: SUCCESSFUL
enum:
- FAILED
- SUCCESSFUL
additionalHeaders:
type: array
description: Additional headers that are added to the internal request.
items:
$ref: '#/components/schemas/ImmutablePairStringString'
description: It must be not null when FORM_BASED sso type is created
ImmutablePairStringString:
type: object
properties:
left:
type: string
right:
type: string
value:
type: string
key:
type: string
description: >-
key value pair where: key - Name of the additional headers that are
added to the internal request and sent to the resource
value - Additional header value
WebResourcePathInfo:
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
useDerivedAuthorization:
type: boolean
description: >-
When true, the resource path automatically inherits the Access Rules
and Advanced Settings that apply to the parent host/path. As a
result, Access Rules and Advanced Settings are not available for
configuration on the resource path.
default: false
resourceRootKey:
type: string
description: Key of resource root where this path will be added
example: sfsf3ssadf4
uri:
type: string
description: Path to the resource
example: wa/desktop
maxInactiveTime:
type: integer
description: >-
Maximum user inactivity time in minutes (0-1440) before
re-authentication is required.
format: int32
maxAbsoluteTimeout:
type: integer
description: >-
Time in minutes (0-1440), since the user was last authenticated with
required authentication method, before re-authentication is
required, independent of user activity.
format: int32
requireEncryption:
type: boolean
description: >-
When true, SSL is required in the traffic between the client and the
system.
default: true
browserCacheList:
type: array
description: >-
Defines all resource MIME types that allowed to be cached on the
client browser.
Required format: text/html.
items:
type: string
description: >-
Defines all resource MIME types that allowed to be cached on the
client browser.
Required format: text/html.
resourceAccessRule:
$ref: '#/components/schemas/ResourceAccessRuleInfo'
filterLargeRequest:
type: boolean
description: Enable filtering of requests that are greater than max buffer size.
reusableAccessRules:
uniqueItems: true
type: array
description: Lists of keys to access rules associated with resource
items:
type: string
example: xce7ke3ysp34
accessedByAutomation:
type: boolean
description: >-
When true, the Web resource is accessed automatically.
For resources where Automatic access is activated, the user session
time-outs are not affected when the resource is requested
automatically.
encryptionLevel:
type: integer
description: |-
Required encryption level when Require SSL is selected.
Strong encryption level, if encryptionLevel >= 128 bits
Weak encryption level, if encryptionLevel <= 56 bits
format: int32
default: 128
activated:
type: boolean
description: 'If true, the web resource will be enabled'
default: true
exactURIMatch:
type: boolean
description: >
When selected, the defined access rules for this path apply for this
path only and not for all paths beginning with this one.
When not selected, the access rules apply to this path and all path
beginning with this one, unless a more significant resource is found
under this path.
default: false
ssoType:
type: string
description: >
SSO Type is mandatory when Enable Single Sign-On is selected.
Available options are:
TEXT - Refers to authentication schemes based on NTLM or Basic.
COOKIE - Refers to authentication schemes based on cookies/HTTP
headers.
FORM_BASED - More of a presentation layer scheme, and can use either
Basic or NTLM authentication scheme.
ADAPTIVE_SSO - A Dynamic module that will try to pick up form based
login patterns to issue Single Sign-on against Web Resources. If SSO
Domain with key defined in ssoDomainKey is not present, new SSO
Domain will be created with the name defined in ssoDomainKey.
SCRIPT - Customized authentication schemes are supported by using
wascr scripts to deliver SSO credentials. When creating wascr
scripts for this purpose; use certain reserved variables that are
mapped to the SSO Domain Attributes. All mapped attributes/variables
are listed on the SSO Domain Attributes in Wascr page.
enum:
- TEXT
- COOKIE
- FORM
- ADAPTIVE
- SCRIPT
- NO_SSO_DOMAIN
portalSetting:
$ref: '#/components/schemas/PortalSettingInfo'
adaptiveSsoName:
type: string
description: >-
Name of sso doamin created in case of ADAPTIVE_SSO. It must be null
if ssoType is not ADAPTIVE_SSO
ssoDomain:
type: string
description: >-
Key of sso domain. If ADAPTIVE_SSO is used, exactly one among
ssoDomain and adaptiveSsoName should be provided
useExpressionOfWillTimeout:
type: boolean
description: >-
When true, Expression of will is used and re-authentication for
every request is required.
default: false
formBasedConfigurationInfo:
$ref: '#/components/schemas/FormBasedConfigurationInfo'
BackendAttributeInfo:
type: object
properties:
encoding:
type: string
description: Format used to encode value before adding it to the request.
default: NONE
enum:
- NONE
- URL
- BASE64
name:
type: string
description: The Name used as Cookie name or Header name
value:
type: string
description: >-
Mandatory when "Source" is set to option "Static Value". This field
supports multiple comma seperated values. If more than one values
are set, values from left to right order will be used to find for
the current source.
If Source is set to "Static Value" then the content of this field is
used as the Cookie or Header value.
For other Source options, the content of this field is used when
reading the value from Source.
If this field is left empty, then Name is used when reading value
from Source.
For source "User Storage", the value is the attribute name for the
user in the User Storage. The User Storage is the Customer LDAP.
For source "Custom", the value is the Custom-defined User Attribute
on the PortWise Account
For source "SAML Session", the value is the attribute Name in the
SAML response. Available attributes depends on what the Identity
Provider provides.
More information can be found here: Reading attributes from SAML
response.
For source "Session" the possible values are: user-id and these
certificate attributes: Reading User Certificate attributes from
SAML session.
For source "Static Value" use for any value, e.g. "Hello" then
"Hello" is used as the value.
example: 'Certificate.Subject.SerialNumber, user-id'
type:
type: string
description: The Type specifies if Cookie or Header should be used
default: COOKIE
enum:
- COOKIE
- HEADER
source:
type: string
description: Source of the user attribute value
default: USER_STORAGE
enum:
- USER_STORAGE
- SAML_ATTRIBUTE
- CUSTOM
- STATIC_VALUE
- CORE_SESSION
description: >-
When added, user related information will be sent to the Web Resource as
cookies and/or headers.
LinkTranslationInfo:
type: object
properties:
responseContentTypesList:
type: array
description: Defines the content types filtered for responses.
items:
type: string
description: Defines the content types filtered for responses.
requestContentTypesList:
type: array
description: Defines the content types filtered for requests.
items:
type: string
description: Defines the content types filtered for requests.
responseHeadersList:
type: array
description: >-
Response headers that are filtered and checked for link translation
if the host sending the response is configured to translate response
headers.
Headers listed must be one-valued. When not, the first value is
translated and the second is deleted.
items:
type: string
description: >-
Response headers that are filtered and checked for link
translation if the host sending the response is configured to
translate response headers.
Headers listed must be one-valued. When not, the first value is
translated and the second is deleted.
requestHeadersList:
type: array
description: >-
Request headers that are filtered and checked for link translation
if the destination host is configured to translate request headers
Headers listed must be one-valued. When not, the first value is
translated and the second is deleted.
items:
type: string
description: >-
Request headers that are filtered and checked for link translation
if the destination host is configured to translate request headers
Headers listed must be one-valued. When not, the first value is
translated and the second is deleted.
description: >-
Request and response headers that should be filtered. All headers
entered must be one-valued.
WebResourceRootInfo:
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
host:
type: string
description: >-
IP address or a DNS name for the host. It can have multipe hosts
separated by semicolons.
example: 192.168.1.1
displayName:
type: string
description: Display name of the resource
example: google
description:
type: string
description: Description
alternativeHosts:
type: array
description: List of alternative host
example: 'www.google.com:80'
items:
type: string
description: List of alternative host
example: 'www.google.com:80'
linkTranslationType:
type: string
description: >-
URL_MAPPING - The resource does not use a mapped DNS name.
POOLED_DNS_MAPPING - The resource is assigned a DNS name from the
DNS name pool .
RESERVED_DNS_MAPPING - The resource is mapped to a specific DNS name
from the DNS name pool.
default: URL_MAPPING
enum:
- URL_MAPPING
- RESERVED_DNS_MAPPING
- POOLED_DNS_MAPPING
overrideAutoAlternativeHosts:
type: boolean
description: >-
When selected, you specify what alternative host to use by using the
Add Alternative Host link.
When not selected, the Server DNS Name specified on the Advanced
Settings tab is used for Link translation. If no Server DNS Name has
been specified, Host is listed as Alternative Host with the
specified HTTP or HTTPS Port.
example: true
default: false
presentHTTPHeaders:
type: boolean
description: >-
If true, this will present internal resource with WA_HTTP_HEADERS
parameter having base64 encoded value containing all HTTP headers.
default: false
backendAttributes:
type: array
description: >-
When added, user related information will be sent to the Web
Resource as cookies and/or headers.
items:
$ref: '#/components/schemas/BackendAttributeInfo'
useProxy:
type: boolean
description: >-
When true, the connection to the Web resource host goes through a
proxy server.
default: false
httpsport:
type: integer
description: >-
Port for HTTPS traffic.
When using an other port than 443, this must be added to registered
alternative hosts.
Example: www.nexussafe.com:8080
If 443 is used, make sure the alternative host contains the server
name without port.
Example: www.nexussafe.com
Either HTTP Port or HTTPS Port is mandatory.
format: int32
example: 443
serverDNSName:
type: string
description: >-
Host header used in the communication with the internal server.
If a specific server DNS name is not defined, the host address (the
connect address) is used.
example: www.google.com
httpdnsname:
type: string
description: >-
Mandatory when HTTP Port is set, and Reserved DNS Mapping is
selected in Link Translation Type.
This DNS Name should not be set to any other resource
example: wwww.nexusville.com
httpsdnsname:
type: string
description: >-
Mandatory when HTTPs Port is set, and Reserved DNS Mapping is
selected in Link Translation Type.
This DNS Name should not be set to any other resource
example: wwww.nexusville.com
cookiesToAllow:
type: array
description: >-
Lists name of the cookies that the system allows. Use a comma as
separator when listing several cookies.Use * to allow all cookies.
Only one of cookiesToAllow or cookiesToBlock should be defined
items:
type: string
description: >-
Lists name of the cookies that the system allows. Use a comma as
separator when listing several cookies.Use * to allow all cookies.
Only one of cookiesToAllow or cookiesToBlock should be defined
httpport:
type: integer
description: >-
Port for HTTP traffic.
When using a non-default port (other than 80), the port must be
added to registered alternative hosts.
Example: www.nexussafe.com:8080
If the default port is used, make sure the alternative host contains
the server name without port.
Example: www.nexussafe.com
Either HTTP Port or HTTPS Port is mandatory.
format: int32
example: 80
cookiesToBlock:
type: array
description: >-
Lists name of the cookies that the system blocks. Use a comma as
separator when listing several cookies.Use * to blocks all cookies.
Only one of cookiesToAllow or cookiesToBlock should be defined
items:
type: string
description: >-
Lists name of the cookies that the system blocks. Use a comma as
separator when listing several cookies.Use * to blocks all
cookies.
Only one of cookiesToAllow or cookiesToBlock should be defined
useNTLMv2:
type: boolean
description: Set true if NTLM v2 should be used
default: true
clientSNI:
type: boolean
description: >-
True If Server Name Indication should be sent to the backend. Only
applies to HTTPS resources.
Server Name Indication (SNI) is an extension to the TLS computer
networking protocol by which a client indicates which hostname it is
attempting to connect to at the start of the handshaking process.
This allows a server to present multiple certificates on the same IP
address and TCP port number and hence allows multiple secure (HTTPS)
websites (or any other Service over TLS) to be served by the same IP
address without requiring all those sites to use the same
certificate.
default: false
internalCookies:
type: string
description: >-
WA_UID - When added, the User ID is sent as a cookie in each
internal request.
WA_CLIP - When added, the client IP address is sent as a cookie in
each internal request.
WA_SEPO - When added, the Access Point port is sent as a cookie in
each internal request.
WA_SSL - When selected, SSL strength is sent as a cookie in each
internal request.
WA_AM - When added, the last used authentication method is sent as a
cookie in each internal request.
WA_T - When added, maximum inactive time is sent as a cookie in each
internal request. Inactive time is the number of seconds that the
user has been inactive.
WA_WASID - When added, the session ID cookies is sent as a cookie in
each internal request.
WA_INTERNAL_ID - When selected, the management system session ID is
sent as a cookie in each internal request.
example: ' WA_T=45; WA_UID=test; WA_WASID=0c351d862cea55cc; WA_AM=PortWise Password; WA_CLIP=192.168.139.1; WA_SEPO=443; WA_SSL=256; WA_INTERNAL_ID=3.0.259121969733801860.1476274303449464112071072787'
linkTranslation:
$ref: '#/components/schemas/LinkTranslationInfo'
accessPointDNSName:
type: string
description: >-
Specified Access Point DNS name to use for the resource.
This is useful when grouping together web-resources that should
share same customized wwwroot.
When this value is empty then the first Access Point DNS name,
alphabetically, will be used.
Only available when using Reserved DNS Name as Link Translation
Type.
example: wwww.nexusville.com
maxInactiveTime:
type: integer
description: >-
Maximum user inactivity time in minutes (0-1440) before
re-authentication is required.
format: int32
maxAbsoluteTimeout:
type: integer
description: >-
Time in minutes (0-1440), since the user was last authenticated with
required authentication method, before re-authentication is
required, independent of user activity.
format: int32
requireEncryption:
type: boolean
description: >-
When true, SSL is required in the traffic between the client and the
system.
default: true
browserCacheList:
type: array
description: >-
Defines all resource MIME types that allowed to be cached on the
client browser.
Required format: text/html.
items:
type: string
description: >-
Defines all resource MIME types that allowed to be cached on the
client browser.
Required format: text/html.
resourceAccessRule:
$ref: '#/components/schemas/ResourceAccessRuleInfo'
filterLargeRequest:
type: boolean
description: Enable filtering of requests that are greater than max buffer size.
reusableAccessRules:
uniqueItems: true
type: array
description: Lists of keys to access rules associated with resource
items:
type: string
example: xce7ke3ysp34
accessedByAutomation:
type: boolean
description: >-
When true, the Web resource is accessed automatically.
For resources where Automatic access is activated, the user session
time-outs are not affected when the resource is requested
automatically.
encryptionLevel:
type: integer
description: |-
Required encryption level when Require SSL is selected.
Strong encryption level, if encryptionLevel >= 128 bits
Weak encryption level, if encryptionLevel <= 56 bits
format: int32
default: 128
activated:
type: boolean
description: 'If true, the web resource will be enabled'
default: true
exactURIMatch:
type: boolean
description: >
When selected, the defined access rules for this path apply for this
path only and not for all paths beginning with this one.
When not selected, the access rules apply to this path and all path
beginning with this one, unless a more significant resource is found
under this path.
default: false
ssoType:
type: string
description: >
SSO Type is mandatory when Enable Single Sign-On is selected.
Available options are:
TEXT - Refers to authentication schemes based on NTLM or Basic.
COOKIE - Refers to authentication schemes based on cookies/HTTP
headers.
FORM_BASED - More of a presentation layer scheme, and can use either
Basic or NTLM authentication scheme.
ADAPTIVE_SSO - A Dynamic module that will try to pick up form based
login patterns to issue Single Sign-on against Web Resources. If SSO
Domain with key defined in ssoDomainKey is not present, new SSO
Domain will be created with the name defined in ssoDomainKey.
SCRIPT - Customized authentication schemes are supported by using
wascr scripts to deliver SSO credentials. When creating wascr
scripts for this purpose; use certain reserved variables that are
mapped to the SSO Domain Attributes. All mapped attributes/variables
are listed on the SSO Domain Attributes in Wascr page.
enum:
- TEXT
- COOKIE
- FORM
- ADAPTIVE
- SCRIPT
- NO_SSO_DOMAIN
portalSetting:
$ref: '#/components/schemas/PortalSettingInfo'
adaptiveSsoName:
type: string
description: >-
Name of sso doamin created in case of ADAPTIVE_SSO. It must be null
if ssoType is not ADAPTIVE_SSO
ssoDomain:
type: string
description: >-
Key of sso domain. If ADAPTIVE_SSO is used, exactly one among
ssoDomain and adaptiveSsoName should be provided
useExpressionOfWillTimeout:
type: boolean
description: >-
When true, Expression of will is used and re-authentication for
every request is required.
default: false
formBasedConfigurationInfo:
$ref: '#/components/schemas/FormBasedConfigurationInfo'
SAMLFederationInfo:
required:
- displayName
type: object
properties:
displayName:
type: string
description: Unique name used in the system to identify the saml federation.
example: Saml federation
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
ServerCertificateInfo:
required:
- certificateKey
- displayName
- serverCertificate
type: object
properties:
intermediateCaCertificateKeys:
type: array
description: 'list of mKey of the ca certificates in the certificate chain '
example: name
items:
type: string
description: 'list of mKey of the ca certificates in the certificate chain '
example: name
serverCertificate:
type: string
description: string containing the pkcs8 server certificate in PEM format
example: string
certificateKey:
type: string
description: >-
string containing the pkcs8 private key of server certificate in PEM
format
example: string
password:
type: string
description: string containing the server certificate in PEM format
example: write null without quotes in case of no password
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: Name displayed in admin GUI
example: name
AttributeInfo:
required:
- name
- restriction
type: object
properties:
name:
type: string
description: >-
Defines the type of attribute
Depending on type of the SSO Domain, different options available.
For TEXT:
Available options are: "USERNAME", "PASSWORD", "DOMAIN", "TICKET".
For COOKIE:
Available options are: "USERNAME", "PASSWORD", "DOMAIN", "CUSTOM".
If set to CUSTOM, custom name attribute is to be used
enum:
- USERNAME
- PASSWORD
- DOMAIN
- TICKET
- CUSTOM
restriction:
type: string
description: >-
Set how the attributes are presented the first time the user access
the resource and needs to enter SSO credentials.
Available options are:
EDITABLE : The attribute is presented as a text field in the logon.
HIDDEN : The attribute and the attribute value are hidden in the
logon form and cannot be seen by the user.
LOCKED : The attribute and the value are locked in the logon form
and cannot be edited by the users.
The default value for 'Attribute Restriction' is forced to Locked
and cannot be altered when 'Attribute Name' is set to Ticket,
because the user should not edit the ticket string.
example: EDITABLE
enum:
- EDITABLE
- LOCKED
- HIDDEN
customName:
type: string
description: >-
Custom Attribute name for Cookie type SSO Domain. Set name to be
CUSTOM to use this custom name
example: customName
discriminator:
propertyName: reference
mapping:
USER_ID: '#/components/schemas/SessionUserIDAttributeInfo'
STATIC: '#/components/schemas/StaticAttributeInfo'
USER_ATTRIBUTE: '#/components/schemas/UserAttributeInfo'
USER_INPUT: '#/components/schemas/UserInputAttributeInfo'
SSOCookieInfo:
required:
- encoding
- name
- secure
- value
type: object
properties:
encoding:
type: string
description: The encoding that should be used for the value
enum:
- PLAIN
- BASE64
name:
type: string
description: >-
The Cookie name. The name of the cookie should be from names of the
Domain attributes
example: DOMAIN
enum:
- USERNAME
- PASSWORD
- DOMAIN
- TICKET
- CUSTOM
value:
type: string
description: >-
The Cookie value. The value of the Cookie should befrom the names of
the Domain attributes
example: PASSWORD
enum:
- USERNAME
- PASSWORD
- DOMAIN
- TICKET
- CUSTOM
secure:
type: boolean
description: >-
Indicates if the cookie is secure i.e if it only should be sent to
https resources.
customName:
type: string
description: >-
The Custom Cookie name. Set "name" value to be "CUSTOM" to use this
attribute
example: customCookie
customValue:
type: string
description: >-
The Custom Cookie value. Set "value" value to be "CUSTOM" to use
this attribute
example: customValue
SSODomainCookieSpecification:
allOf:
- $ref: '#/components/schemas/SSODomainSpecification'
- type: object
properties:
ssoCookieInfo:
minItems: 0
uniqueItems: true
type: array
description: The list of Cookies
items:
$ref: '#/components/schemas/SSOCookieInfo'
SSODomainInfo:
required:
- displayName
type: object
properties:
key:
type: string
description: unique key used to store entity
readOnly: true
example: kkhhjgslsirn
displayName:
type: string
description: Unique name used in the system to identify the entity.
example: Entity1
ssoDomainSpecification:
discriminator:
propertyName: type
mapping:
COOKIE: '#/components/schemas/SSODomainCookieSpecification'
TEXT: '#/components/schemas/SSODomainTextSpecification'
oneOf:
- $ref: '#/components/schemas/SSODomainCookieSpecification'
- $ref: '#/components/schemas/SSODomainTextSpecification'
resourceAccessRule:
$ref: '#/components/schemas/ResourceAccessRuleInfo'
reusableAccessRules:
minItems: 0
uniqueItems: true
type: array
description: >-
Unique Key of Reusable access rule
If given 'Any Authentication' reusable access rule key, the resource
is available only if the user has authenticated with any of the
available authentication methods.
items:
type: string
example: cf2uh9lnnw1s
attributeInfo:
uniqueItems: true
type: array
description: >-
The list of domain attributes. Attribute can be one of the following
-
SessionUserIDAttributeInfo, StaticAttributeInfo, UserAttributeInfo,
UserInputAttributeInfo.
Set "reference" to create corresponding "Attribute".The "reference"
indicate whether the SSO credentials are entered or retrieved.
Available options are:
USER_ID, STATIC, USER_ATTRIBUTE, USER_INPUT
items:
discriminator:
propertyName: reference
mapping:
USER_ID: '#/components/schemas/SessionUserIDAttributeInfo'
STATIC: '#/components/schemas/StaticAttributeInfo'
USER_ATTRIBUTE: '#/components/schemas/UserAttributeInfo'
USER_INPUT: '#/components/schemas/UserInputAttributeInfo'
oneOf:
- $ref: '#/components/schemas/SessionUserIDAttributeInfo'
- $ref: '#/components/schemas/StaticAttributeInfo'
- $ref: '#/components/schemas/UserAttributeInfo'
- $ref: '#/components/schemas/UserInputAttributeInfo'
SSODomainSpecification:
type: object
description: >-
SSODomains can be of either of type "TEXT" or "COOKIE".SSO Restrictions
can only be set with TEXT domains.Domain Cookies can only be set with
COOKIE domains.
discriminator:
propertyName: type
mapping:
COOKIE: '#/components/schemas/SSODomainCookieSpecification'
TEXT: '#/components/schemas/SSODomainTextSpecification'
SSODomainTextSpecification:
allOf:
- $ref: '#/components/schemas/SSODomainSpecification'
- required:
- cacheOnSessionBasis
type: object
properties:
timeLimit:
type: integer
description: >-
Time (in Days) the user’s SSO credentials are valid, before
re-authentication is required, independent of user activity
regarding the SSO domain.
This option is only available when 'Cache on session only' is
not set.
format: int64
example: 1
cacheOnSessionBasis:
type: boolean
description: >-
When set true, SSO credentials are cached, kept in memory, and
only valid during the user session.
No other SSO restrictions are available.
When not applied, the SSO credentials are stored persistently on
the user account.
example: true
inactivityTimeout:
type: integer
description: >-
Time (in Days) users can choose not to access a specific domain,
before needing to provide credentials before access can be
granted.
This option is only valid when 'Cache on session only' is not
set.
format: int64
example: 1
SessionUserIDAttributeInfo:
allOf:
- $ref: '#/components/schemas/AttributeInfo'
- required:
- name
- restriction
type: object
StaticAttributeInfo:
allOf:
- $ref: '#/components/schemas/AttributeInfo'
- required:
- name
- restriction
- value
type: object
properties:
value:
type: string
description: 'Value of the attribute, if any'
UserAttributeInfo:
allOf:
- $ref: '#/components/schemas/AttributeInfo'
- required:
- name
- restriction
- value
type: object
properties:
value:
type: string
description: 'Value of the attribute, if any'
UserInputAttributeInfo:
allOf:
- $ref: '#/components/schemas/AttributeInfo'
- required:
- name
- restriction
type: object
DynamicTunnelInfo:
type: object
properties:
udpPortSet:
type: string
description: >-
Several port numbers or a range of port numbers, separated with a
comma sign
example: '80, 8080-8090, 9001'
ipAddressSet:
type: string
description: >-
IP range which can be less than or equal to the tunnel resource
network
tcpPortSet:
type: string
description: >-
Several port numbers or a range of port numbers, separated with a
comma sign
example: '80, 8080-8090, 9001'
confirmConnections:
type: boolean
description: >-
User must confirm all resource host connections before they are
established.
virtualIpAddress:
type: string
description: Virtual IP to be used
example: 123.123.22.22
tunnelResourceRoot:
type: string
description: Key of tunnel resource for dynamic tunnel
example: 6oi5e0wznr0g
LocalLookupInfo:
type: object
properties:
ipAddress:
type: string
description: IP address the domain name is translated to.
example: 192.168.56.101
dnsName:
type: string
description: >-
A fully qualified domain name, or domain name using the wildcard
character *.
example: '*.testdomain.office'
MappedDriveInfo:
type: object
properties:
driveLetter:
type: string
description: Drive letter the resource host is mapped to
example: 'M:'
networkResource:
type: string
description: |-
Path to mapped network resource. Supported variables:
[$ehost] The Access Point server name including port number
[$eprot] HTTP or HTTPS
[$uid] External user name
[$iuid] Internal user name, usually [$uid]
A network resource can be either a drive or a printer.
example: '\\192.168.12.55\[$uid]'
useCachedCredentials:
type: boolean
description: >-
Used cached credentials (Windows domain credentials) when mapping a
drive.
StaticTunnelInfo:
type: object
properties:
protocol:
type: string
description: Protocol used
enum:
- TCP
- UDP
tcpNoDelay:
type: boolean
description: Disable Nagle's algorithm (use TCP_NO_DELAY)
clientIpAddress:
type: string
description: >-
IP address the client listens to. IP address must be in the range
127.x.x.x.
example: 127.0.0.1
clientPort:
type: integer
description: >-
Port the client listens to. Only one port number can be entered. If
the entered port is occupied, the next available port is used. It is
recommended that the same port as Resource Port is used.
format: int32
example: 12138
resourcePort:
type: integer
description: >-
Port used by the system to contact the internal resource host. Only
one port number can be entered. If the entered port is occupied, the
next available port is used. It is recommended that the same port as
Client Port is used.
format: int32
example: 12138
scriptedResource:
type: boolean
description: >-
Enabled scripted resource. Doing this ignores tunnel resource root
and the resource is selected but a filter on the Access Point
decides which resource to use.
confirmConnections:
type: boolean
description: >-
User must confirm all resource host connections before they are
established.
tunnelResourceRoot:
type: string
description: Key of tunnel resource for static tunnel
example: 6oi5e0wznr0g
TunnelsetInfo:
type: object
properties:
key:
type: string
readOnly: true
example: ldmb03jc1fcw
displayName:
type: string
description: Display name of tunnel set
example: Sample Tunnel Set
enabled:
type: boolean
description: Enable tunnel set
startupCommands:
type: array
description: >-
Commands that executed when the client is started and the tunnels
are set up.
items:
type: string
example: outlook
dynamicTunnels:
type: array
description: >-
Dynamic tunnels are used to tunnel resources using any IP address on
one or several ports.
items:
$ref: '#/components/schemas/DynamicTunnelInfo'
mapDrives:
type: array
description: >-
Mapped drives to map network resources (printers or drives) to drive
letters on the client.
items:
$ref: '#/components/schemas/MappedDriveInfo'
staticTunnels:
type: array
description: >-
Static tunnels are used to tunnel resources on a local IP address on
a single port.
items:
$ref: '#/components/schemas/StaticTunnelInfo'
localLookups:
type: array
description: >-
Local lookups to define host addresses that should be resolvable on
the client if no external DNS record is found.
items:
$ref: '#/components/schemas/LocalLookupInfo'
resourceAccessRule:
$ref: '#/components/schemas/ResourceAccessRuleInfo'
reusableAccessRules:
uniqueItems: true
type: array
description: Lists of keys to access rules associated with tunnel set
items:
type: string
example: xce7ke3ysp34
portalSetting:
$ref: '#/components/schemas/PortalSettingInfo'
redirectURL:
type: string
description: >-
URL that is opened in a browser window after the tunnel has been
successfully started
example: 'https://mail.local.office'
shutdownCommands:
type: array
description: >-
Trusted commands executed when the client and all tunnels are shut
down
items:
type: string
example: explorer
suppressErrorCodes:
type: array
description: >-
Suppressed pop-up messages for specific error codes. Please refer
files/built-in-files/other/codes.ewa for codes
items:
type: integer
format: int64
example: 1033005
dnsForwardingEnabled:
type: boolean
description: >-
Forward client's DNS requests temporarily to the DNS Server
specified on the Manage Global Tunnel Set Settings page.
restrictUserPreferences:
type: boolean
description: >-
User requires authentication in order to forward DNS requests to the
DNS Server
internetFirewallConfiguration:
type: string
description: Key of the client firewall configuration for the tunnel set
example: 6oi5e0wznr0g
win2kOutlookPatch:
type: boolean
description: Support MS Outlook patch for Windows 2000
fallbackTunnelset:
type: string
description: >-
Key of tunnel set used if the client computer is not able to load
the ActiveX component
example: 6oi5e0wznr0g
|
