diff --git a/api-server/src/main/resources/META-INF/openapi.yaml b/api-server/src/main/resources/META-INF/openapi.yaml new file mode 100644 index 000000000..3913a7a43 --- /dev/null +++ b/api-server/src/main/resources/META-INF/openapi.yaml @@ -0,0 +1,4476 @@ +openapi: 3.0.1 +info: + title: oxTrust API + description: This is an API for Gluu Server's oxTrust administrative interface. + Go to https://gluu.org for more information + termsOfService: https://www.gluu.org/terms/ + contact: + name: Gluu Support + url: https://gluu.org + email: contact@gluu.org + license: + name: Gluu Support License + url: https://www.gluu.org/support-license/ + version: 4.0.0 +paths: + /api/v1/attributes/search: + get: + summary: Search attributes + description: Perform an attribute search + operationId: searchAttributes + parameters: + - name: pattern + in: query + required: true + schema: + type: string + - name: size + in: query + schema: + type: integer + format: int32 + default: 1 + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuAttribute' + 500: + description: Server error + /api/v1/attributes/attribute/{inum}: + get: + summary: Get attribute by inum + description: Get an attribute by inum + operationId: getAttributeByInum + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuAttribute' + 500: + description: Server error + /api/v1/attributes: + get: + summary: Get all attributes + description: Gets all the gluu attributes + operationId: getAllAttributes + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update new attribute + description: Updates a gluu attribute + operationId: updateAttribute + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GluuAttribute' + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuAttribute' + 404: + description: Not found + 500: + description: Server error + post: + summary: Add new attribute + description: Adds a new Gluu attribute + operationId: createAttribute + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GluuAttribute' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuAttribute' + 500: + description: Server error + delete: + operationId: deleteAttributes + responses: + default: + description: default response + content: + application/json: {} + /api/v1/attributes/{inum}: + delete: + summary: Delete gluu attribute + description: Deletes a gluu attribute + operationId: deleteAttribute + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: success + 404: + description: Not found + 500: + description: Server error + /api/v1/attributes/inactive: + get: + summary: Get all inactive attributes + description: Gets all inative attributes + operationId: getAllInactiveAttributes + responses: + 200: + description: success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/attributes/active: + get: + summary: Get all active attributes + description: Gets all the active gluu attributes + operationId: getAllActiveAttributes + responses: + 200: + description: success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/acrs: + get: + summary: Get current authentication methods + description: Get current authentication methods + operationId: getCurrentAuthentication + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticationMethod' + 500: + description: Server error + put: + summary: Update authentication methods + description: Update authentication methods + operationId: updateAuthenticationMethod + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticationMethod' + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticationMethod' + 500: + description: Server error + /api/v1/configuration/cas: + get: + summary: Get existing configuration + description: Get the existing configuration + operationId: getCasConfig + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/CasProtocolDTO' + put: + summary: Update the configuration + description: Update the configuration + operationId: update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CasProtocolDTO' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/CasProtocolDTO' + /api/v1/certificates: + get: + summary: List certificates + description: List Gluu Server's certificates. You can get only description of + certificates, not keys. + operationId: listCertificates + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/clients: + get: + summary: Get openid connect clients + description: Get openid connect clients + operationId: listClients + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update OIDC client + description: Update openidconnect client + operationId: updateClient + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthClient' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthClient' + 500: + description: Server error + post: + summary: Add OIDC client + description: Add an openidconnect client + operationId: createClient + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthClient' + responses: + 201: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthClient' + 500: + description: Server error + delete: + operationId: deleteClients + responses: + default: + description: default response + content: + application/json: {} + /api/v1/clients/{inum}/scopes: + get: + summary: Get assigned OIDC client scopes + description: Get OIDC scopes assign to OIDC client + operationId: getClientScope + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + 404: + description: Not Found + delete: + operationId: deleteClientScopes + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + default: + description: default response + content: + application/json: {} + /api/v1/clients/{inum}: + get: + summary: Get OIDC client + description: Get a specific OIDC client + operationId: getClientByInum + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthClient' + 500: + description: Server error + delete: + summary: 'Delete OIDC client ' + description: Delete an openidconnect client + operationId: deleteClient + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/clients/{inum}/scopes/{sinum}: + post: + summary: Add OIDC client scopes + description: Add scopes to OIDC client + operationId: addScopeToClient + parameters: + - name: inum + in: path + required: true + schema: + type: string + - name: sinum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + delete: + summary: Remove OIDC client scope + description: Remove an existing scope from client + operationId: removeScopeToClient + parameters: + - name: inum + in: path + required: true + schema: + type: string + - name: sinum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/clients/search: + get: + summary: Search OIDC clients + description: Search OIDC clients + operationId: searchClients + parameters: + - name: pattern + in: query + required: true + schema: + type: string + - name: size + in: query + schema: + type: integer + format: int32 + default: 1 + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/configuration: + get: + summary: Get gluu configuration + description: Retrieve gluu configuration + operationId: getConfiguration + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuConfiguration' + 500: + description: Server error + /api/v1/configuration/scripts: + get: + summary: Get all custom scripts + description: Get all custom scripts + operationId: listCustomScripts + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update custom script + description: Update custom script + operationId: updateCustomScript + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CustomScript' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/CustomScript' + 500: + description: Server error + post: + summary: Add new custom script + description: Add new custom script + operationId: createCustomScript + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CustomScript' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/CustomScript' + 500: + description: Server error + /api/v1/configuration/scripts/{inum}: + get: + summary: Get scripts by inum + description: Get scripts by inum + operationId: getCustomScriptsByInum + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/CustomScript' + 500: + description: Server error + delete: + summary: Delete custom script + description: Delete an custom script + operationId: deleteCustomScript + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + 500: + description: Server error + /api/v1/configuration/scripts/type/{type}: + get: + summary: Get person auth scripts + description: Get person authentications scripts + operationId: listCustomScriptsByType + parameters: + - name: type + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/groups: + get: + summary: Get groups + description: Get groups + operationId: listGroups + parameters: + - name: size + in: query + schema: + type: integer + format: int32 + default: 0 + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update group + description: Update a group + operationId: updateGroup + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GluuGroupApi' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuGroupApi' + 500: + description: Server error + post: + summary: Add group + description: Add a group + operationId: createGroup + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GluuGroupApi' + responses: + 201: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuGroupApi' + 500: + description: Server error + /api/v1/groups/{inum}: + get: + summary: Get group by inum + description: Get a group by inum + operationId: getGroupByInum + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuGroupApi' + 500: + description: Server error + delete: + summary: Delete group + description: Delete a group + operationId: deleteGroup + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + 500: + description: Server error + /api/v1/groups/search: + get: + summary: Search groups + description: Search groups + operationId: searchGroups + parameters: + - name: pattern + in: query + required: true + schema: + type: string + - name: size + in: query + schema: + type: integer + format: int32 + default: 1 + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/groups/{inum}/members: + get: + summary: Get group members + description: Get a group members + operationId: getGroupMembers + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + delete: + summary: Delete group member + description: Delete group member + operationId: deleteGroupMembers + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + default: + description: default response + content: + application/json: {} + /api/v1/groups/{inum}/members/{minum}: + post: + summary: Add group member + description: Add group member + operationId: addGroupMember + parameters: + - name: inum + in: path + required: true + schema: + type: string + - name: minum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + delete: + summary: Remove group member + description: Remove a member from group + operationId: removeGroupMember + parameters: + - name: inum + in: path + required: true + schema: + type: string + - name: minum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + 500: + description: Server error + /api/v1/configuration/ldap: + get: + summary: Get existing configuration + description: Get the existing configuration + operationId: getLdapConfiguration + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + put: + summary: Update existing configuration + description: Update an existing configuration + operationId: updateLdapConfiguration + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LdapConfigurationDTO' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/LdapConfigurationDTO' + 404: + description: Not found + post: + summary: Create a new configuration + description: Create a new configuration + operationId: createLdapConfiguration + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LdapConfigurationDTO' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/LdapConfigurationDTO' + /api/v1/configuration/ldap/{name}: + delete: + summary: Delete an existing configuration + description: Delete an existing configuration + operationId: deleteLdapConfigurationByName + parameters: + - name: name + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + /api/v1/configuration/ldap/status: + post: + summary: Check status of a configuration + description: Check the status of a configuration + operationId: getLdapConfigurationStatus + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LdapConnectionData' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectionStatusDTO' + /api/v1/configuration/ldap/{name}/status: + get: + summary: Check the status of an existing configuration + description: Check the status of an existing configuration + operationId: getLdapConfigurationStatusByName + parameters: + - name: name + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectionStatusDTO' + /api/v1/configuration/oxauth/settings: + get: + summary: Get json oxauth settings + description: Gets oxAuth configuration in JSON format + operationId: getOxAuthJsonSettings + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthJsonConfiguration' + 500: + description: Server error + put: + summary: Update json oxauth settings + description: Updates the oxAuth JSON configuration + operationId: updateOxauthJsonSetting + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthJsonConfiguration' + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/OxAuthJsonConfiguration' + 404: + description: Not found + 500: + description: Server error + /api/v1/configuration/oxtrust/settings: + get: + summary: Get json oxtrust settings + description: Get json oxtrust settings + operationId: getOxtrustJsonSettings + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/OxTrustJsonSetting' + 500: + description: Server error + put: + summary: Update json oxtrust settings + description: Update json oxtrust settings + operationId: updateOxtrustJsonSetting + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OxTrustJsonSetting' + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/OxTrustJsonSetting' + 404: + description: Not found + 500: + description: Server error + /api/v1/configuration/settings: + get: + summary: Get oxtrust settings + description: Get oxtrust settings + operationId: getOxtrustSettings + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/OxtrustSetting' + 500: + description: Server error + put: + summary: Update oxtrust settings + description: Update oxtrust settings + operationId: updateOxtrustSetting + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OxtrustSetting' + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/OxtrustSetting' + 404: + description: Not found + 500: + description: Server error + /api/v1/passport/config: + get: + summary: Get passport basic configuration + description: Get passport basic configuration + operationId: getPassportBasicConfig + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update passport basic configuration + description: Update passport basic configuration + operationId: updatePassportBasicConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Configuration' + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/passport/providers/{id}: + get: + summary: Get passport provider by id + description: Get passport provider by id + operationId: getProviderById + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + 500: + description: Server error + delete: + summary: Delete passport provider + description: Delete a passport provider + operationId: deleteProvider + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + 500: + description: Server error + /api/v1/passport/providers: + get: + summary: List passport providers + description: List passport providers + operationId: listProviders + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update passport provider + description: Update passport provider + operationId: updatePassportProvider + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + 500: + description: Server error + post: + summary: Add passport provider + description: Add passport provider + operationId: createPassportProvider + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + 500: + description: Server error + delete: + operationId: deleteAllProviders + responses: + default: + description: default response + content: + application/json: {} + /api/v1/users/{inum}: + get: + summary: Get person by inum + description: Get a person by inum + operationId: getPersonByInum + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuPersonApi' + 500: + description: Server error + delete: + summary: Delete person + description: Delete a person + operationId: deletePerson + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + 500: + description: Server error + /api/v1/users: + get: + summary: Get people + description: Get people + operationId: listPeople + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update person + description: Update a person + operationId: updatePerson + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GluuPersonApi' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuPersonApi' + 500: + description: Server error + post: + summary: Add person + description: Add a person + operationId: createPerson + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GluuPersonApi' + responses: + 201: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuPersonApi' + 500: + description: Server error + /api/v1/users/search: + get: + summary: Search person + description: Search person + operationId: searchPeople + parameters: + - name: pattern + in: query + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/scopes: + get: + summary: Get all scopes + description: Get all scopes + operationId: getAllScopes + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update openid connect scope + description: Update openidconect scope + operationId: updateScope + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 500: + description: Server error + post: + summary: Add openid connect scope + description: Add an openidconnect scope + operationId: createScope + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + responses: + 201: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 500: + description: Server error + /api/v1/scopes/{inum}: + get: + summary: Get openid scope + description: Get a specific openid connect scope + operationId: getScopeByInum + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 500: + description: Server error + delete: + summary: Delete openid connect scope + description: Delete an openidconnect scope + operationId: deleteScope + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + 500: + description: Server error + /api/v1/scopes/search: + get: + summary: Search openid connect scopes + description: Search openid connect scopes + operationId: searchScope + parameters: + - name: pattern + in: query + schema: + type: string + - name: size + in: query + schema: + type: integer + format: int32 + default: 10 + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/scopes/{inum}/claims: + get: + summary: Get scope claims + description: List all claims of a scope + operationId: getScopeClaims + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/configuration/status: + get: + summary: Get server status + description: Get server status + operationId: getServerStatus + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuServerStatus' + 500: + description: Server error + /api/v1/configuration/smtp/test: + get: + summary: Test smtp configuration + description: Test smtp configuration + operationId: testSmtpConfiguration + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/SmtpConfiguration' + 500: + description: Server error + /api/v1/configuration/smtp: + get: + summary: Get smtp configuration + description: Get smtp configuration + operationId: getSmtpServerConfiguration + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/SmtpConfiguration' + 500: + description: Server error + put: + summary: Update smtp configuration + description: Update smtp configuration + operationId: updateSmtpConfiguration + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SmtpConfiguration' + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/SmtpConfiguration' + 404: + description: Not found + 500: + description: Server error + /api/v1/saml/tr/update/{inum}: + put: + summary: update TrustRelationship + description: Update GluuSAMLTrustRelationship. + operationId: update_1 + parameters: + - name: inum + in: path + required: true + schema: + type: string + requestBody: + content: + '*/*': + schema: + $ref: '#/components/schemas/GluuSAMLTrustRelationship' + responses: + 200: + description: OK + content: + '*/*': + schema: + $ref: '#/components/schemas/GluuSAMLTrustRelationship' + 500: + description: Server error + /api/v1/saml/tr/list: + get: + summary: list TrustRelationships + description: List all GluuSAMLTrustRelationship. + operationId: list + responses: + 200: + description: SUCCESS + content: + application/json: + schema: + $ref: '#/components/schemas/GluuSAMLTrustRelationship' + 500: + description: Server error + /api/v1/saml/tr/read/{inum}: + get: + summary: read TrustRelationship + description: Returns a GluuSAMLTrustRelationship by inum + operationId: read + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/GluuSAMLTrustRelationship' + 500: + description: Server error + /api/v1/saml/tr/delete/{inum}: + delete: + summary: delete TrustRelationship + description: Delete GluuSAMLTrustRelationship. + operationId: delete + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: OK + 500: + description: Server error + /api/v1/saml/tr/create: + post: + summary: create TrustRelationship + description: Create new GluuSAMLTrustRelationship. Returns inum. + operationId: create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GluuSAMLTrustRelationship' + responses: + 200: + description: OK + content: + text/plain: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/add_attribute/{inum}: + post: + operationId: addAttribute + parameters: + - name: inum + in: path + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + type: string + required: true + responses: + 200: + description: OK + 500: + description: Server error + /api/v1/saml/tr/set_metadata/{inum}: + post: + operationId: setMetadata + parameters: + - name: inum + in: path + required: true + schema: + type: string + requestBody: + content: + application/xml: + schema: + type: string + text/plain: + schema: + type: string + required: true + responses: + 200: + description: OK + 500: + description: Server error + /api/v1/saml/tr/remove_attribute: + delete: + operationId: removeAttribute + requestBody: + content: + text/plain: + schema: + $ref: '#/components/schemas/GluuAttribute' + responses: + default: + description: default response + content: + text/plain: {} + /api/v1/saml/tr/list_deconstructed_trust_relationships/{inum}: + get: + operationId: listDeconstructedTrustRelationships + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: OK + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/generate_inum_for_new_trust_relationship: + get: + operationId: generateInumForNewTrustRelationship + responses: + 200: + description: OK + content: + text/plain: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/set_certificate/{inum}: + post: + summary: set certificate for TrustRelationship + description: Find TrustRelationship by inum and set certificate. + operationId: setCertificate + parameters: + - name: inum + in: path + required: true + schema: + type: string + requestBody: + content: + text/plain: + schema: + type: string + responses: + 200: + description: OK + 500: + description: Server error + /api/v1/saml/tr/list_all_federations: + get: + operationId: listAllFederations + responses: + 200: + description: OK + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/set_metadata_url/{inum}: + post: + operationId: setMetadataURL + parameters: + - name: inum + in: path + required: true + schema: + type: string + requestBody: + content: + text/plain: + schema: + type: string + required: true + responses: + 200: + description: OK + 500: + description: Server error + /api/v1/saml/tr/set_contacts/{inum}: + post: + summary: set contacts for TrustRelationship + description: Find TrustRelationship by inum and set contacts. Contacts parameter + is List + operationId: setContacts + parameters: + - name: inum + in: path + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + type: string + responses: + 200: + description: OK + 500: + description: Server error + /api/v1/saml/tr/get_contacts/{inum}: + get: + operationId: getContacts + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: OK + content: + text/plain: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/generate_configuration_files: + put: + summary: generate configuration files + description: Generate configuration files for Shibboleth IDP + operationId: generateConfigurationFiles + responses: + 200: + description: OK + 500: + description: Server error + /api/v1/saml/tr/search_trust_relationships: + get: + operationId: searchTrustRelationships + parameters: + - name: pattern + in: query + required: true + schema: + type: string + - name: size_limit + in: query + schema: + type: integer + format: int32 + responses: + 200: + description: OK + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/list_all_other_federations/{inum}: + get: + operationId: listAllOtherFederations + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: OK + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/list_all_saml_trust_relationships: + get: + operationId: listAllSAMLTrustRelationships + parameters: + - name: size_limit + in: query + schema: + type: integer + format: int32 + responses: + 200: + description: OK + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/saml/tr/list_all_active_trust_relationships: + get: + operationId: listAllActiveTrustRelationships + responses: + 200: + description: OK + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/uma/resources/{id}: + get: + summary: Get UMA resource by id + description: Get a uma resource by id + operationId: getUmaResourceById + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + 500: + description: Server error + delete: + summary: Delete UMA resource + description: Delete a uma resource + operationId: deleteUmaResource + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + 500: + description: Server error + /api/v1/uma/resources: + get: + summary: Get UMA resources + description: Get uma resources + operationId: listUmaResources + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update UMA resource + description: Update uma resource + operationId: updateUmaResource + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + 500: + description: Server error + post: + summary: Add new UMA resource + description: Add new uma resource + operationId: createUmaResource + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + 500: + description: Server error + /api/v1/uma/resources/search: + get: + summary: Search UMA resources + description: Search uma resources + operationId: searchUmaResources + parameters: + - name: pattern + in: query + required: true + schema: + type: string + - name: size + in: query + required: true + schema: + type: integer + format: int32 + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/uma/resources/{id}/clients: + get: + summary: Get clients of UMA resources + description: Get clients of uma resource + operationId: getUmaResourceClients + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + default: + description: default response + content: + application/json: {} + /api/v1/uma/resources/{id}/scopes/{inum}: + post: + summary: Add UMA resource scope + description: add scope to uma resource + operationId: addScopeToUmaResource + parameters: + - name: id + in: path + required: true + schema: + type: string + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + 500: + description: Server error + delete: + summary: Remove UMA resource scope + description: remove a scope from uma resource + operationId: removeScopeToUmaResource + parameters: + - name: id + in: path + required: true + schema: + type: string + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + 500: + description: Server error + /api/v1/uma/resources/{id}/scopes: + get: + summary: Get UMA resource scopes + description: Get scopes of uma resource + operationId: getUmaResourceScopes + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + default: + description: default response + content: + application/json: {} + /api/v1/uma/resources/{id}/clients/{inum}: + post: + summary: Add UMA resource client + description: add client to uma resource + operationId: addClientToUmaResource + parameters: + - name: id + in: path + required: true + schema: + type: string + - name: inum + in: path + required: true + schema: + type: string + responses: + 201: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + 500: + description: Server error + delete: + summary: Remove UMA resource client + description: Remove client from uma resource + operationId: removeClientToUmaResource + parameters: + - name: id + in: path + required: true + schema: + type: string + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/UmaResource' + 500: + description: Server error + /api/v1/uma/scopes/search: + get: + summary: Search UMA scopes + description: Search uma scopes + operationId: searchUmaScopes + parameters: + - name: pattern + in: query + required: true + schema: + type: string + responses: + 200: + description: success + content: + application/json: + schema: + type: string + 500: + description: Server error + /api/v1/uma/scopes: + get: + summary: Get UMA scopes + description: Get uma scopes + operationId: listUmaScopes + responses: + 200: + description: success + content: + application/json: + schema: + type: string + 500: + description: Server error + put: + summary: Update UMA scope + description: Update uma scope + operationId: updateUmaScope + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 500: + description: Server error + post: + summary: Add new UMA scope + description: Add new uma scope + operationId: createUmaScope + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + responses: + 201: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 500: + description: Server error + /api/v1/uma/scopes/{inum}: + get: + summary: Get UMA scope by inum + description: Get a uma scope by inum + operationId: getUmaScopeByInum + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: success + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 500: + description: Server error + delete: + summary: Delete UMA scope + description: Delete a uma scope + operationId: deleteUmaScope + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: success + 500: + description: Server error + /api/v1/radius/clients: + get: + summary: Get all radius clients + description: Get all radius clients + operationId: listRadiusClients + responses: + 200: + description: Success + content: + application/json: + schema: + type: string + 403: + description: Gluu Radius is not installed + 500: + description: Internal server error + put: + summary: Update existing radius client + description: Update existing radius client + operationId: updateRadiusClient + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RadiusClient' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/RadiusClient' + 400: + description: Malformed Request. Missing parameter + 403: + description: Gluu Radius is not installed + 404: + description: Radius client not found + 500: + description: Internal server error + post: + summary: Add new radius client + description: Add new radius client + operationId: addRadiusClient + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RadiusClient' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/RadiusClient' + 400: + description: Malformed request. Missing parameter + 403: + description: Gluu Radius is not installed + 500: + description: Internal server error + /api/v1/radius/clients/{inum}: + get: + summary: Get radius client by inum + description: Get radius client by inum + operationId: getRadiusClient + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/RadiusClient' + 403: + description: Gluu Radius is not installed + 404: + description: Radius client not found + 500: + description: Internal server error + delete: + summary: Delete radius client + description: Deletes a radius client + operationId: deleteRadiusClient + parameters: + - name: inum + in: path + required: true + schema: + type: string + responses: + 204: + description: Success + 403: + description: Gluu Radius is not installed + 404: + description: Radius client not found + 500: + description: Internal server error + /api/v1/radius/settings: + get: + summary: Get Radius Server Configuration + description: Get Radius Server Configuration + operationId: getServerConfig + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/ServerConfiguration' + 403: + description: Gluu Radius is not installed + 404: + description: Gluu Radius configuration not found + 500: + description: Internal server error + put: + summary: Get Radius Server Configuration + description: Update Radius Server Configuration + operationId: updateServerConfiguration + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServerConfiguration' + responses: + 200: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/ServerConfiguration' + 403: + description: Gluu Radius is not installed + 404: + description: Gluu Radius configuration not found + 500: + description: Internal server error +components: + schemas: + AttributeValidation: + type: object + properties: + minLength: + type: integer + format: int32 + maxLength: + type: integer + format: int32 + regexp: + type: string + GluuAttribute: + required: + - dataType + - description + - displayName + - editType + - name + - viewType + type: object + properties: + dn: + type: string + selected: + type: boolean + inum: + type: string + sourceAttribute: + type: string + nameIdType: + type: string + name: + maxLength: 30 + minLength: 1 + pattern: ^[a-zA-Z0-9_]+$ + type: string + displayName: + maxLength: 60 + minLength: 0 + type: string + description: + maxLength: 4000 + minLength: 0 + type: string + origin: + type: string + dataType: + type: string + enum: + - string + - numeric + - boolean + - binary + - certificate + - generalizedTime + editType: + type: array + items: + type: string + enum: + - admin + - owner + - manager + - user + - whitePages + viewType: + type: array + items: + type: string + enum: + - admin + - owner + - manager + - user + - whitePages + usageType: + type: array + items: + type: string + enum: + - openid + oxAuthClaimName: + type: string + seeAlso: + type: string + status: + type: string + enum: + - active + - inactive + - expired + - register + saml1Uri: + type: string + saml2Uri: + type: string + urn: + type: string + oxSCIMCustomAttribute: + type: boolean + oxMultiValuedAttribute: + type: boolean + custom: + type: boolean + requred: + type: boolean + attributeValidation: + $ref: '#/components/schemas/AttributeValidation' + gluuTooltip: + type: string + adminCanAccess: + type: boolean + userCanView: + type: boolean + userCanEdit: + type: boolean + adminCanView: + type: boolean + adminCanEdit: + type: boolean + userCanAccess: + type: boolean + whitePagesCanView: + type: boolean + baseDn: + type: string + AuthenticationMethod: + type: object + properties: + defaultAcr: + type: string + oxtrustAcr: + type: string + CasProtocolDTO: + type: object + properties: + casBaseURL: + maxLength: 2147483647 + minLength: 1 + pattern: ^(ftp|http|https):\/\/[^ "]+$ + type: string + shibbolethCASProtocolConfiguration: + $ref: '#/components/schemas/ShibbolethCASProtocolConfigurationDTO' + ShibbolethCASProtocolConfigurationDTO: + required: + - sessionStorageType + type: object + properties: + inum: + maxLength: 2147483647 + minLength: 1 + type: string + enabled: + type: boolean + extended: + type: boolean + enableToProxyPatterns: + type: boolean + authorizedToProxyPattern: + maxLength: 2147483647 + minLength: 1 + type: string + unauthorizedToProxyPattern: + maxLength: 2147483647 + minLength: 1 + type: string + sessionStorageType: + type: string + enum: + - DEFAULT_STORAGE_SERVICE + - MEMCACHED_STORE_SERVICE + Certificates: + type: object + properties: + asimbaCertificates: + type: array + items: + $ref: '#/components/schemas/X509CertificateShortInfo' + trustStoreCertificates: + type: array + items: + $ref: '#/components/schemas/X509CertificateShortInfo' + internalCertificates: + type: array + items: + $ref: '#/components/schemas/X509CertificateShortInfo' + X509CertificateShortInfo: + type: object + properties: + alias: + type: string + issuer: + type: string + subject: + type: string + algorithm: + type: string + notBeforeDatetime: + type: string + format: date-time + notAfterDatetime: + type: string + format: date-time + viewStyle: + type: string + warning: + type: boolean + path: + type: string + name: + type: string + ClientAttributes: + type: object + properties: + tlsClientAuthSubjectDn: + type: string + runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims: + type: boolean + keepClientAuthorizationAfterExpiration: + type: boolean + allowSpontaneousScopes: + type: boolean + spontaneousScopes: + type: array + items: + type: string + spontaneousScopeScriptDns: + type: array + items: + type: string + backchannelLogoutUri: + type: array + items: + type: string + backchannelLogoutSessionRequired: + type: boolean + additionalAudience: + type: array + items: + type: string + postAuthnScripts: + type: array + items: + type: string + consentGatheringScripts: + type: array + items: + type: string + introspectionScripts: + type: array + items: + type: string + rptClaimsScripts: + type: array + items: + type: string + redirectRegex: + type: string + umaRPTClaimsScripts: + type: array + items: + type: string + updateTokenScripts: + type: array + items: + type: string + defaultPromptLogin: + type: string + OxAuthClient: + required: + - description + - displayName + - encodedClientSecret + - oxAuthAppType + type: object + properties: + dn: + type: string + selected: + type: boolean + inum: + type: string + displayName: + maxLength: 60 + minLength: 0 + type: string + description: + maxLength: 250 + minLength: 0 + type: string + oxAuthAppType: + type: string + enum: + - web + - native + contacts: + type: array + items: + type: string + oxAuthRedirectURIs: + type: array + items: + type: string + oxAuthPostLogoutRedirectURIs: + type: array + items: + type: string + oxAuthScopes: + type: array + items: + type: string + oxAuthClaims: + type: array + items: + type: string + encodedClientSecret: + type: string + associatedPersons: + type: array + items: + type: string + oxAuthTrustedClient: + type: boolean + responseTypes: + type: array + items: + type: string + enum: + - code + - token + - id_token + grantTypes: + type: array + items: + type: string + enum: + - none + - authorization_code + - implicit + - password + - client_credentials + - refresh_token + - urn:ietf:params:oauth:grant-type:uma-ticket + - urn:openid:params:grant-type:ciba + - urn:ietf:params:oauth:grant-type:device_code + logoUri: + type: string + clientUri: + type: string + policyUri: + type: string + tosUri: + type: string + jwksUri: + type: string + jwks: + type: string + sectorIdentifierUri: + type: string + subjectType: + type: string + enum: + - pairwise + - public + idTokenTokenBindingCnf: + type: string + rptAsJwt: + type: boolean + accessTokenAsJwt: + type: boolean + accessTokenSigningAlg: + type: string + enum: + - none + - HS256 + - HS384 + - HS512 + - RS256 + - RS384 + - RS512 + - ES256 + - ES384 + - ES512 + - PS256 + - PS384 + - PS512 + idTokenSignedResponseAlg: + type: string + enum: + - none + - HS256 + - HS384 + - HS512 + - RS256 + - RS384 + - RS512 + - ES256 + - ES384 + - ES512 + - PS256 + - PS384 + - PS512 + idTokenEncryptedResponseAlg: + type: string + enum: + - RSA1_5 + - RSA-OAEP + - A128KW + - A256KW + idTokenEncryptedResponseEnc: + type: string + enum: + - A128CBC+HS256 + - A256CBC+HS512 + - A128GCM + - A256GCM + userInfoSignedResponseAlg: + type: string + enum: + - none + - HS256 + - HS384 + - HS512 + - RS256 + - RS384 + - RS512 + - ES256 + - ES384 + - ES512 + - PS256 + - PS384 + - PS512 + userInfoEncryptedResponseAlg: + type: string + enum: + - RSA1_5 + - RSA-OAEP + - A128KW + - A256KW + userInfoEncryptedResponseEnc: + type: string + enum: + - A128CBC+HS256 + - A256CBC+HS512 + - A128GCM + - A256GCM + requestObjectSigningAlg: + type: string + enum: + - none + - HS256 + - HS384 + - HS512 + - RS256 + - RS384 + - RS512 + - ES256 + - ES384 + - ES512 + - PS256 + - PS384 + - PS512 + requestObjectEncryptionAlg: + type: string + enum: + - RSA1_5 + - RSA-OAEP + - A128KW + - A256KW + requestObjectEncryptionEnc: + type: string + enum: + - A128CBC+HS256 + - A256CBC+HS512 + - A128GCM + - A256GCM + tokenEndpointAuthMethod: + type: string + enum: + - client_secret_basic + - client_secret_post + - client_secret_jwt + - private_key_jwt + - none + tokenEndpointAuthSigningAlg: + type: string + enum: + - none + - HS256 + - HS384 + - HS512 + - RS256 + - RS384 + - RS512 + - ES256 + - ES384 + - ES512 + - PS256 + - PS384 + - PS512 + defaultMaxAge: + type: integer + format: int32 + requireAuthTime: + type: boolean + postLogoutRedirectUris: + type: array + items: + type: string + claimRedirectURI: + type: array + items: + type: string + logoutUri: + type: array + items: + type: string + logoutSessionRequired: + type: boolean + oxAuthPersistClientAuthorizations: + type: boolean + oxIncludeClaimsInIdToken: + type: boolean + oxRefreshTokenLifetime: + type: integer + format: int32 + accessTokenLifetime: + type: integer + format: int32 + defaultAcrValues: + type: array + items: + type: string + initiateLoginUri: + type: string + exp: + type: string + format: date-time + requestUris: + type: array + items: + type: string + authorizedOrigins: + type: array + items: + type: string + softwareId: + type: string + softwareVersion: + type: string + softwareStatement: + type: string + disabled: + type: boolean + oxdId: + type: string + oxAuthClientSecret: + type: string + deletable: + type: boolean + attributes: + $ref: '#/components/schemas/ClientAttributes' + backchannelAuthenticationRequestSigningAlg: + type: string + enum: + - RS256 + - RS384 + - RS512 + - ES256 + - ES384 + - ES512 + - PS256 + - PS384 + - PS512 + backchannelTokenDeliveryMode: + type: string + backchannelClientNotificationEndpoint: + type: string + backchannelUserCodeParameter: + type: boolean + baseDn: + type: string + Scope: + type: object + properties: + dn: + type: string + expirationDate: + type: string + format: date-time + deletable: + type: boolean + inum: + type: string + displayName: + type: string + id: + type: string + iconUrl: + type: string + description: + type: string + scopeType: + type: string + enum: + - openid + - dynamic + - uma + - spontaneous + - oauth + oxAuthClaims: + type: array + items: + type: string + defaultScope: + type: boolean + oxAuthGroupClaims: + type: boolean + dynamicScopeScripts: + type: array + items: + type: string + umaAuthorizationPolicies: + type: array + items: + type: string + attributes: + $ref: '#/components/schemas/ScopeAttributes' + umaType: + type: boolean + baseDn: + type: string + ScopeAttributes: + type: object + properties: + spontaneousClientId: + type: string + spontaneousClientScopes: + type: array + items: + type: string + showInConfigurationEndpoint: + type: boolean + CacheConfiguration: + type: object + properties: + cacheProviderType: + type: string + enum: + - IN_MEMORY + - MEMCACHED + - REDIS + - NATIVE_PERSISTENCE + memcachedConfiguration: + $ref: '#/components/schemas/MemcachedConfiguration' + inMemoryConfiguration: + $ref: '#/components/schemas/InMemoryConfiguration' + redisConfiguration: + $ref: '#/components/schemas/RedisConfiguration' + nativePersistenceConfiguration: + $ref: '#/components/schemas/NativePersistenceConfiguration' + CustomAttribute: + type: object + properties: + name: + type: string + values: + type: array + xml: + wrapped: true + items: + type: string + xml: + name: value + DBDocumentStoreConfiguration: + type: object + DocumentStoreConfiguration: + type: object + properties: + documentStoreType: + type: string + enum: + - LOCAL + - JCA + - WEB_DAV + - DB + localConfiguration: + $ref: '#/components/schemas/LocalDocumentStoreConfiguration' + jcaConfiguration: + $ref: '#/components/schemas/JcaDocumentStoreConfiguration' + webDavConfiguration: + $ref: '#/components/schemas/WebDavDocumentStoreConfiguration' + dbConfiguration: + $ref: '#/components/schemas/DBDocumentStoreConfiguration' + GluuConfiguration: + type: object + properties: + dn: + type: string + inum: + type: string + description: + type: string + displayName: + type: string + hostname: + type: string + lastUpdate: + type: string + format: date-time + pollingInterval: + type: string + status: + type: string + enum: + - active + - inactive + - expired + - register + userPassword: + type: string + gluuHttpStatus: + type: string + gluuDSStatus: + type: string + gluuVDSStatus: + type: string + gluuSPTR: + type: string + sslExpiry: + type: string + profileManagment: + type: boolean + manageIdentityPermission: + type: boolean + vdsCacheRefreshEnabled: + type: boolean + cacheRefreshServerIpAddress: + type: string + vdsCacheRefreshPollingInterval: + type: string + vdsCacheRefreshLastUpdate: + type: string + format: date-time + vdsCacheRefreshLastUpdateCount: + type: string + vdsCacheRefreshProblemCount: + type: string + scimEnabled: + type: boolean + passportEnabled: + type: boolean + radiusEnabled: + type: boolean + samlEnabled: + type: boolean + contactEmail: + type: array + items: + type: string + smtpConfiguration: + $ref: '#/components/schemas/SmtpConfiguration' + configurationDnsServer: + type: string + maxLogSize: + type: integer + format: int32 + oxIDPAuthentication: + type: array + items: + $ref: '#/components/schemas/OxIDPAuthConf' + authenticationMode: + type: string + oxTrustAuthenticationMode: + type: string + oxLogViewerConfig: + $ref: '#/components/schemas/LogViewerConfig' + oxLogConfigLocation: + type: string + passwordResetAllowed: + type: boolean + trustStoreConfiguration: + $ref: '#/components/schemas/TrustStoreConfiguration' + trustStoreCertificates: + type: array + items: + $ref: '#/components/schemas/TrustStoreCertificate' + cacheConfiguration: + $ref: '#/components/schemas/CacheConfiguration' + documentStoreConfiguration: + $ref: '#/components/schemas/DocumentStoreConfiguration' + customObjectClasses: + type: array + items: + type: string + xml: + name: value + baseDn: + type: string + GluuLdapConfiguration: + type: object + properties: + configId: + type: string + bindDN: + type: string + bindPassword: + type: string + servers: + type: array + items: + type: string + xml: + name: value + maxConnections: + type: integer + format: int32 + useSSL: + type: boolean + baseDNs: + type: array + items: + type: string + xml: + name: value + primaryKey: + type: string + localPrimaryKey: + type: string + useAnonymousBind: + type: boolean + enabled: + type: boolean + version: + type: integer + format: int32 + level: + type: integer + format: int32 + InMemoryConfiguration: + type: object + properties: + defaultPutExpiration: + type: integer + format: int32 + JcaDocumentStoreConfiguration: + type: object + properties: + serverUrl: + type: string + workspaceName: + type: string + connectionTimeout: + type: integer + format: int32 + userId: + type: string + password: + type: string + LocalDocumentStoreConfiguration: + type: object + properties: + baseLocation: + type: string + LogViewerConfig: + type: object + properties: + log_template: + type: array + items: + $ref: '#/components/schemas/SimpleExtendedCustomProperty' + MemcachedConfiguration: + type: object + properties: + servers: + type: string + maxOperationQueueLength: + type: integer + format: int32 + bufferSize: + type: integer + format: int32 + defaultPutExpiration: + type: integer + format: int32 + connectionFactoryType: + type: string + enum: + - DEFAULT + - BINARY + NativePersistenceConfiguration: + type: object + properties: + defaultPutExpiration: + type: integer + format: int32 + defaultCleanupBatchSize: + type: integer + format: int32 + deleteExpiredOnGetRequest: + type: boolean + OxIDPAuthConf: + type: object + properties: + type: + type: string + name: + type: string + level: + type: integer + format: int32 + priority: + type: integer + format: int32 + enabled: + type: boolean + version: + type: integer + format: int32 + fields: + type: array + items: + $ref: '#/components/schemas/CustomAttribute' + config: + $ref: '#/components/schemas/GluuLdapConfiguration' + xml: + name: oxIDPAuthConf + RedisConfiguration: + type: object + properties: + redisProviderType: + type: string + enum: + - STANDALONE + - CLUSTER + - SHARDED + - SENTINEL + servers: + type: string + defaultPutExpiration: + type: integer + format: int32 + sentinelMasterGroupName: + type: string + password: + type: string + useSSL: + type: boolean + sslTrustStoreFilePath: + type: string + sslTrustStorePassword: + type: string + sslKeyStoreFilePath: + type: string + sslKeyStorePassword: + type: string + maxIdleConnections: + type: integer + format: int32 + maxTotalConnections: + type: integer + format: int32 + connectionTimeout: + type: integer + format: int32 + soTimeout: + type: integer + format: int32 + maxRetryAttempts: + type: integer + format: int32 + SimpleExtendedCustomProperty: + type: object + properties: + value1: + type: string + value2: + type: string + hide: + type: boolean + description: + type: string + SmtpConfiguration: + type: object + properties: + valid: + type: boolean + connectProtectionList: + type: array + items: + type: string + enum: + - None + - StartTls + - SslTls + host: + type: string + port: + type: integer + format: int32 + connect-protection: + type: string + enum: + - None + - StartTls + - SslTls + trust-host: + type: boolean + from-name: + type: string + from-email-address: + type: string + requires-authentication: + type: boolean + user-name: + type: string + password: + type: string + key-store: + type: string + key-store-password: + type: string + key-store-alias: + type: string + TrustStoreCertificate: + type: object + properties: + name: + type: string + certificate: + type: string + version: + type: string + enabled: + type: boolean + added_by: + type: string + added_at: + type: string + format: date-time + modified_by: + type: string + modified_at: + type: string + format: date-time + TrustStoreConfiguration: + type: object + properties: + useJreCertificates: + type: boolean + WebDavDocumentStoreConfiguration: + type: object + properties: + serverUrl: + type: string + workspaceName: + type: string + connectionTimeout: + type: integer + format: int32 + userId: + type: string + password: + type: string + decryptedPassword: + type: string + CustomScript: + type: object + properties: + dn: + type: string + inum: + type: string + name: + maxLength: 60 + minLength: 2 + pattern: ^[a-zA-Z0-9_\-\:\/\.]+$ + type: string + aliases: + type: array + items: + type: string + description: + type: string + script: + type: string + scriptType: + type: string + enum: + - person_authentication + - introspection + - resource_owner_password_credentials + - application_session + - cache_refresh + - update_user + - user_registration + - client_registration + - id_generator + - uma_rpt_policy + - uma_rpt_claims + - uma_claims_gathering + - consent_gathering + - dynamic_scope + - spontaneous_scope + - end_session + - post_authn + - scim + - ciba_end_user_notification + - revoke_token + - persistence_extension + - idp + - update_token + programmingLanguage: + type: string + enum: + - python + - javascript + moduleProperties: + type: array + items: + $ref: '#/components/schemas/SimpleCustomProperty' + configurationProperties: + type: array + items: + $ref: '#/components/schemas/SimpleExtendedCustomProperty' + level: + type: integer + format: int32 + revision: + type: integer + format: int64 + enabled: + type: boolean + scriptError: + $ref: '#/components/schemas/ScriptError' + modified: + type: boolean + internal: + type: boolean + locationType: + type: string + enum: + - ldap + - file + locationPath: + type: string + baseDn: + type: string + ScriptError: + type: object + properties: + raisedAt: + type: string + format: date-time + stackTrace: + type: string + SimpleCustomProperty: + type: object + properties: + value1: + type: string + value2: + type: string + description: + type: string + GluuGroupApi: + type: object + properties: + inum: + type: string + iname: + type: string + displayName: + type: string + description: + type: string + owner: + type: string + members: + type: array + items: + type: string + organization: + type: string + status: + type: string + enum: + - active + - inactive + - expired + - register + GluuPersonApi: + type: object + properties: + inum: + type: string + surName: + type: string + givenName: + type: string + email: + type: string + password: + type: string + userName: + type: string + displayName: + type: string + creationDate: + type: string + format: date-time + status: + type: string + enum: + - active + - inactive + - expired + - register + LdapConfigurationDTO: + type: object + properties: + configId: + maxLength: 2147483647 + minLength: 1 + type: string + bindDN: + type: string + bindPassword: + maxLength: 2147483647 + minLength: 1 + type: string + servers: + type: array + items: + type: string + maxConnections: + type: integer + format: int32 + useSSL: + type: boolean + baseDNs: + type: array + items: + type: string + primaryKey: + type: string + localPrimaryKey: + type: string + useAnonymousBind: + type: boolean + enabled: + type: boolean + level: + type: integer + format: int32 + ConnectionStatusDTO: + type: object + properties: + up: + type: boolean + LdapConnectionData: + type: object + properties: + bindDN: + type: string + bindPassword: + type: string + servers: + type: array + items: + type: string + useSSL: + type: boolean + AuthenticationFilter: + type: object + properties: + filter: + type: string + bind: + type: boolean + bindPasswordAttribute: + type: string + baseDn: + type: string + AuthenticationProtectionConfiguration: + type: object + properties: + attemptExpiration: + type: integer + format: int32 + maximumAllowedAttemptsWithoutDelay: + type: integer + format: int32 + delayTime: + type: integer + format: int32 + bruteForceProtectionEnabled: + type: boolean + ClientAuthenticationFilter: + type: object + properties: + filter: + type: string + bind: + type: string + bindPasswordAttribute: + type: string + baseDn: + type: string + CorsConfigurationFilter: + type: object + properties: + filterName: + type: string + corsAllowedOrigins: + type: string + corsAllowedMethods: + type: string + corsAllowedHeaders: + type: string + corsExposedHeaders: + type: string + corsSupportCredentials: + type: boolean + corsLoggingEnabled: + type: boolean + corsPreflightMaxAge: + type: integer + format: int32 + corsRequestDecorate: + type: boolean + Fido2Configuration: + type: object + properties: + authenticatorCertsFolder: + type: string + mdsCertsFolder: + type: string + mdsTocsFolder: + type: string + serverMetadataFolder: + type: string + checkU2fAttestations: + type: boolean + userAutoEnrollment: + type: boolean + unfinishedRequestExpiration: + type: integer + format: int32 + authenticationHistoryExpiration: + type: integer + format: int32 + disableFido2: + type: boolean + OxAuthJsonConfiguration: + type: object + properties: + issuer: + type: string + baseEndpoint: + type: string + authorizationEndpoint: + type: string + tokenEndpoint: + type: string + tokenRevocationEndpoint: + type: string + userInfoEndpoint: + type: string + clientInfoEndpoint: + type: string + checkSessionIFrame: + type: string + endSessionEndpoint: + type: string + jwksUri: + type: string + registrationEndpoint: + type: string + openIdDiscoveryEndpoint: + type: string + openIdConfigurationEndpoint: + type: string + idGenerationEndpoint: + type: string + introspectionEndpoint: + type: string + umaConfigurationEndpoint: + type: string + sectorIdentifierEndpoint: + type: string + oxElevenGenerateKeyEndpoint: + type: string + oxElevenSignEndpoint: + type: string + oxElevenVerifySignatureEndpoint: + type: string + oxElevenDeleteKeyEndpoint: + type: string + oxElevenJwksEndpoint: + type: string + openidSubAttribute: + type: string + responseTypesSupported: + type: array + items: + type: array + items: + type: string + grantTypesSupported: + type: array + items: + type: string + subjectTypesSupported: + type: array + items: + type: string + defaultSubjectType: + type: string + userInfoSigningAlgValuesSupported: + type: array + items: + type: string + userInfoEncryptionAlgValuesSupported: + type: array + items: + type: string + userInfoEncryptionEncValuesSupported: + type: array + items: + type: string + idTokenSigningAlgValuesSupported: + type: array + items: + type: string + idTokenEncryptionAlgValuesSupported: + type: array + items: + type: string + idTokenEncryptionEncValuesSupported: + type: array + items: + type: string + requestObjectSigningAlgValuesSupported: + type: array + items: + type: string + requestObjectEncryptionAlgValuesSupported: + type: array + items: + type: string + requestObjectEncryptionEncValuesSupported: + type: array + items: + type: string + tokenEndpointAuthMethodsSupported: + type: array + items: + type: string + tokenEndpointAuthSigningAlgValuesSupported: + type: array + items: + type: string + dynamicRegistrationCustomAttributes: + type: array + items: + type: string + displayValuesSupported: + type: array + items: + type: string + claimTypesSupported: + type: array + items: + type: string + serviceDocumentation: + type: string + claimsLocalesSupported: + type: array + items: + type: string + idTokenTokenBindingCnfValuesSupported: + type: array + items: + type: string + uiLocalesSupported: + type: array + items: + type: string + dynamicGrantTypeDefault: + type: array + items: + type: string + claimsParameterSupported: + type: boolean + requestParameterSupported: + type: boolean + requestUriParameterSupported: + type: boolean + requireRequestUriRegistration: + type: boolean + allowPostLogoutRedirectWithoutValidation: + type: boolean + introspectionAccessTokenMustHaveUmaProtectionScope: + type: boolean + opPolicyUri: + type: string + opTosUri: + type: string + authorizationCodeLifetime: + type: integer + format: int32 + refreshTokenLifetime: + type: integer + format: int32 + idTokenLifetime: + type: integer + format: int32 + accessTokenLifetime: + type: integer + format: int32 + umaResourceLifetime: + type: integer + format: int32 + sessionAsJwt: + type: boolean + umaRptLifetime: + type: integer + format: int32 + umaTicketLifetime: + type: integer + format: int32 + umaPctLifetime: + type: integer + format: int32 + umaAddScopesAutomatically: + type: boolean + umaValidateClaimToken: + type: boolean + umaGrantAccessIfNoPolicies: + type: boolean + umaRestrictResourceToAssociatedClient: + type: boolean + umaKeepClientDuringResourceSetRegistration: + type: boolean + umaRptAsJwt: + type: boolean + cleanServiceInterval: + type: integer + format: int32 + keyRegenerationEnabled: + type: boolean + keyRegenerationInterval: + type: integer + format: int32 + defaultSignatureAlgorithm: + type: string + oxOpenIdConnectVersion: + type: string + organizationInum: + type: string + oxId: + type: string + dynamicRegistrationEnabled: + type: boolean + dynamicRegistrationExpirationTime: + type: integer + format: int32 + dynamicRegistrationPersistClientAuthorizations: + type: boolean + trustedClientEnabled: + type: boolean + skipAuthorizationForOpenIdScopeAndPairwiseId: + type: boolean + dynamicRegistrationScopesParamEnabled: + type: boolean + dynamicRegistrationCustomObjectClass: + type: string + personCustomObjectClassList: + type: array + items: + type: string + persistIdTokenInLdap: + type: boolean + persistRefreshTokenInLdap: + type: boolean + authenticationFiltersEnabled: + type: boolean + invalidateSessionCookiesAfterAuthorizationFlow: + type: boolean + clientAuthenticationFiltersEnabled: + type: boolean + authenticationFilters: + type: array + items: + $ref: '#/components/schemas/AuthenticationFilter' + clientAuthenticationFilters: + type: array + items: + $ref: '#/components/schemas/ClientAuthenticationFilter' + configurationInum: + type: string + sessionIdUnusedLifetime: + type: integer + format: int32 + sessionIdUnauthenticatedUnusedLifetime: + type: integer + format: int32 + sessionIdEnabled: + type: boolean + sessionIdPersistOnPromptNone: + type: boolean + sessionIdLifetime: + type: integer + format: int32 + configurationUpdateInterval: + type: integer + format: int32 + cssLocation: + type: string + jsLocation: + type: string + imgLocation: + type: string + metricReporterInterval: + type: integer + format: int32 + metricReporterKeepDataDays: + type: integer + format: int32 + pairwiseIdType: + type: string + pairwiseCalculationKey: + type: string + pairwiseCalculationSalt: + type: string + shareSubjectIdBetweenClientsWithSameSectorId: + type: boolean + webKeysStorage: + type: string + dnName: + type: string + keyStoreFile: + type: string + keyStoreSecret: + type: string + endSessionWithAccessToken: + type: boolean + clientWhiteList: + type: array + items: + type: string + clientBlackList: + type: array + items: + type: string + legacyIdTokenClaims: + type: boolean + customHeadersWithAuthorizationResponse: + type: boolean + frontChannelLogoutSessionSupported: + type: boolean + updateUserLastLogonTime: + type: boolean + updateClientAccessTime: + type: boolean + enableClientGrantTypeUpdate: + type: boolean + corsConfigurationFilters: + type: array + items: + $ref: '#/components/schemas/CorsConfigurationFilter' + logClientIdOnClientAuthentication: + type: boolean + logClientNameOnClientAuthentication: + type: boolean + httpLoggingEnabled: + type: boolean + httpLoggingExludePaths: + type: array + items: + type: object + externalLoggerConfiguration: + type: string + authorizationRequestCustomAllowedParameters: + type: array + items: + type: string + legacyDynamicRegistrationScopeParam: + type: boolean + openidScopeBackwardCompatibility: + type: boolean + useCacheForAllImplicitFlowObjects: + type: boolean + disableU2fEndpoint: + type: boolean + authenticationProtectionConfiguration: + $ref: '#/components/schemas/AuthenticationProtectionConfiguration' + fido2Configuration: + $ref: '#/components/schemas/Fido2Configuration' + loggingLevel: + type: string + errorHandlingMethod: + type: string + cookieDomain: + type: string + OxTrustJsonSetting: + type: object + properties: + orgName: + type: string + supportEmail: + type: string + authenticationRecaptchaEnabled: + type: boolean + enforceEmailUniqueness: + type: boolean + loggingLevel: + type: string + passwordResetRequestExpirationTime: + type: integer + format: int32 + cleanServiceInterval: + type: integer + format: int32 + OxtrustSetting: + type: object + properties: + allowPasswordReset: + type: string + enablePassport: + type: string + enableScim: + type: string + allowProfileManagement: + type: string + AuthzParams: + type: object + properties: + provider: + type: string + extraParams: + type: object + additionalProperties: + type: string + redirect_uri: + type: string + response_type: + type: string + scope: + type: string + Configuration: + type: object + properties: + serverURI: + type: string + serverWebPort: + type: integer + format: int32 + postProfileEndpoint: + type: string + spTLSCert: + type: string + spTLSKey: + type: string + logging: + $ref: '#/components/schemas/LoggingConfig' + IIConfiguration: + type: object + properties: + openidclient: + $ref: '#/components/schemas/OIDCDetails' + authorizationParams: + type: array + items: + $ref: '#/components/schemas/AuthzParams' + LoggingConfig: + type: object + properties: + level: + type: string + consoleLogOnly: + type: boolean + activeMQConf: + $ref: '#/components/schemas/MQConfig' + MQConfig: + type: object + properties: + enabled: + type: boolean + host: + type: string + username: + type: string + password: + type: string + port: + type: integer + format: int32 + OIDCDetails: + type: object + properties: + authorizationEndpoint: + type: string + clientId: + type: string + acrValues: + type: string + PassportConfiguration: + type: object + properties: + conf: + $ref: '#/components/schemas/Configuration' + idpInitiated: + $ref: '#/components/schemas/IIConfiguration' + providers: + type: array + items: + $ref: '#/components/schemas/Provider' + Provider: + type: object + properties: + id: + type: string + displayName: + type: string + type: + type: string + mapping: + type: string + passportStrategyId: + type: string + enabled: + type: boolean + callbackUrl: + type: string + requestForEmail: + type: boolean + emailLinkingSafe: + type: boolean + passportAuthnParams: + type: string + options: + type: object + additionalProperties: + type: string + logo_img: + type: string + GluuServerStatus: + type: object + properties: + hostname: + type: string + ipAddress: + type: string + uptime: + type: string + lastUpdate: + type: string + format: date-time + pollingInterval: + type: string + personCount: + type: string + groupCount: + type: string + freeMemory: + type: string + freeDiskSpace: + type: string + GluuCustomAttribute: + type: object + properties: + name: + type: string + metadata: + $ref: '#/components/schemas/GluuAttribute' + newAttribute: + type: boolean + mandatory: + type: boolean + readonly: + type: boolean + booleanValues: + type: array + items: + type: string + enum: + - disabled + - enabled + - "false" + - "true" + - inactive + - active + displayValue: + type: object + booleanValue: + type: string + enum: + - disabled + - enabled + - "false" + - "true" + - inactive + - active + adminCanAccess: + type: boolean + userCanView: + type: boolean + userCanEdit: + type: boolean + adminCanView: + type: boolean + adminCanEdit: + type: boolean + userCanAccess: + type: boolean + new: + type: boolean + multiValued: + type: boolean + stringValue: + type: string + stringValues: + type: array + items: + type: string + GluuSAMLTrustRelationship: + required: + - description + - displayName + - spMetaDataSourceType + type: object + properties: + dn: + type: string + inum: + type: string + displayName: + maxLength: 60 + minLength: 0 + type: string + description: + maxLength: 4000 + minLength: 0 + type: string + status: + type: string + enum: + - active + - inactive + - expired + - register + validationStatus: + type: string + enum: + - In Progress + - Success + - Scheduled + - Failed + releasedAttributes: + type: array + items: + type: string + spMetaDataSourceType: + type: string + enum: + - file + - uri + - federation + - manual + spMetaDataFN: + type: string + spMetaDataURL: + type: string + owner: + type: string + maxRefreshDelay: + type: string + releasedCustomAttributes: + type: array + items: + $ref: '#/components/schemas/GluuCustomAttribute' + metadataFilters: + type: object + additionalProperties: + $ref: '#/components/schemas/MetadataFilter' + profileConfigurations: + type: object + additionalProperties: + $ref: '#/components/schemas/ProfileConfiguration' + gluuSAMLMetaDataFilter: + type: array + items: + type: string + gluuTrustContact: + type: array + items: + type: string + gluuTrustDeconstruction: + type: array + items: + type: string + gluuContainerFederation: + type: string + gluuIsFederation: + type: string + gluuEntityId: + type: array + items: + type: string + gluuProfileConfiguration: + type: array + items: + type: string + gluuSpecificRelyingPartyConfig: + type: string + url: + pattern: ^(https?|http)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|] + type: string + spLogoutURL: + pattern: ^$|(^(https?|http)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]) + type: string + validationLog: + type: array + items: + type: string + researchBundleEnabled: + type: string + entityType: + type: string + enum: + - Single SP + - Federation/Aggregate + entityId: + type: string + federation: + type: boolean + researchBundle: + type: boolean + specificRelyingPartyConfig: + type: boolean + containerFederation: + $ref: '#/components/schemas/GluuSAMLTrustRelationship' + uniqueGluuEntityId: + uniqueItems: true + type: array + writeOnly: true + items: + type: string + baseDn: + type: string + writeOnly: true + MetadataFilter: + type: object + properties: + name: + type: string + description: + type: string + extensionSchemas: + type: array + items: + type: string + extensionSchema: + type: string + removeRolelessEntityDescriptors: + type: boolean + removeEmptyEntitiesDescriptors: + type: boolean + retainedRole: + type: string + retainedRoles: + type: array + items: + type: string + maxValidityInterval: + type: integer + format: int32 + id: + type: string + certPath: + type: string + requireSignedMetadata: + type: boolean + filterCertFileName: + type: string + ProfileConfiguration: + type: object + properties: + name: + type: string + includeAttributeStatement: + type: boolean + signResponses: + type: string + signAssertions: + type: string + signRequests: + type: string + assertionLifetime: + type: integer + format: int32 + assertionProxyCount: + type: integer + format: int32 + encryptNameIds: + type: string + encryptAssertions: + type: string + profileConfigurationCertFileName: + type: string + defaultAuthenticationMethod: + type: string + nameIDFormatPrecedence: + type: string + nameIDFormatPrecedenceList: + type: array + items: + type: string + SAMLTrustRelationshipShort: + type: object + properties: + inum: + type: string + displayName: + type: string + description: + type: string + validationStatus: + type: string + enum: + - In Progress + - Success + - Scheduled + - Failed + releasedAttributes: + type: array + items: + type: string + TrustContact: + type: object + properties: + name: + type: string + phone: + type: string + mail: + type: string + title: + type: string + UmaResource: + required: + - name + type: object + properties: + dn: + type: string + inum: + type: string + id: + type: string + name: + type: string + iconUri: + type: string + scopes: + type: array + items: + type: string + scopeExpression: + type: string + clients: + type: array + items: + type: string + resources: + type: array + items: + type: string + rev: + type: string + creator: + type: string + description: + type: string + type: + type: string + creationDate: + type: string + format: date-time + expirationDate: + type: string + format: date-time + deletable: + type: boolean + ttl: + type: integer + format: int32 + RadiusClient: + type: object + properties: + dn: + type: string + inum: + type: string + name: + type: string + ipAddress: + type: string + secret: + type: string + priority: + type: integer + format: int32 + ServerConfiguration: + type: object + properties: + dn: + type: string + listenInterface: + type: string + authPort: + type: integer + format: int32 + acctPort: + type: integer + format: int32 + openidUsername: + type: string + openidPassword: + type: string + openidBaseUrl: + type: string + acrValue: + type: string + scopes: + type: array + items: + type: string + authenticationTimeout: + type: integer + format: int32