diff --git a/.speakeasy/gen.lock b/.speakeasy/gen.lock
index 821d2c7..0799ca1 100755
--- a/.speakeasy/gen.lock
+++ b/.speakeasy/gen.lock
@@ -1,12 +1,12 @@
lockVersion: 2.0.0
id: b81e5def-5b1e-4753-ae7c-0efccc2e6f61
management:
- docChecksum: e7f0997368d05f4181c30c542b81c1b8
+ docChecksum: d1b1d533361b8d1a156a10a560fa0e38
docVersion: 0.0.1
speakeasyVersion: 1.459.2
generationVersion: 2.483.1
- releaseVersion: 0.1.15
- configChecksum: 791487d781f65065a3f8d3099d35bd6e
+ releaseVersion: 0.1.16
+ configChecksum: 037cc60c9527eefe39f1d52dbf84328b
features:
go:
additionalDependencies: 0.1.0
diff --git a/.speakeasy/gen.yaml b/.speakeasy/gen.yaml
index 97b20d3..4717ae1 100755
--- a/.speakeasy/gen.yaml
+++ b/.speakeasy/gen.yaml
@@ -13,7 +13,7 @@ generation:
oAuth2ClientCredentialsEnabled: false
oAuth2PasswordEnabled: false
go:
- version: 0.1.15
+ version: 0.1.16
additionalDependencies: {}
allowUnknownFieldsInWeakUnions: false
clientServerStatusCodesAsErrors: true
diff --git a/docs/sdks/routes/README.md b/docs/sdks/routes/README.md
index 37d61be..9ba588f 100644
--- a/docs/sdks/routes/README.md
+++ b/docs/sdks/routes/README.md
@@ -19,6 +19,9 @@ Depending on the protocol, one of the following attributes must be set:
- `grpcs`: At least one of `hosts`, `headers`, `paths`, or `snis`
- `ws`: At least one of `hosts`, `headers`, or `paths`
- `wss`: At least one of `hosts`, `headers`, `paths`, or `snis`
+
+
+
A route can't have both `tls` and `tls_passthrough` protocols at same time.
diff --git a/openapi.yaml b/openapi.yaml
index 4119728..498e313 100644
--- a/openapi.yaml
+++ b/openapi.yaml
@@ -15,20 +15,235 @@ servers:
- url: https://us.api.konghq.com
- url: https://eu.api.konghq.com
- url: https://au.api.konghq.com
+security:
+ - personalAccessToken: []
+ - systemAccountAccessToken: []
+ - konnectAccessToken: []
+tags:
+ - name: Control Planes
+ - name: Control Plane Groups
+ - name: Auth Settings
+ - name: Invites
+ - name: Roles
+ - name: Team Membership
+ - name: Teams
+ - name: Users
+ - name: System Accounts
+ - name: System Accounts - Access Tokens
+ - name: System Accounts - Roles
+ - name: System Accounts - Team Membership
+ - name: Me
+ - name: Authentication
+ - name: Impersonation Settings
+ - description: DP Nodes
+ name: DP Nodes
+ - description: DP Certificates
+ name: DP Certificates
+ - description: Custom Plugin Schemas
+ name: Custom Plugin Schemas
+ - description: >
+ Service entities are abstractions of your microservice interfaces or
+ formal APIs. For example, a service could be a data transformation
+ microservice or a billing API.
+
+
+
+ The main attribute of a service is the destination URL for proxying
+ traffic. This URL can be set as a single string or by specifying its
+ protocol, host, port and path individually.
+
+
+
+ Services are associated to routes, and a single service can have many
+ routes associated with it. Routes are entrypoints in Kong Gateway which
+ define rules to match client requests. Once a route is matched, Kong
+ Gateway proxies the request to its associated service. See the [Proxy
+ Reference](https://docs.konghq.com/gateway/latest/how-kong-works/routing-traffic/)
+ for a detailed explanation of how Kong proxies traffic.
+
+
+
+ Services can be both [tagged and filtered by
+ tags](https://docs.konghq.com/gateway/latest/admin-api/#tags).
+ name: Services
+ - description: >
+ Route entities define rules to match client requests. Each route is
+ associated with a service, and a service may have multiple routes
+ associated to it. Every request matching a given route will be proxied to
+ the associated service. You need at least one matching rule that applies
+ to the protocol being matched by the route.
+
+
+
+ The combination of routes and services, and the separation of concerns
+ between them, offers a powerful routing mechanism with which it is
+ possible to define fine-grained entrypoints in Kong Gateway leading to
+ different upstream services of your infrastructure.
+
+
+
+ Depending on the protocol, one of the following attributes must be set:
+
+
+
+
+ - `http`: At least one of `methods`, `hosts`, `headers`, or `paths`
+
+ - `https`: At least one of `methods`, `hosts`, `headers`, `paths`, or
+ `snis`
+
+ - `tcp`: At least one of `sources` or `destinations`
+
+ - `tls`: at least one of `sources`, `destinations`, or `snis`
+
+ - `tls_passthrough`: set `snis`
+
+ - `grpc`: At least one of `hosts`, `headers`, or `paths`
+
+ - `grpcs`: At least one of `hosts`, `headers`, `paths`, or `snis`
+
+ - `ws`: At least one of `hosts`, `headers`, or `paths`
+
+ - `wss`: At least one of `hosts`, `headers`, `paths`, or `snis`
+
+
+
+
+ A route can't have both `tls` and `tls_passthrough` protocols at same time.
+
+ Learn more about the router:
+ - [Configure routes using
+ expressions](https://docs.konghq.com/gateway/latest/key-concepts/routes/expressions)
+
+ - [Router Expressions language
+ reference](https://docs.konghq.com/gateway/latest/reference/router-expressions-language/)
+ name: Routes
+ - description: >
+ A plugin entity represents a plugin configuration that will be executed
+ during the HTTP request/response lifecycle. Plugins let you add
+ functionality to services that run behind a Kong Gateway instance, like
+ authentication or rate limiting.
+
+ You can find more information about available plugins and which values
+ each plugin accepts at the [Plugin Hub](https://docs.konghq.com/hub/).
+
+
+
+ When adding a plugin configuration to a service, the plugin will run on
+ every request made by a client to that service. If a plugin needs to be
+ tuned to different values for some specific consumers, you can do so by
+ creating a separate plugin instance that specifies both the service and
+ the consumer, through the service and consumer fields.
+
+
+
+ Plugins can be both [tagged and filtered by
+ tags](https://docs.konghq.com/gateway/latest/admin-api/#tags).
+ name: Plugins
+ - description: >
+ The consumer object represents a consumer - or a user - of a service.
+
+ You can either rely on Kong Gateway as the primary datastore, or you can
+ map the consumer list with your database to keep consistency between Kong
+ Gateway and your existing primary datastore.
+ name: Consumers
+ - description: >-
+ Consumer groups enable the organization and categorization of consumers
+ (users or applications) within an API ecosystem.
+
+ By grouping consumers together, you eliminate the need to manage them
+ individually, providing a scalable, efficient approach to managing
+ configurations.
+ name: Consumer Groups
+ - description: >
+ A certificate object represents a public certificate, and can be
+ optionally paired with the corresponding private key. These objects are
+ used by Kong Gateway to handle SSL/TLS termination for encrypted requests,
+ or for use as a trusted CA store when validating peer certificate of
+ client/service.
+
+
+
+ Certificates are optionally associated with SNI objects to tie a cert/key
+ pair to one or more hostnames.
+
+
+
+ If intermediate certificates are required in addition to the main
+ certificate, they should be concatenated together into one string.
+ name: Certificates
+ - description: >-
+ An SNI object represents a many-to-one mapping of hostnames to a
+ certificate.
+
+
+
+ A certificate object can have many hostnames associated with it. When Kong
+ Gateway receives an SSL request, it uses the SNI field in the Client Hello
+ to look up the certificate object based on the SNI associated with the
+ certificate.
+ name: SNIs
+ - description: >-
+ A CA certificate object represents a trusted certificate authority.
+
+ These objects are used by Kong Gateway to verify the validity of a client
+ or server certificate.
+ name: CA Certificates
+ - description: >-
+ The upstream object represents a virtual hostname and can be used to load
+ balance incoming requests over multiple services (targets).
+
+
+
+ An upstream also includes a [health
+ checker](https://docs.konghq.com/gateway/latest/how-kong-works/health-checks/),
+ which can enable and disable targets based on their ability or inability
+ to serve requests.
+
+ The configuration for the health checker is stored in the upstream object,
+ and applies to all of its targets.
+ name: Upstreams
+ - description: >
+ Vault objects are used to configure different vault connectors for
+ [managing
+ secrets](https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/).
+
+ Configuring a vault lets you reference secrets from other entities.
+
+ This allows for a proper separation of secrets and configuration and
+ prevents secret sprawl.
+
+
+
+ For example, you could store a certificate and a key in a vault, then
+ reference them from a certificate entity. This way, the certificate and
+ key are not stored in the entity directly and are more secure.
+
+
+
+ Secrets rotation can be managed using
+ [TTLs](https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/advanced-usage/).
+ name: Vaults
+ - description: >
+ A key object holds a representation of asymmetric keys in various formats.
+ When Kong Gateway or a Kong plugin requires a specific public or private
+ key to perform certain operations, it can use this entity.
+ name: Keys
+ - description: >
+ A JSON Web key set. Key sets are the preferred way to expose keys to
+ plugins because they tell the plugin where to look for keys or have a
+ scoping mechanism to restrict plugins to specific keys.
+ name: KeySets
+ - name: API-keys
+ - name: Basic-auth credentials
+ - name: JWTs
+ - name: HMAC-auth credentials
+ - name: MTLS-auth credentials
+ - name: ACLs
paths:
/v2/control-planes:
get:
- operationId: list-control-planes
summary: List Control Planes
- description: >-
- Returns an array of control plane objects containing information about
- the Konnect Control Planes.
- parameters:
- - $ref: '#/components/parameters/PageSize'
- - $ref: '#/components/parameters/PageNumber'
- - $ref: '#/components/parameters/ControlPlaneFilter'
- - $ref: '#/components/parameters/FilterByLabels'
- - $ref: '#/components/parameters/ControlPlaneSort'
responses:
'200':
$ref: '#/components/responses/ListControlPlanesResponse'
@@ -40,20 +255,23 @@ paths:
$ref: '#/components/responses/ControlPlanePermissionDenied'
'503':
$ref: '#/components/responses/ServiceUnavailable'
+ operationId: list-control-planes
+ description: >-
+ Returns an array of control plane objects containing information about
+ the Konnect Control Planes.
+ parameters:
+ - $ref: '#/components/parameters/PageSize'
+ - $ref: '#/components/parameters/PageNumber'
+ - $ref: '#/components/parameters/ControlPlaneFilter'
+ - $ref: '#/components/parameters/FilterByLabels'
+ - $ref: '#/components/parameters/ControlPlaneSort'
tags:
- Control Planes
parameters: []
post:
x-speakeasy-entity-operation: GatewayControlPlane#create
- operationId: create-control-plane
summary: Create Control Plane
- description: Create a control plane in the Konnect Organization.
- requestBody:
- required: true
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/CreateControlPlaneRequest'
+ operationId: create-control-plane
responses:
'201':
$ref: '#/components/responses/CreateControlPlaneResponse'
@@ -71,8 +289,15 @@ paths:
$ref: '#/components/responses/ServiceUnavailable'
tags:
- Control Planes
- /v2/control-planes/{controlPlaneId}/core-entities/acls:
- get:
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CreateControlPlaneRequest'
+ description: Create a control plane in the Konnect Organization.
+ /v2/control-planes/{controlPlaneId}/core-entities/acls:
+ get:
operationId: list-acl
summary: List all ACLs
description: List all ACLs
@@ -2320,14 +2545,7 @@ paths:
parameters:
- $ref: '#/components/parameters/controlPlaneId'
get:
- operationId: list-plugin-schemas
summary: List custom plugin schemas associated with a control plane
- description: >-
- Returns an array of custom plugins schemas associated with a control
- plane.
- parameters:
- - $ref: '#/components/parameters/PageSize'
- - $ref: '#/components/parameters/PageAfter'
responses:
'200':
$ref: '#/components/responses/list-plugin-schemas'
@@ -2337,15 +2555,19 @@ paths:
$ref: '#/components/responses/Unauthorized'
'403':
$ref: '#/components/responses/Forbidden'
+ operationId: list-plugin-schemas
+ description: >-
+ Returns an array of custom plugins schemas associated with a control
+ plane.
+ parameters:
+ - $ref: '#/components/parameters/PageSize'
+ - $ref: '#/components/parameters/PageAfter'
tags:
- Custom Plugin Schemas
post:
x-speakeasy-entity-operation: GatewayCustomPluginSchema#create
- operationId: create-plugin-schemas
summary: Upload custom plugin schema
- description: Upload a custom plugin schema associated with a control plane.
- requestBody:
- $ref: '#/components/requestBodies/create-plugin-schemas'
+ operationId: create-plugin-schemas
responses:
'201':
$ref: '#/components/responses/plugin-schemas'
@@ -2359,21 +2581,22 @@ paths:
$ref: '#/components/responses/Conflict'
tags:
- Custom Plugin Schemas
+ description: Upload a custom plugin schema associated with a control plane.
+ requestBody:
+ $ref: '#/components/requestBodies/create-plugin-schemas'
/v2/control-planes/{controlPlaneId}/core-entities/plugin-schemas/{name}:
parameters:
- $ref: '#/components/parameters/controlPlaneId'
- - name: name
- in: path
- description: The custom plugin name
- required: true
- schema:
+ - schema:
type: string
example: myplugin
+ name: name
+ in: path
+ required: true
+ description: The custom plugin name
get:
x-speakeasy-entity-operation: GatewayCustomPluginSchema#read
- operationId: get-plugin-schema
summary: Fetch custom plugin schema
- description: Returns information about a custom plugin from a given name.
responses:
'200':
$ref: '#/components/responses/plugin-schemas'
@@ -2383,13 +2606,14 @@ paths:
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
+ operationId: get-plugin-schema
+ description: Returns information about a custom plugin from a given name.
tags:
- Custom Plugin Schemas
delete:
x-speakeasy-entity-operation: GatewayCustomPluginSchema#delete
- operationId: delete-plugin-schemas
summary: Delete custom plugin schema
- description: Delete an individual custom plugin schema.
+ operationId: delete-plugin-schemas
responses:
'204':
description: No Content
@@ -2399,15 +2623,13 @@ paths:
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
+ description: Delete an individual custom plugin schema.
tags:
- Custom Plugin Schemas
put:
x-speakeasy-entity-operation: GatewayCustomPluginSchema#update
- operationId: update-plugin-schemas
summary: Create or update a custom plugin schema
- description: Create or update an individual custom plugin schema.
- requestBody:
- $ref: '#/components/requestBodies/create-plugin-schemas'
+ operationId: update-plugin-schemas
responses:
'200':
$ref: '#/components/responses/plugin-schemas'
@@ -2417,8 +2639,11 @@ paths:
$ref: '#/components/responses/Forbidden'
'404':
$ref: '#/components/responses/NotFound'
+ description: Create or update an individual custom plugin schema.
tags:
- Custom Plugin Schemas
+ requestBody:
+ $ref: '#/components/requestBodies/create-plugin-schemas'
/v2/control-planes/{controlPlaneId}/core-entities/plugins:
get:
operationId: list-plugin
@@ -3539,27 +3764,27 @@ paths:
parameters:
- $ref: '#/components/parameters/controlPlaneId'
get:
- operationId: list-dp-client-certificates
summary: List DP Client Certificates
- description: >-
- Returns a list of pinned dataplane client certificates that are
- associated to this control plane. A pinned dataplane certificate allows
- dataplanes configured with the certificate and corresponding private key
- to establish connection with this control plane.
responses:
'200':
$ref: '#/components/responses/ListDataPlaneCertificatesResponse'
+ operationId: list-dp-client-certificates
tags:
- DP Certificates
+ description: >-
+ Returns a list of pinned dataplane client certificates that are
+ associated to this control plane. A pinned dataplane certificate allows
+ dataplanes configured with the certificate and corresponding private key
+ to establish connection with this control plane.
post:
x-speakeasy-entity-operation: GatewayDataPlaneClientCertificate#create
- operationId: create-dataplane-certificate
summary: Pin New DP Client Certificate
description: >-
Pin a new DP Client Certificate to this control plane. A pinned
dataplane certificate allows dataplanes configured with the certificate
and corresponding private key to establish connection with this control
plane.
+ operationId: create-dataplane-certificate
requestBody:
$ref: '#/components/requestBodies/DataPlaneClientCertificateRequest'
responses:
@@ -3573,52 +3798,57 @@ paths:
- $ref: '#/components/parameters/DataPlaneCertificateId'
get:
x-speakeasy-entity-operation: GatewayDataPlaneClientCertificate#read
- operationId: get-dataplane-certificate
summary: Fetch DP Client Certificate
+ tags:
+ - DP Certificates
+ responses:
+ '200':
+ $ref: '#/components/responses/DataPlaneClientCertificateResponse'
+ operationId: get-dataplane-certificate
description: >-
Retrieve a pinned dataplane client certificate associated to this
control plane. A pinned dataplane certificate allows dataplanes
configured with the certificate and corresponding private key to
establish connection with this control plane.
- responses:
- '200':
- $ref: '#/components/responses/DataPlaneClientCertificateResponse'
- tags:
- - DP Certificates
delete:
x-speakeasy-entity-operation: GatewayDataPlaneClientCertificate#delete
- operationId: delete-dataplane-certificate
summary: Delete DP Client Certificate
- description: >-
- Remove a pinned dataplane client certificate associated to this control
- plane. Removing a pinned dataplane certificate would invalidate any
- dataplanes currently connected to this control plane using this
- certificate.
+ operationId: delete-dataplane-certificate
responses:
'204':
description: No Content
tags:
- DP Certificates
+ description: >-
+ Remove a pinned dataplane client certificate associated to this control
+ plane. Removing a pinned dataplane certificate would invalidate any
+ dataplanes currently connected to this control plane using this
+ certificate.
/v2/control-planes/{controlPlaneId}/expected-config-hash:
get:
- operationId: get-expected-config-hash
summary: Fetch Expected Config Hash
+ tags:
+ - DP Nodes
+ responses:
+ '200':
+ $ref: '#/components/responses/GetExpectedConfigHashResponse'
+ operationId: get-expected-config-hash
description: >-
Retrieve the expected config hash for this control plane. The expected
config hash can be used to verify if the config hash of a data plane
node is up to date with the control plane. The config hash will be the
same if they are in sync.
- responses:
- '200':
- $ref: '#/components/responses/GetExpectedConfigHashResponse'
- tags:
- - DP Nodes
parameters:
- $ref: '#/components/parameters/controlPlaneId'
/v2/control-planes/{controlPlaneId}/nodes:
get:
- operationId: list-dataplane-nodes
summary: List Data Plane Node Records
+ responses:
+ '200':
+ $ref: '#/components/responses/list-nodes'
+ operationId: list-dataplane-nodes
+ tags:
+ - DP Nodes
description: >-
Returns a list of data plane node records that are associated to this
control plane. A data plane node record contains metadata information
@@ -3626,24 +3856,24 @@ paths:
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageAfter'
- responses:
- '200':
- $ref: '#/components/responses/list-nodes'
- tags:
- - DP Nodes
parameters:
- $ref: '#/components/parameters/controlPlaneId'
/v2/control-planes/{controlPlaneId}/nodes/{nodeId}:
parameters:
- - name: nodeId
+ - schema:
+ type: string
+ name: nodeId
in: path
required: true
- schema:
- type: string
- $ref: '#/components/parameters/controlPlaneId'
get:
- operationId: get-nodes-node_id
summary: Fetch Data Plane Node Record
+ responses:
+ '200':
+ $ref: '#/components/responses/get-node'
+ operationId: get-nodes-node_id
+ tags:
+ - DP Nodes
description: >-
Retrieve a specific data plane node record associated to this control
plane. A data plane node record contains all the metadata information of
@@ -3651,27 +3881,27 @@ paths:
parameters:
- $ref: '#/components/parameters/pagination-size'
- $ref: '#/components/parameters/pagination-tags-filter'
- responses:
- '200':
- $ref: '#/components/responses/get-node'
- tags:
- - DP Nodes
delete:
- operationId: delete-nodes-node_id
summary: Delete Data Plane Node Record
- description: >-
- Remove a specific data plane node record associated to this control
- plane. Deleting this record does not prevent the data plane node from
- re-connecting to the control plane.
+ operationId: delete-nodes-node_id
responses:
'204':
description: No Content
tags:
- DP Nodes
+ description: >-
+ Remove a specific data plane node record associated to this control
+ plane. Deleting this record does not prevent the data plane node from
+ re-connecting to the control plane.
/v2/control-planes/{controlPlaneId}/nodes/eol:
get:
- operationId: get-nodes-eol
summary: List End-of-Life Data Plane Node Records
+ responses:
+ '200':
+ $ref: '#/components/responses/list-nodes-eol'
+ operationId: get-nodes-eol
+ tags:
+ - DP Nodes
description: >-
Returns a list of records of data plane nodes, whose versions are
approaching End of Full Support/End of Life, that are associated with
@@ -3681,28 +3911,21 @@ paths:
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageAfter'
- responses:
- '200':
- $ref: '#/components/responses/list-nodes-eol'
- tags:
- - DP Nodes
parameters:
- $ref: '#/components/parameters/controlPlaneId'
/v2/control-planes/{id}:
parameters:
- - name: id
- in: path
- description: The control plane ID
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: d32d905a-ed33-46a3-a093-d8f536af9a8a
+ name: id
+ in: path
+ required: true
+ description: The control plane ID
get:
x-speakeasy-entity-operation: GatewayControlPlane#read
- operationId: get-control-plane
summary: Fetch Control Plane
- description: Returns information about an individual control plane.
responses:
'200':
$ref: '#/components/responses/RetrieveControlPlaneResponse'
@@ -3716,19 +3939,14 @@ paths:
$ref: '#/components/responses/ControlPlaneNotFound'
'503':
$ref: '#/components/responses/ServiceUnavailable'
+ operationId: get-control-plane
+ description: Returns information about an individual control plane.
tags:
- Control Planes
patch:
x-speakeasy-entity-operation: GatewayControlPlane#update
- operationId: update-control-plane
summary: Update Control Plane
- description: Update an individual control plane.
- requestBody:
- required: true
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/UpdateControlPlaneRequest'
+ operationId: update-control-plane
responses:
'200':
$ref: '#/components/responses/UpdateControlPlaneResponse'
@@ -3744,13 +3962,19 @@ paths:
$ref: '#/components/responses/InternalServerError'
'503':
$ref: '#/components/responses/ServiceUnavailable'
+ description: Update an individual control plane.
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UpdateControlPlaneRequest'
tags:
- Control Planes
delete:
x-speakeasy-entity-operation: GatewayControlPlane#delete
- operationId: delete-control-plane
summary: Delete Control Plane
- description: Delete an individual control plane.
+ operationId: delete-control-plane
responses:
'204':
description: No Content
@@ -3766,19 +3990,22 @@ paths:
$ref: '#/components/responses/InternalServerError'
'503':
$ref: '#/components/responses/ServiceUnavailable'
+ description: Delete an individual control plane.
tags:
- Control Planes
/v2/control-planes/{id}/group-member-status:
parameters:
- - name: id
+ - schema:
+ type: string
+ name: id
in: path
- description: ID of a control plane
required: true
- schema:
- type: string
+ description: ID of a control plane
get:
- operationId: get-control-planes-id-group-member-status
summary: Control Plane Group Member Status
+ operationId: get-control-planes-id-group-member-status
+ tags:
+ - Control Plane Groups
description: Determines the group membership status of a control plane.
responses:
'200':
@@ -3793,25 +4020,18 @@ paths:
$ref: '#/components/responses/NotFound'
'503':
$ref: '#/components/responses/ServiceUnavailable'
- tags:
- - Control Plane Groups
/v2/control-planes/{id}/group-memberships:
parameters:
- - name: id
+ - schema:
+ type: string
+ name: id
in: path
- description: ID of a control plane group
required: true
- schema:
- type: string
+ description: ID of a control plane group
get:
- operationId: get-control-planes-id-group-memberships
summary: List Control Plane Group Memberships
- description: >-
- Returns an array of control planes that are a member of this control
- plane group.
- parameters:
- - $ref: '#/components/parameters/PageSize'
- - $ref: '#/components/parameters/PageAfter'
+ tags:
+ - Control Plane Groups
responses:
'200':
$ref: '#/components/responses/ListGroupMemberships'
@@ -3825,14 +4045,16 @@ paths:
$ref: '#/components/responses/NotFound'
'503':
$ref: '#/components/responses/ServiceUnavailable'
- tags:
- - Control Plane Groups
+ operationId: get-control-planes-id-group-memberships
+ description: >-
+ Returns an array of control planes that are a member of this control
+ plane group.
+ parameters:
+ - $ref: '#/components/parameters/PageSize'
+ - $ref: '#/components/parameters/PageAfter'
put:
- operationId: put-control-planes-id-group-memberships
summary: Upsert Control Plane Group Members
- description: Adds one or more control planes as a member of a control plane group.
- requestBody:
- $ref: '#/components/requestBodies/GroupMembershipUpsert'
+ operationId: put-control-planes-id-group-memberships
responses:
'204':
description: No Content
@@ -3846,23 +4068,23 @@ paths:
$ref: '#/components/responses/NotFound'
'503':
$ref: '#/components/responses/ServiceUnavailable'
+ requestBody:
+ $ref: '#/components/requestBodies/GroupMembershipUpsert'
tags:
- Control Plane Groups
+ description: Adds one or more control planes as a member of a control plane group.
/v2/control-planes/{id}/group-memberships/add:
parameters:
- - name: id
+ - schema:
+ type: string
+ name: id
in: path
- description: ID of a control plane group
required: true
- schema:
- type: string
+ description: ID of a control plane group
post:
x-speakeasy-entity-operation: GatewayControlPlaneMembership#create
- operationId: post-control-planes-id-group-memberships-add
summary: Add Control Plane Group Members
- description: Adds one or more control planes as a member of a control plane group.
- requestBody:
- $ref: '#/components/requestBodies/GroupMembershipAdd'
+ operationId: post-control-planes-id-group-memberships-add
responses:
'204':
description: No Content
@@ -3876,25 +4098,30 @@ paths:
$ref: '#/components/responses/NotFound'
'503':
$ref: '#/components/responses/ServiceUnavailable'
+ requestBody:
+ $ref: '#/components/requestBodies/GroupMembershipAdd'
tags:
- Control Plane Groups
+ description: Adds one or more control planes as a member of a control plane group.
/v2/control-planes/{id}/group-memberships/remove:
parameters:
- - name: id
+ - schema:
+ type: string
+ name: id
in: path
- description: ID of a control plane group
required: true
- schema:
- type: string
+ description: ID of a control plane group
post:
x-speakeasy-entity-operation: GatewayControlPlaneMembership#delete
- operationId: post-control-planes-id-group-memberships-remove
summary: Remove Control Plane Group Members
+ operationId: post-control-planes-id-group-memberships-remove
+ requestBody:
+ $ref: '#/components/requestBodies/GroupMembershipRemove'
+ tags:
+ - Control Plane Groups
description: >-
Removes one or more control planes from the members of a control plane
group.
- requestBody:
- $ref: '#/components/requestBodies/GroupMembershipRemove'
responses:
'204':
description: No Content
@@ -3908,22 +4135,18 @@ paths:
$ref: '#/components/responses/NotFound'
'503':
$ref: '#/components/responses/ServiceUnavailable'
- tags:
- - Control Plane Groups
/v2/control-planes/{id}/group-status:
parameters:
- - name: id
+ - schema:
+ type: string
+ name: id
in: path
- description: ID of a control plane group
required: true
- schema:
- type: string
+ description: ID of a control plane group
get:
- operationId: get-control-planes-id-group-status
summary: Get Control Plane Group Status
- description: >-
- Returns the status of a control plane group, including existing
- conflicts.
+ tags:
+ - Control Plane Groups
responses:
'200':
$ref: '#/components/responses/GetGroupStatus'
@@ -3937,22 +4160,26 @@ paths:
$ref: '#/components/responses/NotFound'
'503':
$ref: '#/components/responses/ServiceUnavailable'
- tags:
- - Control Plane Groups
+ operationId: get-control-planes-id-group-status
+ description: >-
+ Returns the status of a control plane group, including existing
+ conflicts.
/v3/authenticate/{organizationLoginPath}:
get:
- operationId: authenticate-sso
summary: SSO Callback
description: Callback for authenticating via an organization's IdP
+ operationId: authenticate-sso
+ tags:
+ - Authentication
parameters:
- - name: organizationLoginPath
- in: path
+ - in: path
+ name: organizationLoginPath
description: The login path for the organization.
required: true
schema:
type: string
- - name: return_to
- in: query
+ - in: query
+ name: return_to
description: Return destination for the callback.
schema:
type: string
@@ -3965,15 +4192,15 @@ paths:
$ref: '#/components/responses/IdentityUnauthenticated'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Authentication
/v3/authentication-settings:
get:
- operationId: get-authentication-settings
summary: Get Auth Settings
description: >-
Returns authentication configuration, which determines how users can log
in and how they are assigned to teams.
+ operationId: get-authentication-settings
+ tags:
+ - Auth Settings
responses:
'200':
$ref: '#/components/responses/AuthenticationSettings'
@@ -3981,14 +4208,14 @@ paths:
$ref: '#/components/responses/IdentityUnauthenticated'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Auth Settings
patch:
- operationId: update-authentication-settings
summary: Update Auth Settings
description: Updates authentication configuration.
+ operationId: update-authentication-settings
requestBody:
$ref: '#/components/requestBodies/UpdateAuthenticationSettings'
+ tags:
+ - Auth Settings
responses:
'200':
$ref: '#/components/responses/AuthenticationSettings'
@@ -4000,13 +4227,10 @@ paths:
$ref: '#/components/responses/Unauthorized'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Auth Settings
/v3/identity-provider:
get:
- operationId: get-idp-configuration
summary: Fetch IdP Configuration
- description: Fetch the IdP configuration.
+ operationId: get-idp-configuration
responses:
'200':
$ref: '#/components/responses/IdPConfiguration'
@@ -4018,17 +4242,15 @@ paths:
$ref: '#/components/responses/IdentityPermissionDenied'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Auth Settings
+ description: Fetch the IdP configuration.
+ servers:
+ - url: https://global.api.konghq.com/
parameters: []
patch:
- operationId: update-idp-configuration
summary: Update IdP Configuration
- description: Update the IdP configuration.
- requestBody:
- $ref: '#/components/requestBodies/UpdateIdPConfiguration'
+ operationId: update-idp-configuration
responses:
'200':
$ref: '#/components/responses/IdPConfiguration'
@@ -4038,19 +4260,17 @@ paths:
$ref: '#/components/responses/IdentityUnauthenticated'
'403':
$ref: '#/components/responses/Unauthorized'
- servers:
- - url: https://global.api.konghq.com/
+ description: Update the IdP configuration.
+ requestBody:
+ $ref: '#/components/requestBodies/UpdateIdPConfiguration'
tags:
- Auth Settings
+ servers:
+ - url: https://global.api.konghq.com/
/v3/identity-provider/team-group-mappings:
get:
- operationId: get-team-group-mappings
summary: Fetch Team Group Mappings
- description: >-
- Retrieves the mappings between Konnect Teams and Identity Provider
- Groups.
-
- Returns a 400 error if an Identity Provider has not yet been configured.
+ operationId: get-team-group-mappings
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
@@ -4063,13 +4283,29 @@ paths:
$ref: '#/components/responses/IdentityUnauthenticated'
'403':
$ref: '#/components/responses/IdentityPermissionDenied'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Auth Settings
+ description: >-
+ Retrieves the mappings between Konnect Teams and Identity Provider
+ Groups.
+
+ Returns a 400 error if an Identity Provider has not yet been configured.
+ servers:
+ - url: https://global.api.konghq.com/
patch:
- operationId: patch-team-group-mappings
summary: Patch Mappings by Team ID
+ operationId: patch-team-group-mappings
+ responses:
+ '200':
+ $ref: '#/components/responses/TeamGroupMappingCollection'
+ '400':
+ $ref: '#/components/responses/IdentityBadRequest'
+ '401':
+ $ref: '#/components/responses/IdentityUnauthenticated'
+ '403':
+ $ref: '#/components/responses/IdentityPermissionDenied'
+ tags:
+ - Auth Settings
description: >-
Allows partial updates to the mappings between Konnect Teams and
Identity Provider Groups.
@@ -4087,26 +4323,12 @@ paths:
the request body is not found or is not a UUID.
requestBody:
$ref: '#/components/requestBodies/PatchTeamGroupMappings'
- responses:
- '200':
- $ref: '#/components/responses/TeamGroupMappingCollection'
- '400':
- $ref: '#/components/responses/IdentityBadRequest'
- '401':
- $ref: '#/components/responses/IdentityUnauthenticated'
- '403':
- $ref: '#/components/responses/IdentityPermissionDenied'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Auth Settings
/v3/identity-provider/team-mappings:
put:
- operationId: update-idp-team-mappings
summary: Update Team Mappings
- description: Updates the IdP group to Konnect team mapping.
- requestBody:
- $ref: '#/components/requestBodies/UpdateTeamMappings'
+ operationId: update-idp-team-mappings
responses:
'200':
$ref: '#/components/responses/TeamMappingCollection'
@@ -4118,14 +4340,16 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'412':
$ref: '#/components/responses/PreconditionFailed'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Auth Settings
+ description: Updates the IdP group to Konnect team mapping.
+ requestBody:
+ $ref: '#/components/requestBodies/UpdateTeamMappings'
+ servers:
+ - url: https://global.api.konghq.com/
get:
- operationId: get-idp-team-mappings
summary: Fetch Team Mapping
- description: Fetch the IdP group to Konnect team mapping.
+ operationId: get-idp-team-mappings
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
@@ -4140,19 +4364,20 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'412':
$ref: '#/components/responses/PreconditionFailed'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Auth Settings
+ description: Fetch the IdP group to Konnect team mapping.
+ servers:
+ - url: https://global.api.konghq.com/
/v3/invites:
post:
- operationId: invite-user
summary: Invite User
description: >-
Sends an invitation email to invite a user to the Konnect organization.
The email contains a link with a one time token to accept the
invitation. Upon accepting the invitation, the user is directed to
https://cloud.konghq.com/login to complete registration.
+ operationId: invite-user
requestBody:
$ref: '#/components/requestBodies/InviteUser'
responses:
@@ -4164,17 +4389,19 @@ paths:
$ref: '#/components/responses/IdentityConflict'
'429':
$ref: '#/components/responses/RateLimited'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Invites
+ servers:
+ - url: https://global.api.konghq.com/
/v3/organizations/impersonation:
get:
- operationId: get-impersonation-settings
summary: Get Impersonation Settings
description: >-
Returns Impersonation Settings, which determines if user impersonation
is allowed for an organization.
+ operationId: get-impersonation-settings
+ tags:
+ - Impersonation Settings
responses:
'200':
$ref: '#/components/responses/GetImpersonationSettingsResponse'
@@ -4184,14 +4411,14 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Impersonation Settings
patch:
- operationId: update-impersonation-settings
summary: Update Impersonation Settings
description: Updates Impersonation Settings.
+ operationId: update-impersonation-settings
requestBody:
$ref: '#/components/requestBodies/UpdateImpersonationSettingsRequest'
+ tags:
+ - Impersonation Settings
responses:
'200':
$ref: '#/components/responses/UpdateImpersonationSettingsResponse'
@@ -4205,29 +4432,27 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Impersonation Settings
/v3/organizations/me:
get:
- operationId: get-organizations-me
summary: Retrieve My Organization
- description: >-
- Returns the organization of the user identified in the token of the
- request.
+ tags:
+ - Me
responses:
'200':
$ref: '#/components/responses/MeOrganization'
'401':
$ref: '#/components/responses/IdentityUnauthenticated'
+ operationId: get-organizations-me
+ description: >-
+ Returns the organization of the user identified in the token of the
+ request.
servers:
- url: https://global.api.konghq.com/
- tags:
- - Me
/v3/roles:
get:
- operationId: get-predefined-roles
summary: Get Predefined Roles
description: Retrieves the predefined, or system managed, roles.
+ operationId: get-predefined-roles
responses:
'200':
$ref: '#/components/responses/Roles'
@@ -4235,25 +4460,32 @@ paths:
$ref: '#/components/responses/IdentityBadRequest'
'401':
$ref: '#/components/responses/IdentityUnauthenticated'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Roles
+ servers:
+ - url: https://global.api.konghq.com/
/v3/system-accounts:
get:
- operationId: get-system-accounts
summary: List System Accounts
+ tags:
+ - System Accounts
+ responses:
+ '200':
+ $ref: '#/components/responses/SystemAccountCollection'
+ '400':
+ $ref: '#/components/responses/IdentityBadRequest'
+ '401':
+ $ref: '#/components/responses/IdentityUnauthenticated'
+ '403':
+ $ref: '#/components/responses/Unauthorized'
+ operationId: get-system-accounts
description: >-
Returns an array of system accounts (SA) in the organization. Returns
400 if any filter parameters are invalid.
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter system accounts returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
name:
@@ -4262,24 +4494,19 @@ paths:
$ref: '#/components/schemas/StringFieldFilter'
konnect_managed:
$ref: '#/components/schemas/BooleanFieldFilter'
+ in: query
+ name: filter
+ description: Filter system accounts returned in the response.
+ required: false
style: deepObject
- responses:
- '200':
- $ref: '#/components/responses/SystemAccountCollection'
- '400':
- $ref: '#/components/responses/IdentityBadRequest'
- '401':
- $ref: '#/components/responses/IdentityUnauthenticated'
- '403':
- $ref: '#/components/responses/Unauthorized'
servers:
- url: https://global.api.konghq.com/
- tags:
- - System Accounts
post:
x-speakeasy-entity-operation: SystemAccount#create
- operationId: post-system-accounts
summary: Create System Account
+ operationId: post-system-accounts
+ tags:
+ - System Accounts
description: >-
Creates a system account. Returns a 409 if a system account with the
same name already exists.
@@ -4296,16 +4523,12 @@ paths:
$ref: '#/components/responses/IdentityConflict'
servers:
- url: https://global.api.konghq.com/
- tags:
- - System Accounts
/v3/system-accounts/{accountId}:
get:
x-speakeasy-entity-operation: SystemAccount#read
- operationId: get-system-accounts-id
summary: Fetch System Account
- description: >-
- Returns the system account (SA) for the SA ID specified as a path
- parameter.
+ tags:
+ - System Accounts
responses:
'200':
$ref: '#/components/responses/SystemAccountSingle'
@@ -4315,27 +4538,24 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
+ operationId: get-system-accounts-id
+ description: >-
+ Returns the system account (SA) for the SA ID specified as a path
+ parameter.
servers:
- url: https://global.api.konghq.com/
- tags:
- - System Accounts
parameters:
- - name: accountId
+ - schema:
+ type: string
+ name: accountId
in: path
- description: ID of the system account.
required: true
- schema:
- type: string
+ description: ID of the system account.
x-speakeasy-match: id
patch:
x-speakeasy-entity-operation: SystemAccount#update
- operationId: patch-system-accounts-id
summary: Update System Account
- description: >-
- Updates the specified system account. Returns a 409 if the updated name
- is the same as another system account in the organization.
- requestBody:
- $ref: '#/components/requestBodies/UpdateSystemAccount'
+ operationId: patch-system-accounts-id
responses:
'200':
$ref: '#/components/responses/SystemAccountSingle'
@@ -4347,17 +4567,19 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Updates the specified system account. Returns a 409 if the updated name
+ is the same as another system account in the organization.
tags:
- System Accounts
+ requestBody:
+ $ref: '#/components/requestBodies/UpdateSystemAccount'
+ servers:
+ - url: https://global.api.konghq.com/
delete:
x-speakeasy-entity-operation: SystemAccount#delete
- operationId: delete-system-accounts-id
summary: Delete System Account
- description: >-
- Deletes the specified system account. Returns 404 if the requested
- account was not found.
+ operationId: delete-system-accounts-id
responses:
'204':
description: No Content
@@ -4367,30 +4589,18 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Deletes the specified system account. Returns 404 if the requested
+ account was not found.
tags:
- System Accounts
+ servers:
+ - url: https://global.api.konghq.com/
/v3/system-accounts/{accountId}/access-tokens:
get:
- operationId: get-system-account-id-access-tokens
summary: List System Account Access Tokens
- description: >-
- Returns the access tokens for the specified system account. Returns 400
- if any filter parameters are invalid.
- parameters:
- - $ref: '#/components/parameters/PageSize'
- - $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter access tokens returned in the response.
- required: false
- schema:
- type: object
- properties:
- name:
- $ref: '#/components/schemas/StringFieldFilter'
- style: deepObject
+ tags:
+ - System Accounts - Access Tokens
responses:
'200':
$ref: '#/components/responses/SystemAccountAccessTokenCollection'
@@ -4402,28 +4612,36 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
- tags:
- - System Accounts - Access Tokens
- parameters:
- - name: accountId
- in: path
- description: ID of the system account.
- required: true
- schema:
+ operationId: get-system-account-id-access-tokens
+ description: >-
+ Returns the access tokens for the specified system account. Returns 400
+ if any filter parameters are invalid.
+ parameters:
+ - $ref: '#/components/parameters/PageSize'
+ - $ref: '#/components/parameters/PageNumber'
+ - schema:
+ type: object
+ properties:
+ name:
+ $ref: '#/components/schemas/StringFieldFilter'
+ in: query
+ name: filter
+ description: Filter access tokens returned in the response.
+ required: false
+ style: deepObject
+ servers:
+ - url: https://global.api.konghq.com/
+ parameters:
+ - schema:
type: string
+ name: accountId
+ in: path
+ required: true
+ description: ID of the system account.
post:
x-speakeasy-entity-operation: SystemAccountAccessToken#create
- operationId: post-system-accounts-id-access-tokens
summary: Create System Account Access Token
- description: >-
- Creates an access token for the specified system account (SA). The
- access token can be used for authenticating API and CLI requests. The
- token will only be displayed once on creation. Returns a 409 if the
- system account already has a token with the same name.
- requestBody:
- $ref: '#/components/requestBodies/CreateSystemAccountAccessToken'
+ operationId: post-system-accounts-id-access-tokens
responses:
'201':
$ref: '#/components/responses/SystemAccountAccessTokenCreated'
@@ -4435,19 +4653,21 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Creates an access token for the specified system account (SA). The
+ access token can be used for authenticating API and CLI requests. The
+ token will only be displayed once on creation. Returns a 409 if the
+ system account already has a token with the same name.
+ requestBody:
+ $ref: '#/components/requestBodies/CreateSystemAccountAccessToken'
tags:
- System Accounts - Access Tokens
+ servers:
+ - url: https://global.api.konghq.com/
/v3/system-accounts/{accountId}/access-tokens/{tokenId}:
get:
x-speakeasy-entity-operation: SystemAccountAccessToken#read
- operationId: get-system-accounts-id-access-tokens-id
summary: Fetch System Account Access Token
- description: >-
- Returns the system account (SA) access token for the SA Access Token ID
- specified as a path parameter.
- parameters: []
responses:
'200':
$ref: '#/components/responses/SystemAccountAccessTokenSingle'
@@ -4457,33 +4677,33 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ operationId: get-system-accounts-id-access-tokens-id
+ description: >-
+ Returns the system account (SA) access token for the SA Access Token ID
+ specified as a path parameter.
+ parameters: []
tags:
- System Accounts - Access Tokens
+ servers:
+ - url: https://global.api.konghq.com/
parameters:
- - name: accountId
+ - schema:
+ type: string
+ name: accountId
in: path
- description: ID of the system account.
required: true
- schema:
+ description: ID of the system account.
+ - schema:
type: string
- - name: tokenId
+ name: tokenId
in: path
- description: ID of the system account access token.
required: true
- schema:
- type: string
+ description: ID of the system account access token.
x-speakeasy-match: id
patch:
x-speakeasy-entity-operation: SystemAccountAccessToken#update
- operationId: patch-system-accounts-id-access-tokens-id
summary: Update System Account Access Token
- description: >-
- Updates the specified access token. Returns a 409 if the updated name is
- the same as another token belonging to the specified system user.
- requestBody:
- $ref: '#/components/requestBodies/UpdateSystemAccountAccessToken'
+ operationId: patch-system-accounts-id-access-tokens-id
responses:
'200':
$ref: '#/components/responses/SystemAccountAccessTokenSingle'
@@ -4495,15 +4715,19 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Updates the specified access token. Returns a 409 if the updated name is
+ the same as another token belonging to the specified system user.
+ requestBody:
+ $ref: '#/components/requestBodies/UpdateSystemAccountAccessToken'
tags:
- System Accounts - Access Tokens
+ servers:
+ - url: https://global.api.konghq.com/
delete:
x-speakeasy-entity-operation: SystemAccountAccessToken#delete
- operationId: delete-system-accounts-id-access-tokens-id
summary: Delete System Account Access Token
- description: Deletes the specified token. Returns 404 if the token was not found.
+ operationId: delete-system-accounts-id-access-tokens-id
responses:
'204':
description: No Content
@@ -4513,37 +4737,21 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: Deletes the specified token. Returns 404 if the token was not found.
tags:
- System Accounts - Access Tokens
+ servers:
+ - url: https://global.api.konghq.com/
/v3/system-accounts/{accountId}/assigned-roles:
parameters:
- - name: accountId
+ - schema:
+ type: string
+ name: accountId
in: path
- description: ID of the system account.
required: true
- schema:
- type: string
+ description: ID of the system account.
get:
- operationId: get-system-accounts-accountId-assigned-roles
summary: Fetch Assigned Roles for System Account
- description: >-
- Lists the roles belonging to a system account. Returns 400 if any filter
- parameters are invalid.
- parameters:
- - name: filter
- in: query
- description: Filter roles returned in the response.
- required: false
- schema:
- type: object
- properties:
- role_name:
- $ref: '#/components/schemas/StringFieldEqualsFilter'
- entity_type_name:
- $ref: '#/components/schemas/StringFieldEqualsFilter'
- style: deepObject
responses:
'200':
$ref: '#/components/responses/AssignedRoleCollection'
@@ -4555,19 +4763,31 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ operationId: get-system-accounts-accountId-assigned-roles
+ description: >-
+ Lists the roles belonging to a system account. Returns 400 if any filter
+ parameters are invalid.
+ parameters:
+ - schema:
+ type: object
+ properties:
+ role_name:
+ $ref: '#/components/schemas/StringFieldEqualsFilter'
+ entity_type_name:
+ $ref: '#/components/schemas/StringFieldEqualsFilter'
+ in: query
+ name: filter
+ description: Filter roles returned in the response.
+ required: false
+ style: deepObject
tags:
- System Accounts - Roles
+ servers:
+ - url: https://global.api.konghq.com/
post:
x-speakeasy-entity-operation: SystemAccountRole#create
- operationId: post-system-accounts-accountId-assigned-roles
summary: Create Assigned Role for System Account
- description: >-
- Assigns a role to a system account. Returns 409 if role is already
- assigned.
- requestBody:
- $ref: '#/components/requestBodies/AssignRole'
+ operationId: post-system-accounts-accountId-assigned-roles
responses:
'201':
$ref: '#/components/responses/AssignedRoleSingle'
@@ -4579,32 +4799,34 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Assigns a role to a system account. Returns 409 if role is already
+ assigned.
+ requestBody:
+ $ref: '#/components/requestBodies/AssignRole'
tags:
- System Accounts - Roles
+ servers:
+ - url: https://global.api.konghq.com/
/v3/system-accounts/{accountId}/assigned-roles/{roleId}:
parameters:
- - name: accountId
+ - schema:
+ type: string
+ name: accountId
in: path
- description: ID of the system account.
required: true
- schema:
+ description: ID of the system account.
+ - schema:
type: string
- - name: roleId
+ name: roleId
in: path
- description: ID of the role.
required: true
- schema:
- type: string
+ description: ID of the role.
x-speakeasy-match: id
delete:
x-speakeasy-entity-operation: SystemAccountRole#delete
- operationId: delete-system-accounts-accountId-assigned-roles-roleId
summary: Delete Assigned Role from System Account
- description: >-
- Removes an assigned role from a system account. Returns 404 if the
- system account or assigned role were not found.
+ operationId: delete-system-accounts-accountId-assigned-roles-roleId
responses:
'204':
description: No Content
@@ -4614,87 +4836,87 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Removes an assigned role from a system account. Returns 404 if the
+ system account or assigned role were not found.
tags:
- System Accounts - Roles
+ servers:
+ - url: https://global.api.konghq.com/
/v3/system-accounts/{accountId}/teams:
parameters:
- - name: accountId
+ - schema:
+ type: string
+ name: accountId
in: path
- description: ID of the system account.
required: true
- schema:
- type: string
+ description: ID of the system account.
get:
- operationId: get-system-accounts-accountId-teams
summary: List Teams for a System Account
+ responses:
+ '200':
+ $ref: '#/components/responses/TeamCollection'
+ '401':
+ $ref: '#/components/responses/IdentityUnauthenticated'
+ '403':
+ $ref: '#/components/responses/Unauthorized'
+ '404':
+ $ref: '#/components/responses/IdentityNotFound'
+ operationId: get-system-accounts-accountId-teams
description: Returns a paginated list of a teams that the system account belongs to.
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter teams returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
name:
$ref: '#/components/schemas/StringFieldFilter'
+ in: query
+ name: filter
+ description: Filter teams returned in the response.
+ required: false
style: deepObject
+ tags:
+ - System Accounts - Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
+ /v3/teams:
+ get:
+ summary: List Teams
responses:
'200':
$ref: '#/components/responses/TeamCollection'
- '401':
- $ref: '#/components/responses/IdentityUnauthenticated'
- '403':
- $ref: '#/components/responses/Unauthorized'
+ '400':
+ $ref: '#/components/responses/IdentityBadRequest'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
- tags:
- - System Accounts - Team Membership
- /v3/teams:
- get:
operationId: list-teams
- summary: List Teams
description: >-
Returns an array of team objects containing information about the
Konnect Teams.
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter teams returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
name:
$ref: '#/components/schemas/StringFieldFilter'
+ in: query
+ name: filter
+ description: Filter teams returned in the response.
+ required: false
style: deepObject
- responses:
- '200':
- $ref: '#/components/responses/TeamCollection'
- '400':
- $ref: '#/components/responses/IdentityBadRequest'
- '404':
- $ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Teams
+ servers:
+ - url: https://global.api.konghq.com/
parameters: []
post:
x-speakeasy-entity-operation: Team#create
- operationId: create-team
summary: Create Team
- description: 'Creates a team in the Konnect Organization. '
- requestBody:
- $ref: '#/components/requestBodies/CreateTeam'
+ operationId: create-team
responses:
'201':
$ref: '#/components/responses/TeamSingle'
@@ -4702,26 +4924,27 @@ paths:
$ref: '#/components/responses/IdentityBadRequest'
'403':
$ref: '#/components/responses/IdentityPermissionDenied'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Teams
+ requestBody:
+ $ref: '#/components/requestBodies/CreateTeam'
+ description: 'Creates a team in the Konnect Organization. '
+ servers:
+ - url: https://global.api.konghq.com/
/v3/teams/{teamId}:
parameters:
- - name: teamId
- in: path
- description: The team ID
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: d32d905a-ed33-46a3-a093-d8f536af9a8a
+ name: teamId
+ in: path
+ required: true
+ description: The team ID
x-speakeasy-match: id
get:
x-speakeasy-entity-operation: Team#read
- operationId: get-team
summary: Fetch Team
- description: Returns information about a team from a given team ID.
responses:
'200':
$ref: '#/components/responses/TeamSingle'
@@ -4729,17 +4952,16 @@ paths:
$ref: '#/components/responses/IdentityBadRequest'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ operationId: get-team
+ description: Returns information about a team from a given team ID.
tags:
- Teams
+ servers:
+ - url: https://global.api.konghq.com/
patch:
x-speakeasy-entity-operation: Team#update
- operationId: update-team
summary: Update Team
- description: Updates an individual team.
- requestBody:
- $ref: '#/components/requestBodies/UpdateTeam'
+ operationId: update-team
responses:
'200':
$ref: '#/components/responses/TeamSingle'
@@ -4747,15 +4969,17 @@ paths:
$ref: '#/components/responses/IdentityBadRequest'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: Updates an individual team.
+ requestBody:
+ $ref: '#/components/requestBodies/UpdateTeam'
tags:
- Teams
+ servers:
+ - url: https://global.api.konghq.com/
delete:
x-speakeasy-entity-operation: Team#delete
- operationId: delete-team
summary: Delete Team
- description: Deletes an individual team. Returns 404 if the team is not found.
+ operationId: delete-team
responses:
'204':
description: No Content
@@ -4763,39 +4987,25 @@ paths:
$ref: '#/components/responses/IdentityBadRequest'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: Deletes an individual team. Returns 404 if the team is not found.
tags:
- Teams
+ servers:
+ - url: https://global.api.konghq.com/
/v3/teams/{teamId}/assigned-roles:
parameters:
- - name: teamId
- in: path
- description: The team ID
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: e81bc3e5-e9db-4764-b7dd-e81e39072cbe
+ name: teamId
+ in: path
+ required: true
+ description: The team ID
get:
- operationId: list-team-roles
summary: List Team Roles
- description: >-
- Lists the roles belonging to a team. Returns 400 if any filter
- parameters are invalid.
- parameters:
- - name: filter
- in: query
- description: Filter roles returned in the response.
- required: false
- schema:
- type: object
- properties:
- role_name:
- $ref: '#/components/schemas/StringFieldEqualsFilter'
- entity_type_name:
- $ref: '#/components/schemas/StringFieldEqualsFilter'
- style: deepObject
+ tags:
+ - Roles
responses:
'200':
$ref: '#/components/responses/AssignedRoleCollection'
@@ -4807,17 +5017,29 @@ paths:
$ref: '#/components/responses/IdentityPermissionDenied'
'404':
$ref: '#/components/responses/IdentityNotFound'
+ operationId: list-team-roles
+ description: >-
+ Lists the roles belonging to a team. Returns 400 if any filter
+ parameters are invalid.
+ parameters:
+ - schema:
+ type: object
+ properties:
+ role_name:
+ $ref: '#/components/schemas/StringFieldEqualsFilter'
+ entity_type_name:
+ $ref: '#/components/schemas/StringFieldEqualsFilter'
+ in: query
+ name: filter
+ description: Filter roles returned in the response.
+ required: false
+ style: deepObject
servers:
- url: https://global.api.konghq.com/
- tags:
- - Roles
post:
x-speakeasy-entity-operation: TeamRole#create
- operationId: teams-assign-role
summary: Assign Team Role
- description: Assigns a role to a team. Returns 409 if role is already assigned.
- requestBody:
- $ref: '#/components/requestBodies/AssignRole'
+ operationId: teams-assign-role
responses:
'201':
$ref: '#/components/responses/AssignedRoleSingle'
@@ -4831,36 +5053,36 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: Assigns a role to a team. Returns 409 if role is already assigned.
+ requestBody:
+ $ref: '#/components/requestBodies/AssignRole'
tags:
- Roles
+ servers:
+ - url: https://global.api.konghq.com/
/v3/teams/{teamId}/assigned-roles/{roleId}:
parameters:
- - name: teamId
- in: path
- description: The team ID.
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: e81bc3e5-e9db-4764-b7dd-e81e39072cbe
- - name: roleId
+ name: teamId
in: path
- description: The role ID.
required: true
- schema:
+ description: The team ID.
+ - schema:
type: string
- format: uuid
example: 8350205f-a305-4e39-abe9-bc082a80091a
+ format: uuid
+ name: roleId
+ in: path
+ required: true
+ description: The role ID.
x-speakeasy-match: id
delete:
x-speakeasy-entity-operation: TeamRole#delete
- operationId: teams-remove-role
summary: Remove Team Role
- description: >-
- Removes an assigned role from a team. Returns 404 if the requested team
- or assigned role were not found.
+ operationId: teams-remove-role
responses:
'204':
description: No Content
@@ -4872,59 +5094,57 @@ paths:
$ref: '#/components/responses/IdentityPermissionDenied'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Roles
+ description: >-
+ Removes an assigned role from a team. Returns 404 if the requested team
+ or assigned role were not found.
+ servers:
+ - url: https://global.api.konghq.com/
/v3/teams/{teamId}/system-accounts:
parameters:
- - name: teamId
+ - schema:
+ type: string
+ name: teamId
in: path
- description: ID of the team.
required: true
- schema:
- type: string
+ description: ID of the team.
get:
- operationId: get-teams-teamId-system-accounts
summary: List System Accounts on a Team
+ responses:
+ '200':
+ $ref: '#/components/responses/SystemAccountCollection'
+ '401':
+ $ref: '#/components/responses/IdentityUnauthenticated'
+ '403':
+ $ref: '#/components/responses/Unauthorized'
+ '404':
+ $ref: '#/components/responses/IdentityNotFound'
+ operationId: get-teams-teamId-system-accounts
description: >-
Returns a paginated list of system accounts that belong to the team
specified in the path parameter.
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter system accounts returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
name:
$ref: '#/components/schemas/StringFieldFilter'
+ in: query
+ name: filter
+ description: Filter system accounts returned in the response.
+ required: false
style: deepObject
- responses:
- '200':
- $ref: '#/components/responses/SystemAccountCollection'
- '401':
- $ref: '#/components/responses/IdentityUnauthenticated'
- '403':
- $ref: '#/components/responses/Unauthorized'
- '404':
- $ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
tags:
- System Accounts - Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
post:
x-speakeasy-entity-operation: SystemAccountTeam#create
- operationId: post-teams-teamId-system-accounts
summary: Add System Account to a Team
- description: >-
- Adds a system account to a team. Returns a 409 if the system account is
- already a member of the team.
- requestBody:
- $ref: '#/components/requestBodies/AddSystemAccountToTeam'
+ operationId: post-teams-teamId-system-accounts
responses:
'201':
description: Created
@@ -4936,31 +5156,33 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Adds a system account to a team. Returns a 409 if the system account is
+ already a member of the team.
+ requestBody:
+ $ref: '#/components/requestBodies/AddSystemAccountToTeam'
tags:
- System Accounts - Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
/v3/teams/{teamId}/system-accounts/{accountId}:
parameters:
- - name: teamId
+ - schema:
+ type: string
+ name: teamId
in: path
- description: ID of the team.
required: true
- schema:
+ description: ID of the team.
+ - schema:
type: string
- - name: accountId
+ name: accountId
in: path
- description: ID of the system account.
required: true
- schema:
- type: string
+ description: ID of the system account.
delete:
x-speakeasy-entity-operation: SystemAccountTeam#delete
- operationId: delete-teams-teamId-system-accounts-accountId
summary: Remove System Account From Team
- description: >-
- Removes a system account from a team. Returns 404 if the team or system
- account were not found.
+ operationId: delete-teams-teamId-system-accounts-accountId
responses:
'204':
description: No Content
@@ -4970,34 +5192,40 @@ paths:
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Removes a system account from a team. Returns 404 if the team or system
+ account were not found.
tags:
- System Accounts - Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
/v3/teams/{teamId}/users:
parameters:
- - name: teamId
- in: path
- description: ID of the team.
- required: true
- schema:
+ - schema:
type: string
- format: uuid
example: d32d905a-ed33-46a3-a093-d8f536af9a8a
+ format: uuid
+ name: teamId
+ in: path
+ required: true
+ description: ID of the team.
get:
- operationId: list-team-users
summary: List Team Users
+ responses:
+ '200':
+ $ref: '#/components/responses/UserCollection'
+ '400':
+ $ref: '#/components/responses/IdentityBadRequest'
+ '404':
+ $ref: '#/components/responses/IdentityNotFound'
+ operationId: list-team-users
description: >-
Returns a paginated list of users that belong to the team specified in
the path parameter.
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter users returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
id:
@@ -5008,25 +5236,19 @@ paths:
$ref: '#/components/schemas/StringFieldFilter'
active:
$ref: '#/components/schemas/BooleanFieldFilter'
+ in: query
+ name: filter
+ description: Filter users returned in the response.
+ required: false
style: deepObject
- responses:
- '200':
- $ref: '#/components/responses/UserCollection'
- '400':
- $ref: '#/components/responses/IdentityBadRequest'
- '404':
- $ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
post:
x-speakeasy-entity-operation: TeamUser#create
- operationId: add-user-to-team
summary: Add User
- description: Adds a user to a team.
- requestBody:
- $ref: '#/components/requestBodies/AddUserToTeam'
+ operationId: add-user-to-team
responses:
'201':
description: Created
@@ -5036,37 +5258,35 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: Adds a user to a team.
+ requestBody:
+ $ref: '#/components/requestBodies/AddUserToTeam'
tags:
- Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
/v3/teams/{teamId}/users/{userId}:
parameters:
- - name: userId
- in: path
- description: User ID
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: d32d905a-ed33-46a3-a093-d8f536af9a8a
- - name: teamId
+ name: userId
in: path
- description: Team ID.
required: true
- schema:
+ description: User ID
+ - schema:
type: string
- format: uuid
example: d32d905a-ed33-46a3-a093-d8f536af9a8a
+ format: uuid
+ name: teamId
+ in: path
+ required: true
+ description: Team ID.
delete:
x-speakeasy-entity-operation: TeamUser#delete
- operationId: remove-user-from-team
summary: Remove User
- description: >-
- Removes a user from a team.
-
- If the user was removed, returns a 204 empty response. Returns 404 if
- the user or team were not found.
+ operationId: remove-user-from-team
responses:
'204':
description: No Content
@@ -5074,23 +5294,31 @@ paths:
$ref: '#/components/responses/IdentityBadRequest'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Removes a user from a team.
+
+ If the user was removed, returns a 204 empty response. Returns 404 if
+ the user or team were not found.
tags:
- Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
/v3/users:
get:
- operationId: list-users
summary: List Users
+ tags:
+ - Users
+ responses:
+ '200':
+ $ref: '#/components/responses/UserCollection'
+ '400':
+ $ref: '#/components/responses/IdentityBadRequest'
+ operationId: list-users
description: Returns a paginated list of user objects.
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter users returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
id:
@@ -5101,30 +5329,27 @@ paths:
$ref: '#/components/schemas/StringFieldFilter'
active:
$ref: '#/components/schemas/BooleanFieldFilter'
+ in: query
+ name: filter
+ description: Filter users returned in the response.
+ required: false
style: deepObject
- responses:
- '200':
- $ref: '#/components/responses/UserCollection'
- '400':
- $ref: '#/components/responses/IdentityBadRequest'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Users
/v3/users/{userId}:
parameters:
- - name: userId
- in: path
- description: The ID of the user being deleted.
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: d32d905a-ed33-46a3-a093-d8f536af9a8a
+ name: userId
+ in: path
+ required: true
+ description: The ID of the user being deleted.
get:
- operationId: get-user
summary: Fetch User
- description: Returns the user object for the user ID specified as a path parameter.
+ tags:
+ - Users
responses:
'200':
$ref: '#/components/responses/UserSingle'
@@ -5132,16 +5357,13 @@ paths:
$ref: '#/components/responses/IdentityBadRequest'
'404':
$ref: '#/components/responses/IdentityNotFound'
+ operationId: get-user
+ description: Returns the user object for the user ID specified as a path parameter.
servers:
- url: https://global.api.konghq.com/
- tags:
- - Users
patch:
- operationId: update-user
summary: Update User
- description: Update an individual user.
- requestBody:
- $ref: '#/components/requestBodies/UpdateUser'
+ operationId: update-user
responses:
'200':
$ref: '#/components/responses/UserSingle'
@@ -5151,71 +5373,71 @@ paths:
$ref: '#/components/responses/IdentityPermissionDenied'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: Update an individual user.
+ requestBody:
+ $ref: '#/components/requestBodies/UpdateUser'
tags:
- Users
+ servers:
+ - url: https://global.api.konghq.com/
delete:
- operationId: delete-user
summary: Delete User
- description: >-
- Deletes an individual user. Returns 404 if the requested user was not
- found.
+ operationId: delete-user
responses:
'204':
description: No Content
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
+ description: >-
+ Deletes an individual user. Returns 404 if the requested user was not
+ found.
tags:
- Users
+ servers:
+ - url: https://global.api.konghq.com/
/v3/users/{userId}/assigned-roles:
parameters:
- - name: userId
- in: path
- description: The user ID
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: e81bc3e5-e9db-4764-b7dd-e81e39072cbe
+ name: userId
+ in: path
+ required: true
+ description: The user ID
get:
- operationId: list-user-roles
summary: List User Roles
+ tags:
+ - Roles
+ responses:
+ '200':
+ $ref: '#/components/responses/AssignedRoleCollection'
+ '400':
+ $ref: '#/components/responses/IdentityBadRequest'
+ '404':
+ $ref: '#/components/responses/IdentityNotFound'
+ operationId: list-user-roles
description: >-
Lists the roles assigned to a user. Returns 400 if any filter
parameters are invalid.
parameters:
- - name: filter
- in: query
- description: Filter roles returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
role_name:
$ref: '#/components/schemas/StringFieldEqualsFilter'
entity_type_name:
$ref: '#/components/schemas/StringFieldEqualsFilter'
+ in: query
+ name: filter
+ description: Filter roles returned in the response.
+ required: false
style: deepObject
- responses:
- '200':
- $ref: '#/components/responses/AssignedRoleCollection'
- '400':
- $ref: '#/components/responses/IdentityBadRequest'
- '404':
- $ref: '#/components/responses/IdentityNotFound'
servers:
- url: https://global.api.konghq.com/
- tags:
- - Roles
post:
- operationId: users-assign-role
summary: Assign Role
- description: Assigns a role to a user. Returns 409 if role is already assigned.
- requestBody:
- $ref: '#/components/requestBodies/AssignRole'
+ operationId: users-assign-role
responses:
'201':
$ref: '#/components/responses/AssignedRoleSingle'
@@ -5229,34 +5451,34 @@ paths:
$ref: '#/components/responses/IdentityNotFound'
'409':
$ref: '#/components/responses/IdentityConflict'
- servers:
- - url: https://global.api.konghq.com/
+ description: Assigns a role to a user. Returns 409 if role is already assigned.
+ requestBody:
+ $ref: '#/components/requestBodies/AssignRole'
tags:
- Roles
+ servers:
+ - url: https://global.api.konghq.com/
/v3/users/{userId}/assigned-roles/{roleId}:
parameters:
- - name: userId
- in: path
- description: ID of the user.
- required: true
- schema:
+ - schema:
type: string
format: uuid
example: e81bc3e5-e9db-4764-b7dd-e81e39072cbe
- - name: roleId
+ name: userId
in: path
- description: ID of the role.
required: true
- schema:
+ description: ID of the user.
+ - schema:
type: string
- format: uuid
example: 8350205f-a305-4e39-abe9-bc082a80091a
+ format: uuid
+ name: roleId
+ in: path
+ required: true
+ description: ID of the role.
delete:
- operationId: users-remove-role
summary: Remove Role
- description: >-
- Removes an assigned role from a user. Returns 404 if the requested user
- or assigned role were not found.
+ operationId: users-remove-role
responses:
'204':
description: No Content
@@ -5266,130 +5488,70 @@ paths:
$ref: '#/components/responses/IdentityUnauthenticated'
'404':
$ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Roles
+ description: >-
+ Removes an assigned role from a user. Returns 404 if the requested user
+ or assigned role were not found.
+ servers:
+ - url: https://global.api.konghq.com/
/v3/users/{userId}/teams:
parameters:
- - name: userId
- in: path
- description: The user ID.
- required: true
- schema:
+ - schema:
type: string
- format: uuid
example: d32d905a-ed33-46a3-a093-d8f536af9a8a
+ format: uuid
+ name: userId
+ in: path
+ required: true
+ description: The user ID.
get:
- operationId: list-user-teams
summary: List User Teams
+ responses:
+ '200':
+ $ref: '#/components/responses/TeamCollection'
+ '404':
+ $ref: '#/components/responses/IdentityNotFound'
+ operationId: list-user-teams
description: Returns a paginated list of a teams that the user belongs to.
parameters:
- $ref: '#/components/parameters/PageSize'
- $ref: '#/components/parameters/PageNumber'
- - name: filter
- in: query
- description: Filter teams returned in the response.
- required: false
- schema:
+ - schema:
type: object
properties:
name:
$ref: '#/components/schemas/StringFieldFilter'
+ in: query
+ name: filter
+ description: Filter teams returned in the response.
+ required: false
style: deepObject
- responses:
- '200':
- $ref: '#/components/responses/TeamCollection'
- '404':
- $ref: '#/components/responses/IdentityNotFound'
- servers:
- - url: https://global.api.konghq.com/
tags:
- Team Membership
+ servers:
+ - url: https://global.api.konghq.com/
/v3/users/me:
get:
- operationId: get-users-me
summary: Retrieve My User Account
- description: >-
- Returns the user account for the user identified in the token of the
- request.
+ tags:
+ - Me
responses:
'200':
$ref: '#/components/responses/UserSingle'
'401':
$ref: '#/components/responses/IdentityUnauthenticated'
+ operationId: get-users-me
security:
- personalAccessToken: []
- konnectAccessToken: []
+ description: >-
+ Returns the user account for the user identified in the token of the
+ request.
servers:
- url: https://global.api.konghq.com/
- tags:
- - Me
components:
parameters:
- ACLId:
- description: ID of the ACL to lookup
- example: f28acbfa-c866-4587-b688-0208ac24df21
- in: path
- name: ACLId
- required: true
- schema:
- type: string
- BasicAuthId:
- description: ID of the Basic-auth credential to lookup
- example: 80db1b58-ca7c-4d21-b92a-64eb07725872
- in: path
- name: BasicAuthId
- required: true
- schema:
- type: string
- CACertificateId:
- description: ID of the CA Certificate to lookup
- example: 3c31f18a-f27a-4f9b-8cd4-bf841554612f
- in: path
- name: CACertificateId
- required: true
- schema:
- type: string
- CertificateId:
- description: ID of the Certificate to lookup
- example: ddf3cdaa-3329-4961-822a-ce6dbd38eff7
- in: path
- name: CertificateId
- required: true
- schema:
- type: string
- ConsumerGroupId:
- description: ID of the Consumer Group to lookup
- example: ''
- in: path
- name: ConsumerGroupId
- required: true
- schema:
- type: string
- ConsumerGroupIdManageConsumers:
- in: path
- name: ConsumerGroupId
- required: true
- schema:
- type: string
- x-speakeasy-name-override: consumer_group_id
- ConsumerId:
- description: ID of the Consumer to lookup
- example: c1059869-6fa7-4329-a5f5-5946d14ca2c5
- in: path
- name: ConsumerId
- required: true
- schema:
- type: string
- ConsumerIdForNestedEntities:
- description: Consumer ID for nested entities
- example: f28acbfa-c866-4587-b688-0208ac24df21
- in: path
- name: ConsumerIdForNestedEntities
- required: true
- schema:
- type: string
ControlPlaneFilter:
name: filter
description: Filters a collection of control-planes.
@@ -5398,6 +5560,14 @@ components:
schema:
$ref: '#/components/schemas/ControlPlaneFilterParameters'
style: deepObject
+ FilterByLabels:
+ name: labels
+ description: Filter control planes in the response by associated labels.
+ in: query
+ required: false
+ schema:
+ type: string
+ example: key:value,existCheck
ControlPlaneSort:
name: sort
description: |
@@ -5407,22 +5577,138 @@ components:
in: query
schema:
$ref: '#/components/schemas/SortQuery'
- DataPlaneCertificateId:
- name: certificateId
- in: path
- schema:
- type: string
- required: true
- x-speakeasy-match: id
- FilterByLabels:
- name: labels
- description: Filter control planes in the response by associated labels.
- in: query
+ PageSize:
+ name: page[size]
+ description: >-
+ The maximum number of items to include per page. The last page of a
+ collection may include fewer items.
required: false
+ in: query
+ allowEmptyValue: true
schema:
- type: string
- example: key:value,existCheck
- HMACAuthId:
+ type: integer
+ example: 10
+ PageNumber:
+ name: page[number]
+ description: Determines which page of the entities to retrieve.
+ required: false
+ in: query
+ allowEmptyValue: true
+ schema:
+ type: integer
+ example: 1
+ PageAfter:
+ name: page[after]
+ description: >-
+ Request the next page of data, starting with the item after this
+ parameter.
+ required: false
+ in: query
+ allowEmptyValue: true
+ schema:
+ type: string
+ example: ewogICJpZCI6ICJoZWxsbyB3b3JsZCIKfQ
+ pagination-size:
+ description: Number of resources to be returned.
+ in: query
+ name: size
+ schema:
+ default: 100
+ maximum: 1000
+ minimum: 1
+ type: integer
+ pagination-tags-filter:
+ description: >-
+ A list of tags to filter the list of resources on. Multiple tags can be
+ concatenated using ',' to mean AND or using '/' to mean OR.
+ example: tag1,tag2
+ in: query
+ name: tags
+ schema:
+ type: string
+ controlPlaneId:
+ x-speakeasy-param-force-new: true
+ name: controlPlaneId
+ in: path
+ required: true
+ schema:
+ type: string
+ format: uuid
+ example: 9524ec7d-36d9-465d-a8c5-83a3c9390458
+ description: >-
+ The UUID of your control plane. This variable is available in the
+ Konnect manager.
+ DataPlaneCertificateId:
+ name: certificateId
+ in: path
+ schema:
+ type: string
+ required: true
+ x-speakeasy-match: id
+ ACLId:
+ description: ID of the ACL to lookup
+ example: f28acbfa-c866-4587-b688-0208ac24df21
+ in: path
+ name: ACLId
+ required: true
+ schema:
+ type: string
+ BasicAuthId:
+ description: ID of the Basic-auth credential to lookup
+ example: 80db1b58-ca7c-4d21-b92a-64eb07725872
+ in: path
+ name: BasicAuthId
+ required: true
+ schema:
+ type: string
+ CACertificateId:
+ description: ID of the CA Certificate to lookup
+ example: 3c31f18a-f27a-4f9b-8cd4-bf841554612f
+ in: path
+ name: CACertificateId
+ required: true
+ schema:
+ type: string
+ CertificateId:
+ description: ID of the Certificate to lookup
+ example: ddf3cdaa-3329-4961-822a-ce6dbd38eff7
+ in: path
+ name: CertificateId
+ required: true
+ schema:
+ type: string
+ ConsumerGroupId:
+ description: ID of the Consumer Group to lookup
+ example: ''
+ in: path
+ name: ConsumerGroupId
+ required: true
+ schema:
+ type: string
+ ConsumerGroupIdManageConsumers:
+ in: path
+ name: ConsumerGroupId
+ required: true
+ schema:
+ type: string
+ x-speakeasy-name-override: consumer_group_id
+ ConsumerId:
+ description: ID of the Consumer to lookup
+ example: c1059869-6fa7-4329-a5f5-5946d14ca2c5
+ in: path
+ name: ConsumerId
+ required: true
+ schema:
+ type: string
+ ConsumerIdForNestedEntities:
+ description: Consumer ID for nested entities
+ example: f28acbfa-c866-4587-b688-0208ac24df21
+ in: path
+ name: ConsumerIdForNestedEntities
+ required: true
+ schema:
+ type: string
+ HMACAuthId:
description: ID of the HMAC-auth credential to lookup
example: 70e7b00b-72f2-471b-a5ce-9c4171775360
in: path
@@ -5470,37 +5756,6 @@ components:
required: true
schema:
type: string
- PageAfter:
- name: page[after]
- description: >-
- Request the next page of data, starting with the item after this
- parameter.
- required: false
- in: query
- allowEmptyValue: true
- schema:
- type: string
- example: ewogICJpZCI6ICJoZWxsbyB3b3JsZCIKfQ
- PageNumber:
- name: page[number]
- description: Determines which page of the entities to retrieve.
- required: false
- in: query
- allowEmptyValue: true
- schema:
- type: integer
- example: 1
- PageSize:
- name: page[size]
- description: >-
- The maximum number of items to include per page. The last page of a
- collection may include fewer items.
- required: false
- in: query
- allowEmptyValue: true
- schema:
- type: integer
- example: 10
PaginationOffset:
description: >-
Offset from which to return the next set of resources. Use the value of
@@ -5592,4026 +5847,160 @@ components:
required: true
schema:
type: string
- controlPlaneId:
- x-speakeasy-param-force-new: true
- name: controlPlaneId
- in: path
- required: true
- schema:
- type: string
- format: uuid
- example: 9524ec7d-36d9-465d-a8c5-83a3c9390458
- description: >-
- The UUID of your control plane. This variable is available in the
- Konnect manager.
- pagination-size:
- description: Number of resources to be returned.
- in: query
- name: size
- schema:
- type: integer
- default: 100
- maximum: 1000
- minimum: 1
- pagination-tags-filter:
- description: >-
- A list of tags to filter the list of resources on. Multiple tags can be
- concatenated using ',' to mean AND or using '/' to mean OR.
- example: tag1,tag2
- in: query
- name: tags
- schema:
- type: string
- schemas:
- GroupMembership:
- x-speakeasy-entity: GatewayControlPlaneMembership
- type: object
- properties:
- members:
- type: array
- items:
+ responses:
+ RetrieveControlPlaneResponse:
+ description: A response to retrieving a single control plane.
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ControlPlane'
+ CreateControlPlaneResponse:
+ description: A response to creating a control plane.
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ControlPlane'
+ UpdateControlPlaneResponse:
+ description: A response to updating a control plane.
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ControlPlane'
+ ListControlPlanesResponse:
+ description: A paginated list response for a collection of control planes.
+ content:
+ application/json:
+ schema:
+ title: ListControlPlanesResponse
type: object
- required:
- - id
+ additionalProperties: false
properties:
- id:
- type: string
- required:
- - members
- CreateControlPlaneRequest:
- x-speakeasy-entity: GatewayControlPlane
- description: The request schema for the create control plane request.
- type: object
- properties:
- name:
- description: The name of the control plane.
- type: string
- example: Test Control Plane
- description:
- description: The description of the control plane in Konnect.
- type: string
- example: A test control plane for exploration.
- cluster_type:
- description: >-
- The ClusterType value of the cluster associated with the Control
- Plane.
- type: string
- example: CLUSTER_TYPE_CONTROL_PLANE
- enum:
- - CLUSTER_TYPE_CONTROL_PLANE
- - CLUSTER_TYPE_K8S_INGRESS_CONTROLLER
- - CLUSTER_TYPE_CONTROL_PLANE_GROUP
- - CLUSTER_TYPE_SERVERLESS
- auth_type:
- description: >-
- The auth type value of the cluster associated with the Runtime
- Group.
- type: string
- example: pinned_client_certs
- enum:
- - pinned_client_certs
- - pki_client_certs
- cloud_gateway:
- description: Whether this control-plane can be used for cloud-gateways.
- type: boolean
- example: false
- proxy_urls:
- $ref: '#/components/schemas/ProxyURLs'
- labels:
- $ref: '#/components/schemas/Labels'
- additionalProperties: false
- required:
- - name
- title: CreateControlPlaneRequest
- UpdateControlPlaneRequest:
- description: The request schema for the update control plane request.
- type: object
- properties:
- name:
- description: The name of the control plane.
- type: string
- example: Test Control Plane
- description:
- description: The description of the control plane in Konnect.
- type: string
- example: A test control plane for exploration.
- auth_type:
- description: >-
- The auth type value of the cluster associated with the Runtime
- Group.
- type: string
- example: pinned_client_certs
- enum:
- - pinned_client_certs
- - pki_client_certs
- proxy_urls:
- $ref: '#/components/schemas/ProxyURLs'
- labels:
- $ref: '#/components/schemas/Labels'
- additionalProperties: false
- title: UpdateControlPlaneRequest
- ControlPlane:
- x-speakeasy-entity: GatewayControlPlane
- description: >-
- The control plane object contains information about a Kong control
- plane.
- type: object
- properties:
- id:
- description: The control plane ID.
- type: string
- format: uuid
- example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- readOnly: true
- x-speakeasy-param-suppress-computed-diff: true
- name:
- description: The name of the control plane.
- type: string
- example: Test Control Plane
- description:
- description: The description of the control plane in Konnect.
- type: string
- example: A test control plane for exploration.
- labels:
- $ref: '#/components/schemas/Labels'
- config:
- description: CP configuration object for related access endpoints.
- type: object
- additionalProperties: false
- properties:
- control_plane_endpoint:
- description: Control Plane Endpoint.
- type: string
- format: url
- example: https://acfe5f253f.cp0.konghq.com
- readOnly: true
- telemetry_endpoint:
- description: Telemetry Endpoint.
- type: string
- format: url
- example: https://acfe5f253f.tp0.konghq.com
- readOnly: true
- cluster_type:
- description: >-
- The ClusterType value of the cluster associated with the Control
- Plane.
- type: string
- example: CLUSTER_TYPE_CONTROL_PLANE
- enum:
- - CLUSTER_TYPE_CONTROL_PLANE
- - CLUSTER_TYPE_K8S_INGRESS_CONTROLLER
- - CLUSTER_TYPE_CONTROL_PLANE_GROUP
- - CLUSTER_TYPE_SERVERLESS
- readOnly: true
- auth_type:
- description: >-
- The auth type value of the cluster associated with the Runtime
- Group.
- type: string
- example: pinned_client_certs
- enum:
- - pinned_client_certs
- - pki_client_certs
- readOnly: true
- cloud_gateway:
- description: Whether the Control Plane can be used for cloud-gateways.
- type: boolean
- readOnly: true
- proxy_urls:
- $ref: '#/components/schemas/ProxyURLs'
- required:
- - control_plane_endpoint
- - telemetry_endpoint
- - cluster_type
- - auth_type
- - cloud_gateway
- created_at:
- description: An ISO-8604 timestamp representation of control plane creation date.
- type: string
- format: date-time
- example: '2022-11-04T20:10:06.927Z'
- readOnly: true
- x-speakeasy-terraform-ignore: true
- updated_at:
- description: An ISO-8604 timestamp representation of control plane update date.
- type: string
- format: date-time
- example: '2022-11-04T20:10:06.927Z'
- readOnly: true
- x-speakeasy-terraform-ignore: true
- additionalProperties: false
- required:
- - id
- - name
- - config
- - created_at
- - updated_at
- GroupStatus:
+ meta:
+ $ref: '#/components/schemas/PaginatedMeta'
+ data:
+ type: array
+ items:
+ $ref: '#/components/schemas/ControlPlane'
+ required:
+ - meta
+ - data
+ ControlPlanesBadRequest:
+ description: Bad Request
+ content:
+ application/problem+json:
+ schema:
+ $ref: '#/components/schemas/BadRequestError'
+ ControlPlanePermissionDenied:
+ description: Permission denied
+ content:
+ application/problem+json:
+ schema:
+ $ref: '#/components/schemas/ForbiddenError'
+ ControlPlaneUnauthenticated:
+ description: Unauthenticated
+ content:
+ application/problem+json:
+ schema:
+ $ref: '#/components/schemas/UnauthorizedError'
+ ControlPlaneNotFound:
+ description: Not Found
+ content:
+ application/problem+json:
+ schema:
+ $ref: '#/components/schemas/NotFoundError'
+ ControlPlaneConflict:
+ description: Conflict
+ content:
+ application/problem+json:
+ schema:
+ $ref: '#/components/schemas/ConflictError'
+ InternalServerError:
+ description: Internal Server Error
+ content:
+ application/problem+json:
+ schema:
+ title: InternalServerError
+ type: object
+ description: The error response object.
+ properties:
+ status:
+ type: integer
+ description: The HTTP status code.
+ example: 500
+ enum:
+ - 500
+ title:
+ type: string
+ description: The error response code.
+ example: Internal Server Error
+ instance:
+ type: string
+ example: konnect:trace:2287285207635123011
+ description: The Konnect traceback code
+ detail:
+ type: string
+ example: >-
+ Could not propagate control plane changes to control plane
+ cluster service.
+ description: Details about the error.
+ required:
+ - status
+ - title
+ - instance
+ ServiceUnavailable:
+ description: Service Unavailable
+ content:
+ application/problem+json:
+ schema:
+ title: ServiceUnavailableError
+ type: object
+ description: Error response for temporary service unavailability.
+ properties:
+ status:
+ type: integer
+ description: The HTTP status code.
+ example: 503
+ enum:
+ - 503
+ title:
+ type: string
+ description: The error response code.
+ example: Service Unavailable
+ instance:
+ type: string
+ example: konnect:trace:2287285207635123011
+ description: The Konnect traceback code
+ detail:
+ type: string
+ example: >-
+ Could not retrieve permissions to check resource
+ accessibility.
+ description: Details about the error.
+ required:
+ - status
+ - title
+ - instance
+ ListGroupMemberships:
description: >-
- The Group Status object contains information about the status of a
- control plane group.
- type: object
- properties:
- id:
- description: The control plane group ID.
- type: string
- format: uuid
- example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- readOnly: true
- created_at:
- description: >-
- An ISO-8604 timestamp representation of control plane group status
- creation date.
- type: string
- format: date-time
- example: '2022-11-04T20:10:06.927Z'
- readOnly: true
- updated_at:
- description: >-
- An ISO-8604 timestamp representation of control plane group status
- update date.
- type: string
- format: date-time
- example: '2022-11-04T20:10:06.927Z'
- readOnly: true
- conflicts:
- type: array
- items:
- $ref: '#/components/schemas/GroupConflict'
- maxItems: 256
- state:
- description: The state of the control plane group.
- type: string
- example: CONFLICT
- enum:
- - OK
- - CONFLICT
- - UNKNOWN
- readOnly: true
- required:
- - id
- - created_at
- - updated_at
- - state
- title: GroupStatus
- GroupConflict:
- description: >-
- The Group Conflict object contains information about a conflict in a
- control plane group.
- type: object
- properties:
- cluster_id:
- description: The ID of a control plane member of a control plane group.
- type: string
- format: uuid
- example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- readOnly: true
- description:
- description: The description of the conflict.
- type: string
- example: >-
- conflicting entity found: ID=38d790ad-8b08-4ff5-a074-2e1e9e64d8bd,
- Name=foo
- readOnly: true
- resource:
- $ref: '#/components/schemas/GroupConflictResource'
- required:
- - cluster_id
- - description
- - resource
- title: GroupConflict
- GroupConflictResource:
- description: A resource causing a conflict in a control plane group.
- type: object
- properties:
- id:
- description: The ID of the resource.
- type: string
- format: uuid
- example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- readOnly: true
- type:
- description: The type of the resource.
- type: string
- example: service
- readOnly: true
- required:
- - id
- - type
- title: GroupConflictResource
- GroupMemberStatus:
- description: >-
- Object with information determining the group membership status of a
- control plane.
- type: object
- properties:
- is_member:
- description: >-
- Boolean indicating if a control plane is a member of a control plane
- group.
- type: boolean
- example: true
- readOnly: true
- required:
- - is_member
- title: GroupMemberStatus
- Labels:
- description: >
- Labels store metadata of an entity that can be used for filtering an
- entity list or for searching across entity types.
-
-
- Keys must be of length 1-63 characters, and cannot start with "kong",
- "konnect", "mesh", "kic", or "_".
- type: object
- example:
- env: test
- additionalProperties:
- type: string
- pattern: ^[a-z0-9A-Z]{1}([a-z0-9A-Z-._]*[a-z0-9A-Z]+)?$
- minLength: 1
- maxLength: 63
- maxProperties: 50
- title: Labels
- ProxyURL:
- description: >-
- Proxy URL associated with reaching the data-planes connected to a
- control-plane.
- type: object
- properties:
- host:
- description: Hostname of the proxy URL.
- type: string
- port:
- description: Port of the proxy URL.
- type: integer
- protocol:
- description: Protocol of the proxy URL.
- type: string
- example:
- host: example.com
- port: 443
- protocol: https
- additionalProperties: false
- required:
- - host
- - port
- - protocol
- title: ProxyURL
- ProxyURLs:
- description: >-
- Array of proxy URLs associated with reaching the data-planes connected
- to a control-plane.
- type: array
- items:
- $ref: '#/components/schemas/ProxyURL'
- format: set
- example:
- - host: example.com
- port: 443
- protocol: https
- title: ProxyURLs
- ControlPlaneFilterParameters:
- type: object
- properties:
- id:
- oneOf:
- - $ref: '#/components/schemas/StringFieldEqualsFilter'
- - $ref: '#/components/schemas/StringFieldOEQFilter'
- name:
- oneOf:
- - $ref: '#/components/schemas/StringFieldEqualsFilter'
- - $ref: '#/components/schemas/StringFieldContainsFilter'
- - $ref: '#/components/schemas/StringFieldNEQFilter'
- cluster_type:
- oneOf:
- - $ref: '#/components/schemas/StringFieldEqualsFilter'
- - $ref: '#/components/schemas/StringFieldNEQFilter'
- cloud_gateway:
- $ref: '#/components/schemas/BooleanFieldFilter'
- additionalProperties: false
- title: ControlPlaneFilterParameters
- StringFieldEqualsFilter:
- description: Filter a string value by exact match.
- type: string
- oneOf:
- - type: string
- - type: object
- title: StringFieldEqualsComparison
- additionalProperties: false
- properties:
- eq:
- type: string
- required:
- - eq
- title: StringFieldEqualsFilter
- StringFieldOEQFilter:
- description: >-
- Returns entities that exact match any of the comma-delimited phrases in
- the filter string.
- type: object
- properties:
- oeq:
- type: string
- additionalProperties: false
- required:
- - oeq
- title: StringFieldOEQFilter
- StringFieldContainsFilter:
- description: Filter a string value field by partial contains.
- type: object
- properties:
- contains:
- type: string
- additionalProperties: false
- required:
- - contains
- title: StringFieldContainsFilter
- StringFieldNEQFilter:
- description: Filters on the given string field value by exact match inequality.
- type: object
- properties:
- neq:
- type: string
- additionalProperties: false
- required:
- - neq
- title: StringFieldNEQFilter
- BooleanFieldFilter:
- description: Filter by a boolean value (true/false).
- type: boolean
- example: true
- title: BooleanFieldFilter
- SortQuery:
- description: >
- The `asc` suffix is optional as the default sort order is ascending.
-
- The `desc` suffix is used to specify a descending order.
-
- Multiple sort attributes may be provided via a comma separated list.
-
- JSONPath notation may be used to specify a sub-attribute (eg: 'foo.bar
- desc').
- type: string
- example: name,created_at desc
- title: SortQuery
- PageMeta:
- description: >-
- Contains pagination query parameters and the total number of objects
- returned.
- type: object
- properties:
- number:
- type: number
- example: 1
- size:
- type: number
- example: 10
- total:
- type: number
- example: 100
- required:
- - number
- - size
- - total
- PaginatedMeta:
- description: returns the pagination information
- type: object
- properties:
- page:
- $ref: '#/components/schemas/PageMeta'
- required:
- - page
- title: PaginatedMeta
- BaseError:
- description: standard error
- type: object
- properties:
- status:
- description: >
- The HTTP status code of the error. Useful when passing the response
-
- body to child properties in a frontend UI. Must be returned as an
- integer.
- type: integer
- readOnly: true
- title:
- description: |
- A short, human-readable summary of the problem. It should not
- change between occurences of a problem, except for localization.
- Should be provided as "Sentence case" for direct use in the UI.
- type: string
- readOnly: true
- type:
- description: The error type.
- type: string
- readOnly: true
- instance:
- description: |
- Used to return the correlation ID back to the user, in the format
- kong:trace:. This helps us find the relevant logs
- when a customer reports an issue.
- type: string
- readOnly: true
- detail:
- description: >
- A human readable explanation specific to this occurence of the
- problem.
-
- This field may contain request/entity data to help the user
- understand
-
- what went wrong. Enclose variable values in square brackets. Should
- be
-
- provided as "Sentence case" for direct use in the UI.
- type: string
- readOnly: true
- required:
- - status
- - title
- - instance
- - detail
- title: Error
- InvalidRules:
- description: invalid parameters rules
- type: string
- enum:
- - required
- - is_array
- - is_base64
- - is_boolean
- - is_date_time
- - is_integer
- - is_null
- - is_number
- - is_object
- - is_string
- - is_uuid
- - is_fqdn
- - is_arn
- - unknown_property
- - is_label
- - matches_regex
- - invalid
- - is_supported_network_availability_zone_list
- - is_supported_network_cidr_block
- - is_supported_provider_region
- nullable: true
- readOnly: true
- InvalidParameterStandard:
- type: object
- properties:
- field:
- type: string
- example: name
- readOnly: true
- rule:
- $ref: '#/components/schemas/InvalidRules'
- source:
- type: string
- example: body
- reason:
- type: string
- example: is a required field
- readOnly: true
- additionalProperties: false
- required:
- - field
- - reason
- InvalidParameterMinimumLength:
- type: object
- properties:
- field:
- type: string
- example: name
- readOnly: true
- rule:
- description: invalid parameters rules
- type: string
- enum:
- - min_length
- - min_digits
- - min_lowercase
- - min_uppercase
- - min_symbols
- - min_items
- - min
- nullable: false
- readOnly: true
- minimum:
- type: integer
- example: 8
- source:
- type: string
- example: body
- reason:
- type: string
- example: must have at least 8 characters
- readOnly: true
- additionalProperties: false
- required:
- - field
- - reason
- - rule
- - minimum
- InvalidParameterMaximumLength:
- type: object
- properties:
- field:
- type: string
- example: name
- readOnly: true
- rule:
- description: invalid parameters rules
- type: string
- enum:
- - max_length
- - max_items
- - max
- nullable: false
- readOnly: true
- maximum:
- type: integer
- example: 8
- source:
- type: string
- example: body
- reason:
- type: string
- example: must not have more than 8 characters
- readOnly: true
- additionalProperties: false
- required:
- - field
- - reason
- - rule
- - maximum
- InvalidParameterChoiceItem:
- type: object
- properties:
- field:
- type: string
- example: name
- readOnly: true
- rule:
- description: invalid parameters rules
- type: string
- enum:
- - enum
- nullable: false
- readOnly: true
- reason:
- type: string
- example: is a required field
- readOnly: true
- choices:
- type: array
- items: {}
- minItems: 1
- nullable: false
- readOnly: true
- uniqueItems: true
- source:
- type: string
- example: body
- additionalProperties: false
- required:
- - field
- - reason
- - rule
- - choices
- InvalidParameterDependentItem:
- type: object
- properties:
- field:
- type: string
- example: name
- readOnly: true
- rule:
- description: invalid parameters rules
- type: string
- enum:
- - dependent_fields
- nullable: true
- readOnly: true
- reason:
- type: string
- example: is a required field
- readOnly: true
- dependents:
- type: array
- items: {}
- nullable: true
- readOnly: true
- uniqueItems: true
- source:
- type: string
- example: body
- additionalProperties: false
- required:
- - field
- - rule
- - reason
- - dependents
- InvalidParameters:
- description: invalid parameters
- type: array
- items:
- oneOf:
- - $ref: '#/components/schemas/InvalidParameterStandard'
- - $ref: '#/components/schemas/InvalidParameterMinimumLength'
- - $ref: '#/components/schemas/InvalidParameterMaximumLength'
- - $ref: '#/components/schemas/InvalidParameterChoiceItem'
- - $ref: '#/components/schemas/InvalidParameterDependentItem'
- minItems: 1
- nullable: false
- uniqueItems: true
- BadRequestError:
- allOf:
- - $ref: '#/components/schemas/BaseError'
- - type: object
- required:
- - invalid_parameters
- properties:
- invalid_parameters:
- $ref: '#/components/schemas/InvalidParameters'
- UnauthorizedError:
- allOf:
- - $ref: '#/components/schemas/BaseError'
- - type: object
- properties:
- status:
- example: 401
- title:
- example: Unauthorized
- type:
- example: https://httpstatuses.com/401
- instance:
- example: kong:trace:1234567890
- detail:
- example: Invalid credentials
- ForbiddenError:
- allOf:
- - $ref: '#/components/schemas/BaseError'
- - type: object
- properties:
- status:
- example: 403
- title:
- example: Forbidden
- type:
- example: https://httpstatuses.com/403
- instance:
- example: kong:trace:1234567890
- detail:
- example: Forbidden
- ConflictError:
- allOf:
- - $ref: '#/components/schemas/BaseError'
- - type: object
- properties:
- status:
- example: 409
- title:
- example: Conflict
- type:
- example: https://httpstatuses.com/409
- instance:
- example: kong:trace:1234567890
- detail:
- example: Conflict
- NotFoundError:
- allOf:
- - $ref: '#/components/schemas/BaseError'
- - type: object
- properties:
- status:
- example: 404
- title:
- example: Not Found
- type:
- example: https://httpstatuses.com/404
- instance:
- example: kong:trace:1234567890
- detail:
- example: Not found
- CursorMetaWithSizeAndTotal:
- type: object
- properties:
- next:
- description: URI to the next page
- type: string
- format: path
- nullable: true
- size:
- description: Requested page size
- type: number
- example: 10
- total:
- description: >-
- Total number of objects in the collection; will only be present on
- the first page
- type: number
- example: 974
- nullable: true
- required:
- - size
- - next
- - total
- CursorPaginatedMetaWithSizeAndTotal:
- description: returns the pagination information
- type: object
- properties:
- page:
- $ref: '#/components/schemas/CursorMetaWithSizeAndTotal'
- required:
- - page
- title: CursorPaginatedMetaWithSizeAndTotal
- IdP:
- description: >-
- The IdP object contains the configuration data for the OIDC
- authentication integration.
-
-
- NOTE: The `openid` scope is required. Removing it could break the OIDC
- integration.
- type: object
- properties:
- issuer:
- type: string
- format: uri
- example: https://myidp.com/oauth2
- login_path:
- type: string
- example: myapp
- client_id:
- type: string
- example: YOUR_CLIENT_ID
- scopes:
- type: array
- items:
- type: string
- claim_mappings:
- type: object
- minProperties: 3
- properties:
- name:
- type: string
- example: name
- email:
- type: string
- example: email
- groups:
- type: string
- example: custom-groups-claim
- title: IdP Configuration
- User:
- description: >-
- The user object contains information about an individual user who can
- use the Konnect application and API.
- type: object
- properties:
- id:
- description: The User ID.
- type: string
- format: uuid
- example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- readOnly: true
- email:
- description: The email registered to the user.
- type: string
- format: email
- example: user@email.com
- maxLength: 250
- full_name:
- description: The User's full name.
- type: string
- example: Jane Doe
- maxLength: 250
- pattern: ^[\w \W]+$
- preferred_name:
- description: The User's preferred name.
- type: string
- example: Jane
- maxLength: 250
- active:
- description: Returns True if a user has verified their email address.
- type: boolean
- readOnly: true
- created_at:
- description: The time stamp for the date the account was registered.
- type: string
- format: date-time
- example: '2022-02-07T17:46:57.52Z'
- readOnly: true
- updated_at:
- description: >-
- A Unix timestamp representation of the most recent change to the
- User account.
- type: string
- format: date-time
- example: '2022-10-08T17:00:00.52Z'
- readOnly: true
- example:
- id: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- email: user@email.com
- full_name: Test User
- preferred_name: test
- active: true
- created_at: '2022-02-07T17:46:57.52Z'
- updated_at: '2022-10-08T17:00:00.52Z'
- title: User
- Team:
- x-speakeasy-entity: Team
- description: The team object contains information about a group of users.
- type: object
- properties:
- id:
- description: The team ID.
- type: string
- format: uuid
- example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- readOnly: true
- name:
- description: The name of the team.
- type: string
- example: IDM - Developers
- maxLength: 250
- pattern: ^[\w \W]+$
- description:
- description: The team description in Konnect.
- type: string
- example: The developers for the IDM API.
- maxLength: 250
- system_team:
- description: >-
- Returns True if a user belongs to a `system_team`. System teams are
- teams that can manage Konnect objects, like "Organization Admin", or
- "Service"
- type: boolean
- readOnly: true
- labels:
- $ref: '#/components/schemas/Labels'
- created_at:
- description: A Unix timestamp representation of team creation.
- type: string
- format: date-time
- example: '1992-02-07T17:46:57.52Z'
- readOnly: true
- updated_at:
- description: >
- A Unix timestamp representation of the most recent change to the
- team object in Konnect.
- type: string
- format: date-time
- example: '2022-02-07T17:00:00.52Z'
- readOnly: true
- example:
- id: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
- name: IDM - Developers
- description: The developers for the IDM API.
- system_team: false
- labels:
- env: test
- created_at: '1992-02-07T17:46:57.52Z'
- updated_at: '2022-08-31T17:00:00.52Z'
- title: Team
- TeamMapping:
- description: A team assignment is a mapping of an IdP group to a Konnect Team.
- type: object
- properties:
- group:
- description: The IdP group.
- type: string
- example: Service Developers
- team_ids:
- description: An array of ID's that are mapped to the specified group.
- type: array
- items:
- type: string
- format: uuid
- example: 6801e673-cc10-498a-94cd-4271de07a0d3
- uniqueItems: true
- example:
- group: Service Developers
- team_ids:
- - 6801e673-cc10-498a-94cd-4271de07a0d3
- title: TeamMapping
- TeamGroupMapping:
- description: A map of Konnect Team to IdP groups.
- type: object
- properties:
- team_id:
- description: The Konnect team ID.
- type: string
- format: uuid
- example: 6801e673-cc10-498a-94cd-4271de07a0d3
- groups:
- description: The IdP groups that are mapped to the specified team.
- type: array
- items:
- type: string
- example: API Engineers
- uniqueItems: true
- example:
- team_id: 6801e673-cc10-498a-94cd-4271de07a0d3
- groups:
- - Tech Leads
- - API Engineers
- title: TeamGroupMapping
- AssignedRole:
- description: An assigned role is a role that has been assigned to a user or team.
- type: object
- properties:
- id:
- description: The ID of the role assignment.
- type: string
- format: uuid
- example: eaf7adf1-32c8-4bbf-b960-d1f8456afe67
- role_name:
- description: Name of the role being assigned.
- type: string
- example: Viewer
- entity_id:
- description: A RBAC entity ID.
- type: string
- format: uuid
- example: 817d0422-45c9-4d88-8d64-45aef05c1ae7
- entity_type_name:
- description: Name of the entity type the role is being assigned to.
- type: string
- example: Control Planes
- entity_region:
- description: Region of the entity.
- type: string
- example: eu
- enum:
- - us
- - eu
- - au
- - me
- - '*'
- example:
- id: 54cc6168-ebb1-4300-8168-d62a0dd08fc8
- role_name: Viewer
- entity_id: 18ee2573-dec0-4b83-be99-fa7700bcdc61
- entity_type_name: Control Planes
- entity_region: us
- title: AssignedRole
- SystemAccount:
- x-speakeasy-entity: SystemAccount
- description: Schema of the system account.
- type: object
- properties:
- id:
- description: ID of the system account.
- type: string
- format: uuid
- readOnly: true
- name:
- description: Name of the system account.
- type: string
- description:
- description: Description of the system account.
- type: string
- created_at:
- description: Timestamp of when the system account was created.
- type: string
- format: date-time
- readOnly: true
- updated_at:
- description: Timestamp of when the system account was last updated.
- type: string
- format: date-time
- readOnly: true
- konnect_managed:
- description: The system account is managed by Konnect (true/false).
- type: boolean
- example:
- id: 497f6eca-6276-4993-bfeb-53cbbbba6f08
- name: Example System Account
- description: This is a sample system account description.
- created_at: '2022-08-24T14:15:22Z'
- updated_at: '2022-10-05T10:33:49Z'
- konnect_managed: false
- title: System Account
- SystemAccountAccessToken:
- x-speakeasy-entity: SystemAccountAccessToken
- description: Schema of the system account access token.
- type: object
- properties:
- id:
- description: ID of the system account access token.
- type: string
- format: uuid
- readOnly: true
- name:
- description: Name of the system account access token.
- type: string
- created_at:
- description: Timestamp of when the system account access token was created.
- type: string
- format: date-time
- readOnly: true
- updated_at:
- description: Timestamp of when the system account access token was last updated.
- type: string
- format: date-time
- readOnly: true
- expires_at:
- description: Timestamp of when the system account access token will expire.
- type: string
- format: date-time
- last_used_at:
- description: Timestamp of when the system account access token was last used.
- type: string
- format: date-time
- readOnly: true
- example:
- id: 497f6eca-6276-4993-bfeb-53cbbbba6f08
- name: Sample Access Token
- created_at: '2022-08-01T14:16:09Z'
- updated_at: '2022-08-02T08:35:49Z'
- expires_at: '2022-12-31T12:52:23Z'
- last_used_at: '2022-10-24T13:05:42Z'
- title: System Account Access Token
- StringFieldFilter:
- description: Filter a string value field either by exact match or partial contains.
- oneOf:
- - $ref: '#/components/schemas/StringFieldEqualsFilter'
- - $ref: '#/components/schemas/StringFieldContainsFilter'
- title: StringFieldFilter
- LabelsUpdate:
- description: >
- Labels store metadata of an entity that can be used for filtering an
- entity list or for searching across entity types.
-
-
- Labels are intended to store **INTERNAL** metadata.
-
-
- Keys must be of length 1-63 characters, and cannot start with "kong",
- "konnect", "mesh", "kic", or "_".
- type: object
- example:
- env: test
- additionalProperties:
- type: string
- pattern: ^[a-z0-9A-Z]{1}([a-z0-9A-Z-._]*[a-z0-9A-Z]+)?$
- minLength: 1
- maxLength: 63
- nullable: true
- maxProperties: 50
- nullable: true
- writeOnly: true
- DataPlaneClientCertificate:
- type: object
- properties:
- item:
- x-speakeasy-entity: GatewayDataPlaneClientCertificate
- type: object
- properties:
- id:
- description: Unique ID of the certificate entity.
- type: string
- created_at:
- description: Date certificate was created.
- type: integer
- updated_at:
- description: Date certificate was last updated.
- type: integer
- cert:
- description: JSON escaped string of the certificate.
- type: string
- ACL:
- type: object
- properties:
- consumer:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- group:
- type: string
- id:
- type: string
- nullable: true
- tags:
- type: array
- items:
- type: string
- example:
- consumer:
- id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
- group: foo
- id: b1f34145-0343-41a4-9602-4c69dec2f269
- additionalProperties: false
- required:
- - group
- ACLWithoutParents:
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- group:
- type: string
- id:
- type: string
- nullable: true
- tags:
- type: array
- items:
- type: string
- example:
- group: foo
- id: b1f34145-0343-41a4-9602-4c69dec2f269
- additionalProperties: false
- required:
- - group
- BasicAuth:
- type: object
- properties:
- consumer:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- password:
- type: string
- tags:
- type: array
- items:
- type: string
- username:
- type: string
- example:
- consumer:
- id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
- id: b2f34145-0343-41a4-9602-4c69dec2f269
- password: hashedsoopersecretvalue
- username: darius
- additionalProperties: false
- required:
- - username
- - password
- BasicAuthWithoutParents:
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- password:
- type: string
- tags:
- type: array
- items:
- type: string
- username:
- type: string
- example:
- id: b2f34145-0343-41a4-9602-4c69dec2f269
- password: hashedsoopersecretvalue
- username: darius
- additionalProperties: false
- required:
- - username
- - password
- CACertificate:
- description: >-
- A CA certificate object represents a trusted CA. These objects are used
- by Kong to verify the validity of a client or server certificate.
- type: object
- properties:
- cert:
- description: PEM-encoded public certificate of the CA.
- type: string
- cert_digest:
- description: >-
- SHA256 hex digest of the public certificate. This field is read-only
- and it cannot be set by the caller, the value is automatically
- computed.
- type: string
- nullable: true
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Certificate for
- grouping and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- cert: |-
- -----BEGIN CERTIFICATE-----
- certificate-content
- -----END CERTIFICATE-----
- id: b2f34145-0343-41a4-9602-4c69dec2f260
- additionalProperties: false
- required:
- - cert
- Certificate:
- description: >-
- A certificate object represents a public certificate, and can be
- optionally paired with the corresponding private key. These objects are
- used by Kong to handle SSL/TLS termination for encrypted requests, or
- for use as a trusted CA store when validating peer certificate of
- client/service. Certificates are optionally associated with SNI objects
- to tie a cert/key pair to one or more hostnames. If intermediate
- certificates are required in addition to the main certificate, they
- should be concatenated together into one string according to the
- following order: main certificate on the top, followed by any
- intermediates.
- type: object
- properties:
- cert:
- description: >-
- PEM-encoded public certificate chain of the SSL key pair. This field
- is _referenceable_, which means it can be securely stored as a
- [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
- in a vault. References must follow a [specific
- format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
- type: string
- cert_alt:
- description: >-
- PEM-encoded public certificate chain of the alternate SSL key pair.
- This should only be set if you have both RSA and ECDSA types of
- certificate available and would like Kong to prefer serving using
- ECDSA certs when client advertises support for it. This field is
- _referenceable_, which means it can be securely stored as a
- [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
- in a vault. References must follow a [specific
- format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
- type: string
- nullable: true
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- key:
- description: >-
- PEM-encoded private key of the SSL key pair. This field is
- _referenceable_, which means it can be securely stored as a
- [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
- in a vault. References must follow a [specific
- format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
- type: string
- key_alt:
- description: >-
- PEM-encoded private key of the alternate SSL key pair. This should
- only be set if you have both RSA and ECDSA types of certificate
- available and would like Kong to prefer serving using ECDSA certs
- when client advertises support for it. This field is
- _referenceable_, which means it can be securely stored as a
- [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
- in a vault. References must follow a [specific
- format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
- type: string
- nullable: true
- snis:
- type: array
- items:
- type: string
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Certificate for
- grouping and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- cert: |-
- -----BEGIN CERTIFICATE-----
- certificate-content
- -----END CERTIFICATE-----
- id: b2f34145-0343-41a4-9602-4c69dec2f269
- key: |-
- -----BEGIN PRIVATE KEY-----
- private-key-content
- -----END PRIVATE KEY-----
- additionalProperties: false
- required:
- - cert
- - key
- Consumer:
- description: >-
- The Consumer object represents a consumer - or a user - of a Service.
- You can either rely on Kong as the primary datastore, or you can map the
- consumer list with your database to keep consistency between Kong and
- your existing primary datastore.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- custom_id:
- description: >-
- Field for storing an existing unique ID for the Consumer - useful
- for mapping Kong with users in your existing database. You must send
- either this field or `username` with the request.
- type: string
- nullable: true
- id:
- type: string
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Consumer for grouping
- and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- username:
- description: >-
- The unique username of the Consumer. You must send either this field
- or `custom_id` with the request.
- type: string
- nullable: true
- example:
- custom_id: '4200'
- id: 8a388226-80e8-4027-a486-25e4f7db5d21
- tags:
- - silver-tier
- username: bob-the-builder
- additionalProperties: false
- ConsumerGroup:
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- name:
- type: string
- tags:
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- additionalProperties: false
- required:
- - name
- ConsumerGroupInsideWrapper:
- type: object
- properties:
- consumer_group:
- $ref: '#/components/schemas/ConsumerGroup'
- GatewayUnauthorizedError:
- type: object
- properties:
- message:
- type: string
- status:
- type: integer
- required:
- - message
- - status
- HMACAuth:
- type: object
- properties:
- consumer:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- secret:
- type: string
- nullable: true
- tags:
- type: array
- items:
- type: string
- username:
- type: string
- example:
- consumer:
- id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
- id: 75695322-e8a0-4109-aed4-5416b0308d85
- secret: wQazJ304DW5huJklHgUfjfiSyCyTAEDZ
- username: xerxes
- additionalProperties: false
- required:
- - username
- HMACAuthWithoutParents:
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- secret:
- type: string
- nullable: true
- tags:
- type: array
- items:
- type: string
- username:
- type: string
- example:
- id: 75695322-e8a0-4109-aed4-5416b0308d85
- secret: wQazJ304DW5huJklHgUfjfiSyCyTAEDZ
- username: xerxes
- additionalProperties: false
- required:
- - username
- JWT:
- type: object
- properties:
- algorithm:
- type: string
- enum:
- - HS256
- - HS384
- - HS512
- - RS256
- - RS384
- - RS512
- - ES256
- - ES384
- - ES512
- - PS256
- - PS384
- - PS512
- - EdDSA
- nullable: true
- consumer:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- key:
- type: string
- nullable: true
- rsa_public_key:
- type: string
- nullable: true
- secret:
- type: string
- nullable: true
- tags:
- type: array
- items:
- type: string
- example:
- algorithm: HS256
- consumer:
- id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
- id: 75695322-e8a0-4109-aed4-5416b0308d85
- key: YJdmaDvVTJxtcWRCvkMikc8oELgAVNcz
- secret: C50k0bcahDhLNhLKSUBSR1OMiFGzNZ7X
- additionalProperties: false
- JWTWithoutParents:
- type: object
- properties:
- algorithm:
- type: string
- enum:
- - HS256
- - HS384
- - HS512
- - RS256
- - RS384
- - RS512
- - ES256
- - ES384
- - ES512
- - PS256
- - PS384
- - PS512
- - EdDSA
- nullable: true
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- key:
- type: string
- nullable: true
- rsa_public_key:
- type: string
- nullable: true
- secret:
- type: string
- nullable: true
- tags:
- type: array
- items:
- type: string
- example:
- algorithm: HS256
- id: 75695322-e8a0-4109-aed4-5416b0308d85
- key: YJdmaDvVTJxtcWRCvkMikc8oELgAVNcz
- secret: C50k0bcahDhLNhLKSUBSR1OMiFGzNZ7X
- additionalProperties: false
- Key:
- description: >-
- A Key object holds a representation of asymmetric keys in various
- formats. When Kong or a Kong plugin requires a specific public or
- private key to perform certain operations, it can use this entity.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- jwk:
- description: A JSON Web Key represented as a string.
- type: string
- nullable: true
- kid:
- description: A unique identifier for a key.
- type: string
- name:
- description: The name to associate with the given keys.
- type: string
- nullable: true
- pem:
- description: A keypair in PEM format.
- type: object
- nullable: true
- properties:
- private_key:
- type: string
- public_key:
- type: string
- set:
- description: The id (an UUID) of the key-set with which to associate the key.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- tags:
- description: >-
- An optional set of strings associated with the Key for grouping and
- filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- id: d958f66b-8e99-44d2-b0b4-edd5bbf24658
- jwk: '{"alg":"RSA", "kid": "42", ...}'
- kid: '42'
- name: a-key
- pem:
- private_key: '-----BEGIN'
- public_key: '-----BEGIN'
- set:
- id: b86b331c-dcd0-4b3e-97ce-47c5a9543031
- additionalProperties: false
- required:
- - kid
- KeyAuth:
- type: object
- properties:
- consumer:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- key:
- type: string
- tags:
- type: array
- items:
- type: string
- example:
- consumer:
- id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
- id: b2f34145-0343-41a4-9602-4c69dec2f269
- key: IL1deIyHyQA40WpeLeA1bIUXuvTwlGjo
- additionalProperties: false
- required:
- - key
- KeyAuthWithoutParents:
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- key:
- type: string
- tags:
- type: array
- items:
- type: string
- example:
- id: b2f34145-0343-41a4-9602-4c69dec2f269
- key: IL1deIyHyQA40WpeLeA1bIUXuvTwlGjo
- additionalProperties: false
- required:
- - key
- KeySet:
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- name:
- type: string
- nullable: true
- tags:
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- id: b58c7d9d-e54f-444c-b24d-cdfc4159f61e
- name: example-key-set
- tags:
- - idp-keys
- additionalProperties: false
- KeyWithoutParents:
- description: >-
- A Key object holds a representation of asymmetric keys in various
- formats. When Kong or a Kong plugin requires a specific public or
- private key to perform certain operations, it can use this entity.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- jwk:
- description: A JSON Web Key represented as a string.
- type: string
- nullable: true
- kid:
- description: A unique identifier for a key.
- type: string
- name:
- description: The name to associate with the given keys.
- type: string
- nullable: true
- pem:
- description: A keypair in PEM format.
- type: object
- nullable: true
- properties:
- private_key:
- type: string
- public_key:
- type: string
- set:
- description: The id (an UUID) of the key-set with which to associate the key.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- tags:
- description: >-
- An optional set of strings associated with the Key for grouping and
- filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- id: d958f66b-8e99-44d2-b0b4-edd5bbf24658
- jwk: '{"alg":"RSA", "kid": "42", ...}'
- kid: '42'
- name: a-key
- pem:
- private_key: '-----BEGIN'
- public_key: '-----BEGIN'
- set:
- id: b86b331c-dcd0-4b3e-97ce-47c5a9543031
- additionalProperties: false
- required:
- - kid
- MTLSAuth:
- type: object
- properties:
- ca_certificate:
- type: object
- additionalProperties: false
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- nullable: true
- default: null
- consumer:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- subject_name:
- type: string
- tags:
- type: array
- items:
- type: string
- example:
- ca_certificate:
- id: b2f34145-0343-41a4-9602-4c69dec2f260
- consumer:
- id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
- id: b2f34145-0343-41a4-9602-4c69dec2f269
- subject_name: CA_Subject_Name
- additionalProperties: false
- required:
- - subject_name
- MTLSAuthWithoutParents:
- type: object
- properties:
- ca_certificate:
- type: object
- additionalProperties: false
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- nullable: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- subject_name:
- type: string
- tags:
- type: array
- items:
- type: string
- example:
- ca_certificate:
- id: b2f34145-0343-41a4-9602-4c69dec2f260
- id: b2f34145-0343-41a4-9602-4c69dec2f269
- subject_name: CA_Subject_Name
- additionalProperties: false
- required:
- - subject_name
- PaginationNextResponse:
- description: URI to the next page (may be null)
- type: string
- PaginationOffsetResponse:
- description: >-
- Offset is used to paginate through the API. Provide this value to the
- next list operation to fetch the next page
- type: string
- Plugin:
- description: >-
- A Plugin entity represents a plugin configuration that will be executed
- during the HTTP request/response lifecycle. It is how you can add
- functionalities to Services that run behind Kong, like Authentication or
- Rate Limiting for example. You can find more information about how to
- install and what values each plugin takes by visiting the [Kong
- Hub](https://docs.konghq.com/hub/). When adding a Plugin Configuration
- to a Service, every request made by a client to that Service will run
- said Plugin. If a Plugin needs to be tuned to different values for some
- specific Consumers, you can do so by creating a separate plugin instance
- that specifies both the Service and the Consumer, through the `service`
- and `consumer` fields.
- type: object
- properties:
- config:
- description: >-
- The configuration properties for the Plugin which can be found on
- the plugins documentation page in the [Kong
- Hub](https://docs.konghq.com/hub/).
- type: object
- additionalProperties: true
- consumer:
- description: >-
- If set, the plugin will activate only for requests where the
- specified has been authenticated. (Note that some plugins can not be
- restricted to consumers this way.). Leave unset for the plugin to
- activate regardless of the authenticated Consumer.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- consumer_group:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- enabled:
- description: Whether the plugin is applied.
- type: boolean
- nullable: true
- id:
- type: string
- nullable: true
- instance_name:
- type: string
- nullable: true
- name:
- description: >-
- The name of the Plugin that's going to be added. Currently, the
- Plugin must be installed in every Kong instance separately.
- type: string
- ordering:
- type: object
- nullable: true
- properties:
- after:
- type: object
- properties:
- access:
- type: array
- items:
- type: string
- before:
- type: object
- properties:
- access:
- type: array
- items:
- type: string
- protocols:
- description: >-
- A list of the request protocols that will trigger this plugin. The
- default value, as well as the possible values allowed on this field,
- may change depending on the plugin type. For example, plugins that
- only work in stream mode will only support `"tcp"` and `"tls"`.
- type: array
- items:
- enum:
- - grpc
- - grpcs
- - http
- - https
- - tcp
- - tls
- - tls_passthrough
- - udp
- - ws
- - wss
- type: string
- nullable: true
- route:
- description: >-
- If set, the plugin will only activate when receiving requests via
- the specified route. Leave unset for the plugin to activate
- regardless of the Route being used.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- service:
- description: >-
- If set, the plugin will only activate when receiving requests via
- one of the routes belonging to the specified Service. Leave unset
- for the plugin to activate regardless of the Service being matched.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- tags:
- description: >-
- An optional set of strings associated with the Plugin for grouping
- and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- config:
- anonymous: null
- hide_credentials: false
- key_in_body: false
- key_in_header: true
- key_in_query: true
- key_names:
- - apikey
- run_on_preflight: true
- enabled: true
- id: 3fd1eea1-885a-4011-b986-289943ff8177
- name: key-auth
- protocols:
- - grpc
- - grpcs
- - http
- - https
- additionalProperties: false
- required:
- - name
- - config
- PluginWithoutParents:
- description: >-
- A Plugin entity represents a plugin configuration that will be executed
- during the HTTP request/response lifecycle. It is how you can add
- functionalities to Services that run behind Kong, like Authentication or
- Rate Limiting for example. You can find more information about how to
- install and what values each plugin takes by visiting the [Kong
- Hub](https://docs.konghq.com/hub/). When adding a Plugin Configuration
- to a Service, every request made by a client to that Service will run
- said Plugin. If a Plugin needs to be tuned to different values for some
- specific Consumers, you can do so by creating a separate plugin instance
- that specifies both the Service and the Consumer, through the `service`
- and `consumer` fields.
- type: object
- properties:
- config:
- description: >-
- The configuration properties for the Plugin which can be found on
- the plugins documentation page in the [Kong
- Hub](https://docs.konghq.com/hub/).
- type: object
- additionalProperties: true
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- enabled:
- description: Whether the plugin is applied.
- type: boolean
- nullable: true
- id:
- type: string
- nullable: true
- instance_name:
- type: string
- nullable: true
- name:
- description: >-
- The name of the Plugin that's going to be added. Currently, the
- Plugin must be installed in every Kong instance separately.
- type: string
- ordering:
- type: object
- nullable: true
- properties:
- after:
- type: object
- properties:
- access:
- type: array
- items:
- type: string
- before:
- type: object
- properties:
- access:
- type: array
- items:
- type: string
- protocols:
- description: >-
- A list of the request protocols that will trigger this plugin. The
- default value, as well as the possible values allowed on this field,
- may change depending on the plugin type. For example, plugins that
- only work in stream mode will only support `"tcp"` and `"tls"`.
- type: array
- items:
- enum:
- - grpc
- - grpcs
- - http
- - https
- - tcp
- - tls
- - tls_passthrough
- - udp
- - ws
- - wss
- type: string
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Plugin for grouping
- and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- config:
- anonymous: null
- hide_credentials: false
- key_in_body: false
- key_in_header: true
- key_in_query: true
- key_names:
- - apikey
- run_on_preflight: true
- enabled: true
- id: 3fd1eea1-885a-4011-b986-289943ff8177
- name: key-auth
- protocols:
- - grpc
- - grpcs
- - http
- - https
- additionalProperties: false
- required:
- - name
- - config
- Route:
- description: >-
- Route entities define rules to match client requests. Each Route is
- associated with a Service, and a Service may have multiple Routes
- associated to it. Every request matching a given Route will be proxied
- to its associated Service. The combination of Routes and Services (and
- the separation of concerns between them) offers a powerful routing
- mechanism with which it is possible to define fine-grained entry-points
- in Kong leading to different upstream services of your infrastructure.
- You need at least one matching rule that applies to the protocol being
- matched by the Route.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- destinations:
- description: >-
- A list of IP destinations of incoming connections that match this
- Route when using stream routing. Each entry is an object with fields
- "ip" (optionally in CIDR range notation) and/or "port".
- type: array
- items:
- properties:
- ip:
- type: string
- port:
- type: integer
- type: object
- nullable: true
- headers:
- description: >-
- One or more lists of values indexed by header name that will cause
- this Route to match if present in the request. The `Host` header
- cannot be used with this attribute: hosts should be specified using
- the `hosts` attribute. When `headers` contains only one value and
- that value starts with the special prefix `~*`, the value is
- interpreted as a regular expression.
- type: object
- additionalProperties:
- type: string
- nullable: true
- hosts:
- description: >-
- A list of domain names that match this Route. Note that the hosts
- value is case sensitive.
- type: array
- items:
- type: string
- nullable: true
- https_redirect_status_code:
- description: >-
- The status code Kong responds with when all properties of a Route
- match except the protocol i.e. if the protocol of the request is
- `HTTP` instead of `HTTPS`. `Location` header is injected by Kong if
- the field is set to 301, 302, 307 or 308. Note: This config applies
- only if the Route is configured to only accept the `https` protocol.
- type: integer
- enum:
- - 426
- - 301
- - 302
- - 307
- - 308
- nullable: true
- id:
- type: string
- nullable: true
- methods:
- description: A list of HTTP methods that match this Route.
- type: array
- items:
- type: string
- nullable: true
- name:
- description: >-
- The name of the Route. Route names must be unique, and they are case
- sensitive. For example, there can be two different Routes named
- "test" and "Test".
- type: string
- nullable: true
- path_handling:
- description: >-
- Controls how the Service path, Route path and requested path are
- combined when sending a request to the upstream. See above for a
- detailed description of each behavior.
- type: string
- enum:
- - v0
- - v1
- nullable: true
- paths:
- description: A list of paths that match this Route.
- type: array
- items:
- type: string
- nullable: true
- preserve_host:
- description: >-
- When matching a Route via one of the `hosts` domain names, use the
- request `Host` header in the upstream request headers. If set to
- `false`, the upstream `Host` header will be that of the Service's
- `host`.
- type: boolean
- nullable: true
- protocols:
- description: >-
- An array of the protocols this Route should allow. See the [Route
- Object](#route-object) section for a list of accepted protocols.
- When set to only `"https"`, HTTP requests are answered with an
- upgrade error. When set to only `"http"`, HTTPS requests are
- answered with an error.
- type: array
- items:
- enum:
- - grpc
- - grpcs
- - http
- - https
- - tcp
- - tls
- - tls_passthrough
- - udp
- - ws
- - wss
- type: string
- nullable: true
- regex_priority:
- description: >-
- A number used to choose which route resolves a given request when
- several routes match it using regexes simultaneously. When two
- routes match the path and have the same `regex_priority`, the older
- one (lowest `created_at`) is used. Note that the priority for
- non-regex routes is different (longer non-regex routes are matched
- before shorter ones).
- type: integer
- nullable: true
- request_buffering:
- description: >-
- Whether to enable request body buffering or not. With HTTP 1.1, it
- may make sense to turn this off on services that receive data with
- chunked transfer encoding.
- type: boolean
- nullable: true
- response_buffering:
- description: >-
- Whether to enable response body buffering or not. With HTTP 1.1, it
- may make sense to turn this off on services that send data with
- chunked transfer encoding.
- type: boolean
- nullable: true
- service:
- description: >-
- The Service this Route is associated to. This is where the Route
- proxies traffic to.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- snis:
- description: A list of SNIs that match this Route when using stream routing.
- type: array
- items:
- type: string
- nullable: true
- sources:
- description: >-
- A list of IP sources of incoming connections that match this Route
- when using stream routing. Each entry is an object with fields "ip"
- (optionally in CIDR range notation) and/or "port".
- type: array
- items:
- properties:
- ip:
- type: string
- port:
- type: integer
- type: object
- nullable: true
- strip_path:
- description: >-
- When matching a Route via one of the `paths`, strip the matching
- prefix from the upstream request URL.
- type: boolean
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Route for grouping
- and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- hosts:
- - foo.example.com
- - foo.example.us
- id: 56c4566c-14cc-4132-9011-4139fcbbe50a
- name: example-route
- paths:
- - /v1
- - /v2
- service:
- id: bd380f99-659d-415e-b0e7-72ea05df3218
- additionalProperties: false
- RouteWithoutParents:
- description: >-
- Route entities define rules to match client requests. Each Route is
- associated with a Service, and a Service may have multiple Routes
- associated to it. Every request matching a given Route will be proxied
- to its associated Service. The combination of Routes and Services (and
- the separation of concerns between them) offers a powerful routing
- mechanism with which it is possible to define fine-grained entry-points
- in Kong leading to different upstream services of your infrastructure.
- You need at least one matching rule that applies to the protocol being
- matched by the Route.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- destinations:
- description: >-
- A list of IP destinations of incoming connections that match this
- Route when using stream routing. Each entry is an object with fields
- "ip" (optionally in CIDR range notation) and/or "port".
- type: array
- items:
- properties:
- ip:
- type: string
- port:
- type: integer
- type: object
- nullable: true
- headers:
- description: >-
- One or more lists of values indexed by header name that will cause
- this Route to match if present in the request. The `Host` header
- cannot be used with this attribute: hosts should be specified using
- the `hosts` attribute. When `headers` contains only one value and
- that value starts with the special prefix `~*`, the value is
- interpreted as a regular expression.
- type: object
- additionalProperties:
- type: string
- nullable: true
- hosts:
- description: >-
- A list of domain names that match this Route. Note that the hosts
- value is case sensitive.
- type: array
- items:
- type: string
- nullable: true
- https_redirect_status_code:
- description: >-
- The status code Kong responds with when all properties of a Route
- match except the protocol i.e. if the protocol of the request is
- `HTTP` instead of `HTTPS`. `Location` header is injected by Kong if
- the field is set to 301, 302, 307 or 308. Note: This config applies
- only if the Route is configured to only accept the `https` protocol.
- type: integer
- enum:
- - 426
- - 301
- - 302
- - 307
- - 308
- nullable: true
- id:
- type: string
- nullable: true
- methods:
- description: A list of HTTP methods that match this Route.
- type: array
- items:
- type: string
- nullable: true
- name:
- description: >-
- The name of the Route. Route names must be unique, and they are case
- sensitive. For example, there can be two different Routes named
- "test" and "Test".
- type: string
- nullable: true
- path_handling:
- description: >-
- Controls how the Service path, Route path and requested path are
- combined when sending a request to the upstream. See above for a
- detailed description of each behavior.
- type: string
- enum:
- - v0
- - v1
- nullable: true
- paths:
- description: A list of paths that match this Route.
- type: array
- items:
- type: string
- nullable: true
- preserve_host:
- description: >-
- When matching a Route via one of the `hosts` domain names, use the
- request `Host` header in the upstream request headers. If set to
- `false`, the upstream `Host` header will be that of the Service's
- `host`.
- type: boolean
- nullable: true
- protocols:
- description: >-
- An array of the protocols this Route should allow. See the [Route
- Object](#route-object) section for a list of accepted protocols.
- When set to only `"https"`, HTTP requests are answered with an
- upgrade error. When set to only `"http"`, HTTPS requests are
- answered with an error.
- type: array
- items:
- enum:
- - grpc
- - grpcs
- - http
- - https
- - tcp
- - tls
- - tls_passthrough
- - udp
- - ws
- - wss
- type: string
- nullable: true
- regex_priority:
- description: >-
- A number used to choose which route resolves a given request when
- several routes match it using regexes simultaneously. When two
- routes match the path and have the same `regex_priority`, the older
- one (lowest `created_at`) is used. Note that the priority for
- non-regex routes is different (longer non-regex routes are matched
- before shorter ones).
- type: integer
- nullable: true
- request_buffering:
- description: >-
- Whether to enable request body buffering or not. With HTTP 1.1, it
- may make sense to turn this off on services that receive data with
- chunked transfer encoding.
- type: boolean
- nullable: true
- response_buffering:
- description: >-
- Whether to enable response body buffering or not. With HTTP 1.1, it
- may make sense to turn this off on services that send data with
- chunked transfer encoding.
- type: boolean
- nullable: true
- snis:
- description: A list of SNIs that match this Route when using stream routing.
- type: array
- items:
- type: string
- nullable: true
- sources:
- description: >-
- A list of IP sources of incoming connections that match this Route
- when using stream routing. Each entry is an object with fields "ip"
- (optionally in CIDR range notation) and/or "port".
- type: array
- items:
- properties:
- ip:
- type: string
- port:
- type: integer
- type: object
- nullable: true
- strip_path:
- description: >-
- When matching a Route via one of the `paths`, strip the matching
- prefix from the upstream request URL.
- type: boolean
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Route for grouping
- and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- hosts:
- - foo.example.com
- - foo.example.us
- id: 56c4566c-14cc-4132-9011-4139fcbbe50a
- name: example-route
- paths:
- - /v1
- - /v2
- additionalProperties: false
- SNI:
- description: >-
- An SNI object represents a many-to-one mapping of hostnames to a
- certificate. That is, a certificate object can have many hostnames
- associated with it; when Kong receives an SSL request, it uses the SNI
- field in the Client Hello to lookup the certificate object based on the
- SNI associated with the certificate.
- type: object
- properties:
- certificate:
- description: >-
- The id (a UUID) of the certificate with which to associate the SNI
- hostname. The Certificate must have a valid private key associated
- with it to be used by the SNI object.
- type: object
- additionalProperties: false
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- nullable: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- name:
- description: The SNI name to associate with the given certificate.
- type: string
- tags:
- description: >-
- An optional set of strings associated with the SNIs for grouping and
- filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- certificate:
- id: bd380f99-659d-415e-b0e7-72ea05df3218
- id: 36c4566c-14cc-4132-9011-4139fcbbe50a
- name: some.example.org
- additionalProperties: false
- required:
- - name
- - certificate
- SNIWithoutParents:
- description: >-
- An SNI object represents a many-to-one mapping of hostnames to a
- certificate. That is, a certificate object can have many hostnames
- associated with it; when Kong receives an SSL request, it uses the SNI
- field in the Client Hello to lookup the certificate object based on the
- SNI associated with the certificate.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- id:
- type: string
- nullable: true
- name:
- description: The SNI name to associate with the given certificate.
- type: string
- tags:
- description: >-
- An optional set of strings associated with the SNIs for grouping and
- filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- id: 36c4566c-14cc-4132-9011-4139fcbbe50a
- name: some.example.org
- additionalProperties: false
- required:
- - name
- Service:
- description: >-
- Service entities, as the name implies, are abstractions of each of your
- own upstream services. Examples of Services would be a data
- transformation microservice, a billing API, etc. The main attribute of a
- Service is its URL (where Kong should proxy traffic to), which can be
- set as a single string or by specifying its `protocol`, `host`, `port`
- and `path` individually. Services are associated to Routes (a Service
- can have many Routes associated with it). Routes are entry-points in
- Kong and define rules to match client requests. Once a Route is matched,
- Kong proxies the request to its associated Service. See the [Proxy
- Reference][proxy-reference] for a detailed explanation of how Kong
- proxies traffic.
- type: object
- properties:
- ca_certificates:
- description: >-
- Array of `CA Certificate` object UUIDs that are used to build the
- trust store while verifying upstream server's TLS certificate. If
- set to `null` when Nginx default is respected. If default CA list in
- Nginx are not specified and TLS verification is enabled, then
- handshake with upstream server will always fail (because no CA are
- trusted).
- type: array
- items:
- type: string
- nullable: true
- client_certificate:
- description: >-
- Certificate to be used as client certificate while TLS handshaking
- to the upstream server.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- connect_timeout:
- description: >-
- The timeout in milliseconds for establishing a connection to the
- upstream server.
- type: integer
- nullable: true
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- enabled:
- description: >-
- Whether the Service is active. If set to `false`, the proxy behavior
- will be as if any routes attached to it do not exist (404). Default:
- `true`.
- type: boolean
- nullable: true
- host:
- description: >-
- The host of the upstream server. Note that the host value is case
- sensitive.
- type: string
- id:
- type: string
- nullable: true
- name:
- description: The Service name.
- type: string
- nullable: true
- path:
- description: The path to be used in requests to the upstream server.
- type: string
- nullable: true
- port:
- description: The upstream server port.
- type: integer
- protocol:
- description: The protocol used to communicate with the upstream.
- type: string
- enum:
- - grpc
- - grpcs
- - http
- - https
- - tcp
- - tls
- - tls_passthrough
- - udp
- - ws
- - wss
- read_timeout:
- description: >-
- The timeout in milliseconds between two successive read operations
- for transmitting a request to the upstream server.
- type: integer
- nullable: true
- retries:
- description: The number of retries to execute upon failure to proxy.
- type: integer
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Service for grouping
- and filtering.
- type: array
- items:
- type: string
- tls_verify:
- description: >-
- Whether to enable verification of upstream server TLS certificate.
- If set to `null`, then the Nginx default is respected.
- type: boolean
- nullable: true
- tls_verify_depth:
- description: >-
- Maximum depth of chain while verifying Upstream server's TLS
- certificate. If set to `null`, then the Nginx default is respected.
- type: integer
- nullable: true
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- url:
- description: >-
- Helper field to set `protocol`, `host`, `port` and `path` using a
- URL. This field is write-only and is not returned in responses.
- type: string
- writeOnly: true
- write_timeout:
- description: >-
- The timeout in milliseconds between two successive write operations
- for transmitting a request to the upstream server.
- type: integer
- nullable: true
- example:
- host: example.internal
- id: 49fd316e-c457-481c-9fc7-8079153e4f3c
- name: example-service
- path: /
- port: 80
- protocol: http
- additionalProperties: false
- required:
- - protocol
- - host
- - port
- Target:
- description: >-
- A target is an ip address/hostname with a port that identifies an
- instance of a backend service. Every upstream can have many targets, and
- the targets can be dynamically added, modified, or deleted. Changes take
- effect on the fly. To disable a target, post a new one with `weight=0`;
- alternatively, use the `DELETE` convenience method to accomplish the
- same. The current target object definition is the one with the latest
- `created_at`.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: number
- readOnly: true
- id:
- type: string
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Target for grouping
- and filtering.
- type: array
- items:
- type: string
- target:
- description: >-
- The target address (ip or hostname) and port. If the hostname
- resolves to an SRV record, the `port` value will be overridden by
- the value from the DNS record.
- type: string
- nullable: true
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: number
- readOnly: true
- upstream:
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- weight:
- description: >-
- The weight this target gets within the upstream loadbalancer
- (`0`-`65535`). If the hostname resolves to an SRV record, the
- `weight` value will be overridden by the value from the DNS record.
- type: integer
- nullable: true
- example:
- id: 089292a7-ba3d-4d88-acf0-97b4b2e2621a
- target: 203.0.113.42
- upstream:
- id: 5f1d7e76-2fed-4806-a6af-869984f025cb
- weight: 100
- additionalProperties: false
- TargetWithoutParents:
- description: >-
- A target is an ip address/hostname with a port that identifies an
- instance of a backend service. Every upstream can have many targets, and
- the targets can be dynamically added, modified, or deleted. Changes take
- effect on the fly. To disable a target, post a new one with `weight=0`;
- alternatively, use the `DELETE` convenience method to accomplish the
- same. The current target object definition is the one with the latest
- `created_at`.
- type: object
- properties:
- created_at:
- description: Unix epoch when the resource was created.
- type: number
- readOnly: true
- id:
- type: string
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Target for grouping
- and filtering.
- type: array
- items:
- type: string
- target:
- description: >-
- The target address (ip or hostname) and port. If the hostname
- resolves to an SRV record, the `port` value will be overridden by
- the value from the DNS record.
- type: string
- nullable: true
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: number
- readOnly: true
- weight:
- description: >-
- The weight this target gets within the upstream loadbalancer
- (`0`-`65535`). If the hostname resolves to an SRV record, the
- `weight` value will be overridden by the value from the DNS record.
- type: integer
- nullable: true
- example:
- id: 089292a7-ba3d-4d88-acf0-97b4b2e2621a
- target: 203.0.113.42
- weight: 100
- additionalProperties: false
- Upstream:
- description: >-
- The upstream object represents a virtual hostname and can be used to
- loadbalance incoming requests over multiple services (targets). So for
- example an upstream named `service.v1.xyz` for a Service object whose
- `host` is `service.v1.xyz`. Requests for this Service would be proxied
- to the targets defined within the upstream. An upstream also includes a
- [health checker][healthchecks], which is able to enable and disable
- targets based on their ability or inability to serve requests. The
- configuration for the health checker is stored in the upstream object,
- and applies to all of its targets.
- type: object
- properties:
- algorithm:
- description: Which load balancing algorithm to use.
- type: string
- enum:
- - consistent-hashing
- - least-connections
- - round-robin
- - latency
- nullable: true
- client_certificate:
- description: >-
- If set, the certificate to be used as client certificate while TLS
- handshaking to the upstream server.
- type: object
- additionalProperties: false
- nullable: true
- properties:
- id:
- type: string
- x-foreign: true
- x-speakeasy-terraform-plan-only: true
- default: null
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- hash_fallback:
- description: >-
- What to use as hashing input if the primary `hash_on` does not
- return a hash (eg. header is missing, or no Consumer identified).
- Not available if `hash_on` is set to `cookie`.
- type: string
- enum:
- - none
- - consumer
- - ip
- - header
- - cookie
- - path
- - query_arg
- - uri_capture
- nullable: true
- hash_fallback_header:
- description: >-
- The header name to take the value from as hash input. Only required
- when `hash_fallback` is set to `header`.
- type: string
- nullable: true
- hash_fallback_query_arg:
- description: >-
- The name of the query string argument to take the value from as hash
- input. Only required when `hash_fallback` is set to `query_arg`.
- type: string
- nullable: true
- hash_fallback_uri_capture:
- description: >-
- The name of the route URI capture to take the value from as hash
- input. Only required when `hash_fallback` is set to `uri_capture`.
- type: string
- nullable: true
- hash_on:
- description: >-
- What to use as hashing input. Using `none` results in a
- weighted-round-robin scheme with no hashing.
- type: string
- enum:
- - none
- - consumer
- - ip
- - header
- - cookie
- - path
- - query_arg
- - uri_capture
- nullable: true
- hash_on_cookie:
- description: >-
- The cookie name to take the value from as hash input. Only required
- when `hash_on` or `hash_fallback` is set to `cookie`. If the
- specified cookie is not in the request, Kong will generate a value
- and set the cookie in the response.
- type: string
- nullable: true
- hash_on_cookie_path:
- description: >-
- The cookie path to set in the response headers. Only required when
- `hash_on` or `hash_fallback` is set to `cookie`.
- type: string
- nullable: true
- hash_on_header:
- description: >-
- The header name to take the value from as hash input. Only required
- when `hash_on` is set to `header`.
- type: string
- nullable: true
- hash_on_query_arg:
- description: >-
- The name of the query string argument to take the value from as hash
- input. Only required when `hash_on` is set to `query_arg`.
- type: string
- nullable: true
- hash_on_uri_capture:
- description: >-
- The name of the route URI capture to take the value from as hash
- input. Only required when `hash_on` is set to `uri_capture`.
- type: string
- nullable: true
- healthchecks:
- type: object
- nullable: true
- properties:
- active:
- type: object
- properties:
- concurrency:
- type: integer
- headers:
- type: object
- additionalProperties:
- type: string
- healthy:
- type: object
- properties:
- http_statuses:
- type: array
- items:
- type: integer
- interval:
- type: number
- successes:
- type: integer
- http_path:
- type: string
- https_sni:
- type: string
- https_verify_certificate:
- type: boolean
- timeout:
- type: number
- type:
- type: string
- enum:
- - tcp
- - http
- - https
- - grpc
- - grpcs
- unhealthy:
- type: object
- properties:
- http_failures:
- type: integer
- http_statuses:
- type: array
- items:
- type: integer
- interval:
- type: number
- tcp_failures:
- type: integer
- timeouts:
- type: integer
- passive:
- type: object
- properties:
- healthy:
- type: object
- properties:
- http_statuses:
- type: array
- items:
- type: integer
- successes:
- type: integer
- type:
- type: string
- enum:
- - tcp
- - http
- - https
- - grpc
- - grpcs
- unhealthy:
- type: object
- properties:
- http_failures:
- type: integer
- http_statuses:
- type: array
- items:
- type: integer
- tcp_failures:
- type: integer
- timeouts:
- type: integer
- threshold:
- type: number
- host_header:
- description: >-
- The hostname to be used as `Host` header when proxying requests
- through Kong.
- type: string
- nullable: true
- id:
- type: string
- nullable: true
- name:
- description: This is a hostname, which must be equal to the `host` of a Service.
- type: string
- slots:
- description: >-
- The number of slots in the load balancer algorithm. If `algorithm`
- is set to `round-robin`, this setting determines the maximum number
- of slots. If `algorithm` is set to `consistent-hashing`, this
- setting determines the actual number of slots in the algorithm.
- Accepts an integer in the range `10`-`65536`.
- type: integer
- nullable: true
- tags:
- description: >-
- An optional set of strings associated with the Upstream for grouping
- and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- use_srv_name:
- description: >-
- If set, the balancer will use SRV hostname(if DNS Answer has SRV
- record) as the proxy upstream `Host`.
- type: boolean
- nullable: true
- example:
- algorithm: round-robin
- hash_fallback: none
- hash_on: none
- hash_on_cookie_path: /
- healthchecks:
- active:
- concurrency: 10
- healthy:
- http_statuses:
- - 200
- - 302
- interval: 0
- successes: 0
- http_path: /
- https_verify_certificate: true
- timeout: 1
- type: http
- unhealthy:
- http_failures: 0
- http_statuses:
- - 429
- - 404
- - 500
- - 501
- - 502
- - 503
- - 504
- - 505
- interval: 0
- tcp_failures: 0
- timeouts: 0
- passive:
- healthy:
- http_statuses:
- - 200
- - 201
- - 202
- - 203
- - 204
- - 205
- - 206
- - 207
- - 208
- - 226
- - 300
- - 301
- - 302
- - 303
- - 304
- - 305
- - 306
- - 307
- - 308
- successes: 0
- type: http
- unhealthy:
- http_failures: 0
- http_statuses:
- - 429
- - 500
- - 503
- tcp_failures: 0
- timeouts: 0
- threshold: 0
- id: 6eed5e9c-5398-4026-9a4c-d48f18a2431e
- name: api.example.internal
- slots: 10000
- additionalProperties: false
- required:
- - name
- Vault:
- description: >-
- Vault entities are used to configure different Vault connectors.
- Examples of Vaults are Environment Variables, Hashicorp Vault and AWS
- Secrets Manager. Configuring a Vault allows referencing the secrets with
- other entities. For example a certificate entity can store a reference
- to a certificate and key, stored in a vault, instead of storing the
- certificate and key within the entity. This allows a proper separation
- of secrets and configuration and prevents secret sprawl.
- type: object
- properties:
- config:
- description: >-
- The configuration properties for the Vault which can be found on the
- vaults' documentation page.
- type: object
- additionalProperties: true
- created_at:
- description: Unix epoch when the resource was created.
- type: integer
- readOnly: true
- description:
- description: The description of the Vault entity.
- type: string
- nullable: true
- id:
- type: string
- nullable: true
- name:
- description: >-
- The name of the Vault that's going to be added. Currently, the Vault
- implementation must be installed in every Kong instance.
- type: string
- prefix:
- description: >-
- The unique prefix (or identifier) for this Vault configuration. The
- prefix is used to load the right Vault configuration and
- implementation when referencing secrets with the other entities.
- type: string
- tags:
- description: >-
- An optional set of strings associated with the Vault for grouping
- and filtering.
- type: array
- items:
- type: string
- updated_at:
- description: Unix epoch when the resource was last updated.
- type: integer
- readOnly: true
- example:
- config:
- prefix: ENV_PREFIX
- description: environment variable based vault
- id: 2747d1e5-8246-4f65-a939-b392f1ee17f8
- name: env
- prefix: env
- tags:
- - foo
- - bar
- additionalProperties: false
- required:
- - name
- - prefix
- - config
- requestBodies:
- GroupMembershipAdd:
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/GroupMembership'
- description: >-
- Request body for adding a list of child control planes to a control
- plane group membership.
- GroupMembershipRemove:
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/GroupMembership'
- description: >-
- Request body for removing a list of child control planes from a control
- plane group membership.
- GroupMembershipUpsert:
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/GroupMembership'
- description: >-
- Request body for upserting a list of child control planes to a control
- plane group membership.
- UpdateImpersonationSettingsRequest:
- content:
- application/json:
- schema:
- type: object
- properties:
- enabled:
- description: >-
- Indicates if user impersonation is allowed for the
- organization.
- type: boolean
- example: true
- description: The request schema for adding a system account to a team.
- UpdateUser:
- description: The request schema for the update user request.
- content:
- application/json:
- schema:
- type: object
- properties:
- full_name:
- description: The user's full name.
- type: string
- example: James C. Woods
- pattern: ^[\w \W]+$
- writeOnly: true
- preferred_name:
- description: The user's desired name.
- type: string
- example: Jimmy
- maxLength: 250
- writeOnly: true
- CreateTeam:
- description: >-
- The request schema for the create team request.
-
-
- If you pass the same `name` and `description` of an existing team in the
- request, a team with the same `name` and `description` will be created.
- The two teams will have different `team_id` values to differentiate
- them.
- content:
- application/json:
- schema:
- x-speakeasy-entity: Team
- type: object
- properties:
- name:
- description: A name for the team being created.
- type: string
- example: IDM - Developers
- pattern: ^[\w \W]+$
- writeOnly: true
- description:
- description: The description of the new team.
- type: string
- example: The Identity Management (IDM) team.
- maxLength: 250
- writeOnly: true
- labels:
- $ref: '#/components/schemas/Labels'
- required:
- - name
- UpdateTeam:
- description: The request schema for the update team request.
- content:
- application/json:
- schema:
- x-speakeasy-entity: Team
- type: object
- properties:
- name:
- description: The name of the team.
- type: string
- example: IDM - Developers
- pattern: ^[\w \W]+$
- writeOnly: true
- description:
- description: The description of the team.
- type: string
- example: The Identity Management (IDM) API team.
- maxLength: 250
- writeOnly: true
- labels:
- $ref: '#/components/schemas/LabelsUpdate'
- AddUserToTeam:
- description: The request schema for adding a user to a team.
- content:
- application/json:
- schema:
- type: object
- properties:
- id:
- description: The user ID for the user being added to a team.
- type: string
- format: uuid
- example: df120cb4-f60b-47bc-a2f8-6a28e6a3c63b
- writeOnly: true
- x-speakeasy-name-override: user_id
- required:
- - id
- UpdateTeamMappings:
- content:
- application/json:
- schema:
- type: object
- properties:
- mappings:
- description: The mappings object.
- type: array
- items:
- type: object
- properties:
- group:
- type: string
- team_ids:
- type: array
- items:
- type: string
- example:
- mappings:
- - group: Service Developers
- team_ids:
- - af91db4c-6e51-403e-a2bf-33d27ae50c0a
- description: The request schema for updating IdP team mappings.
- PatchTeamGroupMappings:
- content:
- application/json:
- schema:
- type: object
- properties:
- data:
- description: The IdP groups to map to the given team.
- type: array
- items:
- type: object
- properties:
- team_id:
- type: string
- format: uuid
- groups:
- type: array
- items:
- type: string
- example:
- data:
- - group: Service Developers
- team_ids:
- - af91db4c-6e51-403e-a2bf-33d27ae50c0a
- description: >-
- The request schema for a partial update of mappings from Konnect Teams
- to IdP Groups.
- AssignRole:
- content:
- application/json:
- schema:
- description: >-
- An assigned role is a role that has been assigned to a user or
- team.
- type: object
- properties:
- role_name:
- description: The desired role.
- type: string
- example: Viewer
- enum:
- - Admin
- - Appearance Maintainer
- - Application Registration
- - Certificate Admin
- - Cloud Gateway Cluster Admin
- - Cloud Gateway Cluster Viewer
- - Consumer Admin
- - Creator
- - Deployer
- - Discovery Admin
- - Discovery Viewer
- - Gateway Service Admin
- - Integration Admin
- - Integration Viewer
- - Key Admin
- - Maintainer
- - Network Admin
- - Network Creator
- - Network Viewer
- - Plugin Admin
- - Plugins Admin
- - Product Publisher
- - Publisher
- - Route Admin
- - SNI Admin
- - Service Admin
- - Service Creator
- - Service Viewer
- - Upstream Admin
- - Vault Admin
- - Viewer
- entity_id:
- description: The ID of the entity.
- type: string
- format: uuid
- example: e67490ce-44dc-4cbd-b65e-b52c746fc26a
- entity_type_name:
- description: The type of entity.
- type: string
- example: Control Planes
- enum:
- - APIs
- - API Products
- - Application Auth Strategies
- - Audit Logs
- - Control Planes
- - DCR Providers
- - Identity
- - Mesh Control Planes
- - Networks
- - Portals
- - Service Hub
- entity_region:
- description: The region of the team.
- type: string
- example: eu
- enum:
- - us
- - eu
- - au
- - me
- - '*'
- description: The request schema for assigning a role.
- InviteUser:
- content:
- application/json:
- schema:
- type: object
- properties:
- email:
- type: string
- format: email
- example: james.c.woods@example.com
- writeOnly: true
- required:
- - email
- description: >-
- The request schema for the invite user request.
-
-
- If you pass an `email` that is not already an active user in the
- request, a fresh invitation email will be created and sent to the new
- user.
- CreateSystemAccount:
- content:
- application/json:
- schema:
- x-speakeasy-entity: SystemAccount
- type: object
- properties:
- name:
- description: Name of the system account.
- type: string
- description:
- description: >-
- Description of the system account. Useful when the system
- account name is not sufficient to differentiate one system
- account from another.
- type: string
- konnect_managed:
- description: The system account is managed by Konnect (true/false).
- type: boolean
- required:
- - name
- - description
- description: The request schema to create a system account.
- UpdateSystemAccount:
- content:
- application/json:
- schema:
- x-speakeasy-entity: SystemAccount
- type: object
- properties:
- name:
- description: Name of the system account.
- type: string
- description:
- description: Description of the system account.
- type: string
- description: The request schema for the update system account request.
- UpdateSystemAccountAccessToken:
- content:
- application/json:
- schema:
- x-speakeasy-entity: SystemAccountAccessToken
- type: object
- properties:
- name:
- description: Name of the system account access token.
- type: string
- CreateSystemAccountAccessToken:
- content:
- application/json:
- schema:
- x-speakeasy-entity: SystemAccountAccessToken
- type: object
- properties:
- name:
- type: string
- expires_at:
- type: string
- format: date-time
- description: The request body to create a system account access token.
- AddSystemAccountToTeam:
- content:
- application/json:
- schema:
- x-speakeasy-entity: SystemAccountTeam
- type: object
- properties:
- id:
- description: ID of the system account.
- type: string
- format: uuid
- x-speakeasy-name-override: account_id
- description: The request schema for adding a system account to a team.
- UpdateAuthenticationSettings:
- description: The request schema to update an organization's authentication settings.
- content:
- application/json:
- schema:
- type: object
- properties:
- basic_auth_enabled:
- description: The organization has basic auth enabled.
- type: boolean
- example: true
- oidc_auth_enabled:
- description: The organization has OIDC disabled.
- type: boolean
- example: false
- saml_auth_enabled:
- description: The organization has SAML disabled.
- type: boolean
- example: false
- idp_mapping_enabled:
- description: Whether IdP groups determine the Konnect teams a user has.
- type: boolean
- example: true
- konnect_mapping_enabled:
- description: Whether a Konnect Identity Admin assigns teams to a user.
- type: boolean
- example: false
- UpdateIdPConfiguration:
- content:
- application/json:
- schema:
- type: object
- properties:
- issuer:
- type: string
- format: uri
- example: https://myidp.com/oauth2
- login_path:
- type: string
- example: myapp
- client_id:
- type: string
- example: YOUR_CLIENT_ID
- client_secret:
- type: string
- example: YOUR_CLIENT_SECRET
- scopes:
- type: array
- items:
- type: string
- claim_mappings:
- type: object
- minProperties: 3
- properties:
- name:
- type: string
- example: name
- email:
- type: string
- example: email
- groups:
- type: string
- example: custom-group-claim
- description: The request schema for the update IdP configuration request.
- DataPlaneClientCertificateRequest:
- content:
- application/json:
- schema:
- type: object
- properties:
- cert:
- description: JSON escaped string of the certificate.
- type: string
- required:
- - cert
- description: Request body for creating a dp-client-certificate.
- create-plugin-schemas:
- content:
- application/json:
- schema:
- x-speakeasy-entity: GatewayCustomPluginSchema
- type: object
- properties:
- lua_schema:
- description: |
- The custom plugin schema; `jq -Rs '.' schema.lua`.
- type: string
- example: >-
- return { name = \"myplugin\", fields = { { config = { type =
- \"record\", fields = { } } } } }
- required:
- - lua_schema
- responses:
- RetrieveControlPlaneResponse:
- description: A response to retrieving a single control plane.
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/ControlPlane'
- CreateControlPlaneResponse:
- description: A response to creating a control plane.
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/ControlPlane'
- UpdateControlPlaneResponse:
- description: A response to updating a control plane.
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/ControlPlane'
- ListControlPlanesResponse:
- description: A paginated list response for a collection of control planes.
+ A paginated list response for a collection of control plane group
+ memberships.
content:
application/json:
schema:
type: object
- properties:
- meta:
- $ref: '#/components/schemas/PaginatedMeta'
- data:
- type: array
- items:
- $ref: '#/components/schemas/ControlPlane'
- additionalProperties: false
required:
- meta
- data
- title: ListControlPlanesResponse
- ControlPlanesBadRequest:
- description: Bad Request
- content:
- application/problem+json:
- schema:
- $ref: '#/components/schemas/BadRequestError'
- ControlPlanePermissionDenied:
- description: Permission denied
- content:
- application/problem+json:
- schema:
- $ref: '#/components/schemas/ForbiddenError'
- ControlPlaneUnauthenticated:
- description: Unauthenticated
- content:
- application/problem+json:
- schema:
- $ref: '#/components/schemas/UnauthorizedError'
- ControlPlaneNotFound:
- description: Not Found
- content:
- application/problem+json:
- schema:
- $ref: '#/components/schemas/NotFoundError'
- ControlPlaneConflict:
- description: Conflict
- content:
- application/problem+json:
- schema:
- $ref: '#/components/schemas/ConflictError'
- InternalServerError:
- description: Internal Server Error
- content:
- application/problem+json:
- schema:
- description: The error response object.
- type: object
- properties:
- status:
- description: The HTTP status code.
- type: integer
- example: 500
- enum:
- - 500
- title:
- description: The error response code.
- type: string
- example: Internal Server Error
- instance:
- description: The Konnect traceback code
- type: string
- example: konnect:trace:2287285207635123011
- detail:
- description: Details about the error.
- type: string
- example: >-
- Could not propagate control plane changes to control plane
- cluster service.
- required:
- - status
- - title
- - instance
- title: InternalServerError
- ServiceUnavailable:
- description: Service Unavailable
- content:
- application/problem+json:
- schema:
- description: Error response for temporary service unavailability.
- type: object
- properties:
- status:
- description: The HTTP status code.
- type: integer
- example: 503
- enum:
- - 503
- title:
- description: The error response code.
- type: string
- example: Service Unavailable
- instance:
- description: The Konnect traceback code
- type: string
- example: konnect:trace:2287285207635123011
- detail:
- description: Details about the error.
- type: string
- example: >-
- Could not retrieve permissions to check resource
- accessibility.
- required:
- - status
- - title
- - instance
- title: ServiceUnavailableError
- ListGroupMemberships:
- description: >-
- A paginated list response for a collection of control plane group
- memberships.
- content:
- application/json:
- schema:
- type: object
properties:
meta:
$ref: '#/components/schemas/CursorPaginatedMetaWithSizeAndTotal'
data:
+ type: array
description: >-
Array of control planes summary who are a child to this
control plane group.
- type: array
items:
$ref: '#/components/schemas/ControlPlane'
- required:
- - meta
- - data
GetGroupStatus:
description: Status of a control plane group, including existing conflicts.
content:
@@ -9638,27 +6027,27 @@ components:
content:
application/problem+json:
schema:
- description: The error response object.
+ $ref: '#/components/schemas/UnauthorizedError'
type: object
+ title: Unauthorized Response
+ description: The error response object.
properties:
status:
- description: The HTTP status code.
type: integer
example: 403
+ description: The HTTP status code.
title:
- description: The Error Response.
type: string
+ description: The Error Response.
example: Unauthorized
instance:
- description: The Konnect traceback code.
type: string
+ description: The Konnect traceback code.
example: konnect:trace:952172606039454040
detail:
- description: Details about the error response.
type: string
+ description: Details about the error response.
example: You do not have permission to perform this action
- $ref: '#/components/schemas/UnauthorizedError'
- title: Unauthorized Response
Forbidden:
description: Forbidden
content:
@@ -9677,24 +6066,24 @@ components:
application/json:
schema:
type: object
+ title: Get Impersonation Settings Response
properties:
enabled:
- description: The organization has user impersonation enabled.
type: boolean
example: true
- title: Get Impersonation Settings Response
+ description: The organization has user impersonation enabled.
UpdateImpersonationSettingsResponse:
description: Response for Update Impersonation Settings endpoint
content:
application/json:
schema:
type: object
+ title: Update Impersonation Settings Response
properties:
enabled:
- description: The organization has user impersonation enabled.
type: boolean
example: true
- title: Update Impersonation Settings Response
+ description: The organization has user impersonation enabled.
UserSingle:
description: A get action response of a single user.
content:
@@ -9707,6 +6096,7 @@ components:
application/json:
schema:
type: object
+ title: User Collection Response
properties:
meta:
$ref: '#/components/schemas/PaginatedMeta'
@@ -9714,7 +6104,6 @@ components:
type: array
items:
$ref: '#/components/schemas/User'
- title: User Collection Response
TeamSingle:
description: A response including a single team.
content:
@@ -9727,6 +6116,7 @@ components:
application/json:
schema:
type: object
+ title: Team Collection Response
properties:
meta:
$ref: '#/components/schemas/PaginatedMeta'
@@ -9734,25 +6124,25 @@ components:
type: array
items:
$ref: '#/components/schemas/Team'
- title: Team Collection Response
TeamMappingCollection:
description: A paginated list response for a collection of team mappings.
content:
application/json:
schema:
type: object
+ title: Team Mapping Collection Response
properties:
data:
type: array
items:
$ref: '#/components/schemas/TeamMapping'
- title: Team Mapping Collection Response
TeamGroupMappingCollection:
description: A paginated collection of mappings grouped by team_id.
content:
application/json:
schema:
type: object
+ title: Team Group Mapping Collection Response
properties:
meta:
$ref: '#/components/schemas/PaginatedMeta'
@@ -9760,7 +6150,6 @@ components:
type: array
items:
$ref: '#/components/schemas/TeamGroupMapping'
- title: Team Group Mapping Collection Response
AssignedRoleSingle:
description: A get action response of a single assigned role.
content:
@@ -9773,43 +6162,43 @@ components:
application/json:
schema:
type: object
+ title: Assigned Role Collection Response
properties:
meta:
$ref: '#/components/schemas/PaginatedMeta'
data:
- description: An Array
type: array
+ description: An Array
items:
$ref: '#/components/schemas/AssignedRole'
- title: Assigned Role Collection Response
AuthenticationSettings:
description: Response for authentication settings endpoint
content:
application/json:
schema:
type: object
+ title: Authentication Settings Response
properties:
basic_auth_enabled:
- description: The organization has basic auth enabled.
type: boolean
example: true
+ description: The organization has basic auth enabled.
oidc_auth_enabled:
- description: The organization has OIDC disabled.
type: boolean
example: false
+ description: The organization has OIDC disabled.
saml_auth_enabled:
- description: The organization has SAML disabled.
type: boolean
example: false
+ description: The organization has SAML disabled.
idp_mapping_enabled:
- description: IdP groups determine the Konnect teams a user has.
type: boolean
example: true
+ description: IdP groups determine the Konnect teams a user has.
konnect_mapping_enabled:
- description: A Konnect Identity Admin assigns teams to a user.
type: boolean
example: false
- title: Authentication Settings Response
+ description: A Konnect Identity Admin assigns teams to a user.
IdentityBadRequest:
description: Bad Request
content:
@@ -9833,51 +6222,51 @@ components:
content:
application/problem+json:
schema:
- description: The error response object.
type: object
+ title: Precondition Failed Response
+ description: The error response object.
properties:
status:
- description: The HTTP status code.
type: integer
+ description: The HTTP status code.
example: 412
title:
- description: The error response code.
type: string
+ description: The error response code.
example: Precondition Failed
instance:
- description: The Konnect traceback code.
type: string
+ description: The Konnect traceback code.
example: konnect:trace:1896611024257578096
detail:
- description: Details about the error response.
type: string
+ description: Details about the error response.
example: IdP configuration not found
- title: Precondition Failed Response
RateLimited:
description: Rate Limited
content:
application/problem+json:
schema:
- description: The error object
type: object
+ title: Rate Limited Response
+ description: The error object
properties:
status:
- description: The HTTP response code
type: integer
+ description: The HTTP response code
example: 429
title:
- description: The Error response
type: string
example: Rate Limited
+ description: The Error response
instance:
- description: The Konnect traceback ID.
type: string
+ description: The Konnect traceback ID.
example: konnect:trace:3674017986744198214
detail:
- description: Detailed explanation of the error response.
type: string
+ description: Detailed explanation of the error response.
example: Too many requests
- title: Rate Limited Response
IdentityUnauthenticated:
description: Unauthenticated
content:
@@ -9896,26 +6285,27 @@ components:
application/json:
schema:
type: object
+ title: Team Mapping Response
properties:
meta:
- description: Contains pagination data.
type: object
+ description: Contains pagination data.
properties:
page:
- description: The page object.
type: object
+ description: The page object.
properties:
number:
- description: Page number.
type: integer
+ description: Page number.
example: 1
size:
- description: Page size.
type: integer
+ description: Page size.
example: 9
total:
- description: Total number of results.
type: integer
+ description: Total number of results.
example: 5
data:
type: array
@@ -9923,26 +6313,29 @@ components:
type: object
properties:
group:
- description: Group names.
type: string
+ description: Group names.
example: 111(@&*$)(@*#_@(gfds re gdsf dfg
team_ids:
- description: Team ID's that belong to the specified group.
type: array
+ description: Team ID's that belong to the specified group.
items:
type: string
example: 3df49db8-39ff-490d-9fe1-251a3361fb13
- title: Team Mapping Response
Roles:
description: The predefined, or system managed, roles.
content:
application/json:
schema:
type: object
+ title: Roles Response
properties:
control_planes:
type: object
additionalProperties: false
+ required:
+ - name
+ - roles
properties:
name:
type: string
@@ -9954,6 +6347,9 @@ components:
admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -9968,12 +6364,12 @@ components:
- >-
This role grants full write access to all
entities within a control plane.
- required:
- - name
- - description
certificate_admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -9988,12 +6384,12 @@ components:
- >-
This role grants full write access to administer
certificates.
- required:
- - name
- - description
consumer_admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10008,12 +6404,12 @@ components:
- >-
This role grants full write access to administer
consumers.
- required:
- - name
- - description
creator:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10030,12 +6426,12 @@ components:
Creates a new Control Plane in an organization.
The creator becomes the owner of the Control
Plane they create.
- required:
- - name
- - description
deployer:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10052,12 +6448,12 @@ components:
This role grants full write access to administer
services, routes and plugins necessary to deploy
services in Service Hub.
- required:
- - name
- - description
gateway_service_admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10072,12 +6468,12 @@ components:
- >-
This role grants full write access to administer
gateway services.
- required:
- - name
- - description
plugin_admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10092,12 +6488,12 @@ components:
- >-
This role grants full write access to administer
plugins.
- required:
- - name
- - description
route_admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10112,12 +6508,12 @@ components:
- >-
This role grants full write access to administer
routes.
- required:
- - name
- - description
sni_admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10132,12 +6528,12 @@ components:
- >-
This role grants full write access to administer
SNIs.
- required:
- - name
- - description
upstream_admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10152,12 +6548,12 @@ components:
- >-
This role grants full write access to administer
upstreams.
- required:
- - name
- - description
viewer:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10172,15 +6568,12 @@ components:
- >-
This role grants read only access to all
entities within a control plane.
- required:
- - name
- - description
- required:
- - name
- - roles
api_products:
type: object
additionalProperties: false
+ required:
+ - name
+ - roles
properties:
name:
type: string
@@ -10192,6 +6585,9 @@ components:
admin:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10206,12 +6602,12 @@ components:
- >-
This role grants full write access to an API
product and its versions.
- required:
- - name
- - description
application_registration:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10224,117 +6620,259 @@ components:
application registration on an API product.
enum:
- >-
- This role grants permission to enable and
- disable application registration on an API
- product.
+ This role grants permission to enable and
+ disable application registration on an API
+ product.
+ creator:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - description
+ properties:
+ name:
+ type: string
+ enum:
+ - Creator
+ description:
+ type: string
+ example: >-
+ This access is required to create API products.
+ This access is not for creating sub-entities such
+ as versions, API specs, etc.
+ enum:
+ - >-
+ This access is required to create API products.
+ This access is not for creating sub-entities
+ such as versions, API specs, etc.
+ deployer:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - description
+ properties:
+ name:
+ type: string
+ enum:
+ - Deployer
+ description:
+ type: string
+ example: >-
+ This role grants permission to deploy and remove
+ an API product from a control plane.
+ enum:
+ - >-
+ This role grants permission to deploy and remove
+ an API product from a control plane.
+ maintainer:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - description
+ properties:
+ name:
+ type: string
+ enum:
+ - Maintainer
+ description:
+ type: string
+ example: >-
+ This role grants all write permission to manage an
+ API product and to administer plugins.
+ enum:
+ - >-
+ This role grants all write permission to manage
+ an API product and to administer plugins.
+ plugins_admin:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - description
+ properties:
+ name:
+ type: string
+ enum:
+ - Plugins Admin
+ description:
+ type: string
+ example: >-
+ This role grants full write permission to
+ administer plugins.
+ enum:
+ - >-
+ This role grants full write permission to
+ administer plugins.
+ publisher:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - description
+ properties:
+ name:
+ type: string
+ enum:
+ - Publisher
+ description:
+ type: string
+ example: >-
+ This role grants permission to publish an API
+ product to one or more portals.
+ enum:
+ - >-
+ This role grants permission to publish an API
+ product to one or more portals.
+ viewer:
+ type: object
+ additionalProperties: false
required:
- name
- description
- creator:
- type: object
- additionalProperties: false
properties:
name:
type: string
enum:
- - Creator
+ - Viewer
description:
type: string
example: >-
- This access is required to create API products.
- This access is not for creating sub-entities such
- as versions, API specs, etc.
+ Viewer has read-only access to an API product and
+ its sub-entities.
enum:
- >-
- This access is required to create API products.
- This access is not for creating sub-entities
- such as versions, API specs, etc.
+ Viewer has read-only access to an API product
+ and its sub-entities.
+ audit_logs:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - roles
+ properties:
+ name:
+ type: string
+ enum:
+ - Audit Logs
+ roles:
+ type: object
+ properties:
+ admin:
+ type: object
+ additionalProperties: false
required:
- name
- description
- deployer:
- type: object
- additionalProperties: false
properties:
name:
type: string
enum:
- - Deployer
+ - Admin
description:
type: string
example: >-
- This role grants permission to deploy and remove
- an API product from a control plane.
+ This role grants full write access to the Audit
+ log configuration.
enum:
- >-
- This role grants permission to deploy and remove
- an API product from a control plane.
+ This role grants full write access to the Audit
+ log configuration.
+ identity:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - roles
+ properties:
+ name:
+ type: string
+ enum:
+ - Identity
+ roles:
+ type: object
+ properties:
+ admin:
+ type: object
+ additionalProperties: false
required:
- name
- description
- maintainer:
- type: object
- additionalProperties: false
properties:
name:
type: string
enum:
- - Maintainer
+ - Admin
description:
type: string
example: >-
- This role grants all write permission to manage an
- API product and to administer plugins.
+ This role grants full write access to the Identity
+ configuration.
enum:
- >-
- This role grants all write permission to manage
- an API product and to administer plugins.
+ This role grants full write access to the
+ Identity configuration.
+ mesh_control_planes:
+ type: object
+ additionalProperties: false
+ required:
+ - name
+ - roles
+ properties:
+ name:
+ type: string
+ enum:
+ - Mesh Control Plane
+ roles:
+ type: object
+ properties:
+ admin:
+ type: object
+ additionalProperties: false
required:
- name
- description
- plugins_admin:
- type: object
- additionalProperties: false
properties:
name:
type: string
enum:
- - Plugins Admin
+ - Admin
description:
type: string
example: >-
- This role grants full write permission to
- administer plugins.
+ This role grants full write access to the related
+ to Mesh control planes.
enum:
- >-
- This role grants full write permission to
- administer plugins.
+ This role grants full write access to the
+ related to Mesh control planes.
+ creator:
+ type: object
+ additionalProperties: false
required:
- name
- description
- publisher:
- type: object
- additionalProperties: false
properties:
name:
type: string
enum:
- - Publisher
+ - Creator
description:
type: string
example: >-
- This role grants permission to publish an API
- product to one or more portals.
+ This role grants access to create new Mesh control
+ planes.
enum:
- >-
- This role grants permission to publish an API
- product to one or more portals.
- required:
- - name
- - description
+ This role grants access to create new Mesh
+ control planes.
viewer:
type: object
additionalProperties: false
+ required:
+ - name
+ - description
properties:
name:
type: string
@@ -10343,799 +6881,4264 @@ components:
description:
type: string
example: >-
- Viewer has read-only access to an API product and
- its sub-entities.
+ This role grants access to read-only permissions
+ to Mesh control planes.
enum:
- >-
- Viewer has read-only access to an API product
- and its sub-entities.
- required:
- - name
- - description
- required:
- - name
- - roles
- audit_logs:
+ This role grants access to read-only permissions
+ to Mesh control planes.
+ SystemAccountCollection:
+ description: A paginated list response for a collection of system accounts.
+ content:
+ application/json:
+ schema:
+ type: object
+ title: System Account Collection Response
+ properties:
+ meta:
+ $ref: '#/components/schemas/PaginatedMeta'
+ data:
+ type: array
+ items:
+ $ref: '#/components/schemas/SystemAccount'
+ SystemAccountSingle:
+ description: A response including a single system account.
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SystemAccount'
+ SystemAccountAccessTokenSingle:
+ description: A response including a single system account access token.
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SystemAccountAccessToken'
+ SystemAccountAccessTokenCollection:
+ description: >-
+ A paginated list response for a collection of system accounts access
+ tokens.
+ content:
+ application/json:
+ schema:
+ type: object
+ title: System Account Access Token Collection Reponse
+ properties:
+ meta:
+ $ref: '#/components/schemas/PaginatedMeta'
+ data:
+ type: array
+ items:
+ $ref: '#/components/schemas/SystemAccountAccessToken'
+ SystemAccountAccessTokenCreated:
+ description: >-
+ A response including a single system account access token with the
+ token.
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: SystemAccountAccessToken
+ type: object
+ title: System Account Access Token Created Response
+ example:
+ id: 497f6eca-6276-4993-bfeb-53cbbbba6f08
+ name: Sample Access Token
+ created_at: '2022-08-01T14:16:09Z'
+ updated_at: '2022-08-02T08:35:49Z'
+ expires_at: '2022-12-31T12:52:23Z'
+ last_used_at: '2022-10-24T13:05:42Z'
+ properties:
+ id:
+ type: string
+ description: ID of the system account access token.
+ format: uuid
+ readOnly: true
+ name:
+ type: string
+ description: Name of the system account access token.
+ created_at:
+ type: string
+ description: Timestamp of when the system account access token was created.
+ format: date-time
+ readOnly: true
+ updated_at:
+ type: string
+ description: >-
+ Timestamp of when the system account access token was last
+ updated.
+ format: date-time
+ readOnly: true
+ expires_at:
+ type: string
+ description: Timestamp of when the system account access token will expire.
+ format: date-time
+ readOnly: true
+ last_used_at:
+ type: string
+ description: >-
+ Timestamp of when the system account access token was last
+ used.
+ format: date-time
+ readOnly: true
+ token:
+ type: string
+ description: The token of the system account access token.
+ readOnly: true
+ MeOrganization:
+ description: Me Organization
+ content:
+ application/json:
+ schema:
+ type: object
+ title: Me Organization Response
+ example:
+ id: d99c041a-c7cf-46a2-bf3a-44bb5f75400e
+ name: string
+ owner_id: 1c9c3848-5897-4f2c-beed-df6f3e3adb37
+ created_at: '2023-01-23T17:22:52.150Z'
+ updated_at: '2023-01-23T17:22:52.150Z'
+ state: active
+ retention_period_days: 90
+ properties:
+ id:
+ type: string
+ description: UUID of the organization.
+ format: uuid
+ readOnly: true
+ name:
+ type: string
+ description: Name of the organization.
+ owner_id:
+ type: string
+ description: Owner ID of the organization.
+ login_path:
+ type: string
+ description: >-
+ Path to organization-specific login when single sign on (SSO)
+ is enabled. Blank otherwise.
+ created_at:
+ type: string
+ description: Date the organization was created.
+ format: date-time
+ readOnly: true
+ updated_at:
+ type: string
+ description: Date the organization was last updated.
+ format: date-time
+ readOnly: true
+ state:
+ type: string
+ description: State of the organization
+ enum:
+ - active
+ - inactive
+ - deleting
+ - deleted
+ retention_period_days:
+ type: integer
+ description: >-
+ The number of days an organization spends inactive before
+ being deleted.
+ IdPConfiguration:
+ description: A get action response of the IdP configuration.
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/IdP'
+ DataPlaneClientCertificateResponse:
+ description: Response body for retrieving a dp-client-certificate.
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DataPlaneClientCertificate'
+ GetExpectedConfigHashResponse:
+ description: >-
+ Response body for retrieving the expected config hash of the control
+ plane.
+ content:
+ application/json:
+ schema:
+ type: object
+ required:
+ - expected_hash
+ - created_at
+ - updated_at
+ properties:
+ expected_hash:
+ type: string
+ description: The expected configuration hash.
+ created_at:
+ type: integer
+ description: Date the control plane configuration was created.
+ updated_at:
+ type: integer
+ description: Date the control plane configuration was last updated.
+ ListDataPlaneCertificatesResponse:
+ description: Example response
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ items:
+ type: array
+ items:
+ $ref: '#/components/schemas/DataPlaneClientCertificate'
+ page:
type: object
- additionalProperties: false
properties:
- name:
+ total:
+ type: integer
+ list-nodes:
+ description: Example response
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ items:
+ type: array
+ items:
+ type: object
+ properties:
+ id:
+ type: string
+ version:
+ type: string
+ hostname:
+ type: string
+ last_ping:
+ type: integer
+ type:
+ type: string
+ created_at:
+ type: integer
+ updated_at:
+ type: integer
+ config_hash:
+ type: string
+ compatibility_status:
+ type: object
+ properties:
+ state:
+ type: string
+ page:
+ type: object
+ properties:
+ total:
+ type: integer
+ next:
type: string
- enum:
- - Audit Logs
- roles:
+ list-nodes-eol:
+ description: Example response
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ items:
+ type: array
+ items:
+ type: object
+ properties:
+ node_id:
+ type: string
+ node_version:
+ type: string
+ message:
+ type: string
+ page:
+ type: object
+ properties:
+ total:
+ type: integer
+ get-node:
+ description: Example response
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ item:
+ type: object
+ properties:
+ id:
+ type: string
+ version:
+ type: string
+ hostname:
+ type: string
+ last_ping:
+ type: integer
+ type:
+ type: string
+ created_at:
+ type: integer
+ updated_at:
+ type: integer
+ config_hash:
+ type: string
+ compatibility_status:
type: object
properties:
- admin:
- type: object
- additionalProperties: false
- properties:
- name:
- type: string
- enum:
- - Admin
- description:
- type: string
- example: >-
- This role grants full write access to the Audit
- log configuration.
- enum:
- - >-
- This role grants full write access to the Audit
- log configuration.
- required:
- - name
- - description
- required:
- - name
- - roles
- identity:
+ state:
+ type: string
+ list-plugin-schemas:
+ description: A paginated list response for a collection of custom plugin schemas.
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ items:
+ type: array
+ items:
+ type: object
+ properties:
+ lua_schema:
+ type: string
+ description: The custom plugin schema; `jq -Rs '.' schema.lua`.
+ example: >-
+ return { name = \"myplugin\", fields = { { config = {
+ type = \"record\", fields = { } } } } }
+ name:
+ type: string
+ description: >-
+ The custom plugin name determined by the custom plugin
+ schema.
+ example: myplugin
+ created_at:
+ type: integer
+ description: >-
+ An ISO-8604 timestamp representation of custom plugin
+ schema creation date.
+ example: 1422386534
+ updated_at:
+ type: integer
+ description: >-
+ An ISO-8604 timestamp representation of custom plugin
+ schema update date.
+ example: 1422412345
+ page:
+ type: object
+ properties:
+ total:
+ type: integer
+ plugin-schemas:
+ description: A response for a single custom plugin schema.
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ item:
+ x-speakeasy-entity: GatewayCustomPluginSchema
type: object
- additionalProperties: false
properties:
+ lua_schema:
+ type: string
+ description: The custom plugin schema; `jq -Rs '.' schema.lua`.
+ example: >-
+ return { name = \"myplugin\", fields = { { config = { type
+ = \"record\", fields = { } } } } }
name:
type: string
- enum:
- - Identity
- roles:
- type: object
- properties:
- admin:
- type: object
- additionalProperties: false
- properties:
- name:
- type: string
- enum:
- - Admin
- description:
- type: string
- example: >-
- This role grants full write access to the Identity
- configuration.
- enum:
- - >-
- This role grants full write access to the
- Identity configuration.
- required:
- - name
- - description
- required:
- - name
- - roles
- mesh_control_planes:
- type: object
- additionalProperties: false
- properties:
- name:
+ description: >-
+ The custom plugin name determined by the custom plugin
+ schema.
+ example: myplugin
+ created_at:
+ type: integer
+ description: >-
+ An ISO-8604 timestamp representation of custom plugin
+ schema creation date.
+ example: 1422386534
+ updated_at:
+ type: integer
+ description: >-
+ An ISO-8604 timestamp representation of custom plugin
+ schema update date.
+ example: 1422412345
+ HTTP401Error:
+ description: Unauthorized
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GatewayUnauthorizedError'
+ Conflict:
+ description: Conflict
+ content:
+ application/problem+json:
+ schema:
+ $ref: '#/components/schemas/ConflictError'
+ schemas:
+ GroupMembership:
+ x-speakeasy-entity: GatewayControlPlaneMembership
+ type: object
+ required:
+ - members
+ properties:
+ members:
+ type: array
+ items:
+ type: object
+ required:
+ - id
+ properties:
+ id:
+ type: string
+ CreateControlPlaneRequest:
+ x-speakeasy-entity: GatewayControlPlane
+ title: CreateControlPlaneRequest
+ description: The request schema for the create control plane request.
+ type: object
+ additionalProperties: false
+ properties:
+ name:
+ type: string
+ example: Test Control Plane
+ description: The name of the control plane.
+ description:
+ type: string
+ example: A test control plane for exploration.
+ description: The description of the control plane in Konnect.
+ cluster_type:
+ type: string
+ description: >-
+ The ClusterType value of the cluster associated with the Control
+ Plane.
+ example: CLUSTER_TYPE_CONTROL_PLANE
+ enum:
+ - CLUSTER_TYPE_CONTROL_PLANE
+ - CLUSTER_TYPE_K8S_INGRESS_CONTROLLER
+ - CLUSTER_TYPE_CONTROL_PLANE_GROUP
+ - CLUSTER_TYPE_SERVERLESS
+ auth_type:
+ type: string
+ description: >-
+ The auth type value of the cluster associated with the Runtime
+ Group.
+ example: pinned_client_certs
+ enum:
+ - pinned_client_certs
+ - pki_client_certs
+ cloud_gateway:
+ type: boolean
+ description: Whether this control-plane can be used for cloud-gateways.
+ example: false
+ proxy_urls:
+ $ref: '#/components/schemas/ProxyURLs'
+ labels:
+ $ref: '#/components/schemas/Labels'
+ required:
+ - name
+ UpdateControlPlaneRequest:
+ title: UpdateControlPlaneRequest
+ description: The request schema for the update control plane request.
+ type: object
+ additionalProperties: false
+ properties:
+ name:
+ type: string
+ example: Test Control Plane
+ description: The name of the control plane.
+ description:
+ type: string
+ example: A test control plane for exploration.
+ description: The description of the control plane in Konnect.
+ auth_type:
+ type: string
+ description: >-
+ The auth type value of the cluster associated with the Runtime
+ Group.
+ example: pinned_client_certs
+ enum:
+ - pinned_client_certs
+ - pki_client_certs
+ proxy_urls:
+ $ref: '#/components/schemas/ProxyURLs'
+ labels:
+ $ref: '#/components/schemas/Labels'
+ ControlPlane:
+ x-speakeasy-entity: GatewayControlPlane
+ type: object
+ description: >-
+ The control plane object contains information about a Kong control
+ plane.
+ additionalProperties: false
+ properties:
+ id:
+ x-speakeasy-param-suppress-computed-diff: true
+ type: string
+ format: uuid
+ example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ description: The control plane ID.
+ readOnly: true
+ name:
+ type: string
+ example: Test Control Plane
+ description: The name of the control plane.
+ description:
+ type: string
+ example: A test control plane for exploration.
+ description: The description of the control plane in Konnect.
+ labels:
+ $ref: '#/components/schemas/Labels'
+ config:
+ type: object
+ description: CP configuration object for related access endpoints.
+ additionalProperties: false
+ properties:
+ control_plane_endpoint:
+ type: string
+ format: url
+ example: https://acfe5f253f.cp0.konghq.com
+ description: Control Plane Endpoint.
+ readOnly: true
+ telemetry_endpoint:
+ type: string
+ format: url
+ example: https://acfe5f253f.tp0.konghq.com
+ description: Telemetry Endpoint.
+ readOnly: true
+ cluster_type:
+ type: string
+ description: >-
+ The ClusterType value of the cluster associated with the Control
+ Plane.
+ example: CLUSTER_TYPE_CONTROL_PLANE
+ enum:
+ - CLUSTER_TYPE_CONTROL_PLANE
+ - CLUSTER_TYPE_K8S_INGRESS_CONTROLLER
+ - CLUSTER_TYPE_CONTROL_PLANE_GROUP
+ - CLUSTER_TYPE_SERVERLESS
+ readOnly: true
+ auth_type:
+ type: string
+ description: >-
+ The auth type value of the cluster associated with the Runtime
+ Group.
+ example: pinned_client_certs
+ enum:
+ - pinned_client_certs
+ - pki_client_certs
+ readOnly: true
+ cloud_gateway:
+ type: boolean
+ description: Whether the Control Plane can be used for cloud-gateways.
+ readOnly: true
+ proxy_urls:
+ $ref: '#/components/schemas/ProxyURLs'
+ required:
+ - control_plane_endpoint
+ - telemetry_endpoint
+ - cluster_type
+ - auth_type
+ - cloud_gateway
+ created_at:
+ x-speakeasy-terraform-ignore: true
+ type: string
+ format: date-time
+ example: '2022-11-04T20:10:06.927Z'
+ description: An ISO-8604 timestamp representation of control plane creation date.
+ readOnly: true
+ updated_at:
+ x-speakeasy-terraform-ignore: true
+ type: string
+ format: date-time
+ example: '2022-11-04T20:10:06.927Z'
+ description: An ISO-8604 timestamp representation of control plane update date.
+ readOnly: true
+ required:
+ - id
+ - name
+ - config
+ - created_at
+ - updated_at
+ GroupStatus:
+ title: GroupStatus
+ type: object
+ description: >-
+ The Group Status object contains information about the status of a
+ control plane group.
+ required:
+ - id
+ - created_at
+ - updated_at
+ - state
+ properties:
+ id:
+ type: string
+ format: uuid
+ example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ description: The control plane group ID.
+ readOnly: true
+ created_at:
+ type: string
+ format: date-time
+ example: '2022-11-04T20:10:06.927Z'
+ description: >-
+ An ISO-8604 timestamp representation of control plane group status
+ creation date.
+ readOnly: true
+ updated_at:
+ type: string
+ format: date-time
+ example: '2022-11-04T20:10:06.927Z'
+ description: >-
+ An ISO-8604 timestamp representation of control plane group status
+ update date.
+ readOnly: true
+ conflicts:
+ type: array
+ maxItems: 256
+ items:
+ $ref: '#/components/schemas/GroupConflict'
+ state:
+ type: string
+ description: The state of the control plane group.
+ example: CONFLICT
+ readOnly: true
+ enum:
+ - OK
+ - CONFLICT
+ - UNKNOWN
+ GroupConflict:
+ title: GroupConflict
+ type: object
+ description: >-
+ The Group Conflict object contains information about a conflict in a
+ control plane group.
+ required:
+ - cluster_id
+ - description
+ - resource
+ properties:
+ cluster_id:
+ type: string
+ format: uuid
+ example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ description: The ID of a control plane member of a control plane group.
+ readOnly: true
+ description:
+ type: string
+ example: >-
+ conflicting entity found: ID=38d790ad-8b08-4ff5-a074-2e1e9e64d8bd,
+ Name=foo
+ description: The description of the conflict.
+ readOnly: true
+ resource:
+ $ref: '#/components/schemas/GroupConflictResource'
+ GroupConflictResource:
+ title: GroupConflictResource
+ type: object
+ description: A resource causing a conflict in a control plane group.
+ properties:
+ id:
+ type: string
+ format: uuid
+ example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ description: The ID of the resource.
+ readOnly: true
+ type:
+ type: string
+ example: service
+ description: The type of the resource.
+ readOnly: true
+ required:
+ - id
+ - type
+ GroupMemberStatus:
+ title: GroupMemberStatus
+ type: object
+ description: >-
+ Object with information determining the group membership status of a
+ control plane.
+ properties:
+ is_member:
+ type: boolean
+ example: true
+ description: >-
+ Boolean indicating if a control plane is a member of a control plane
+ group.
+ readOnly: true
+ required:
+ - is_member
+ Labels:
+ title: Labels
+ type: object
+ example:
+ env: test
+ description: >
+ Labels store metadata of an entity that can be used for filtering an
+ entity list or for searching across entity types.
+
+
+ Keys must be of length 1-63 characters, and cannot start with "kong",
+ "konnect", "mesh", "kic", or "_".
+ additionalProperties:
+ type: string
+ pattern: ^[a-z0-9A-Z]{1}([a-z0-9A-Z-._]*[a-z0-9A-Z]+)?$
+ minLength: 1
+ maxLength: 63
+ maxProperties: 50
+ ProxyURL:
+ title: ProxyURL
+ description: >-
+ Proxy URL associated with reaching the data-planes connected to a
+ control-plane.
+ type: object
+ additionalProperties: false
+ properties:
+ host:
+ type: string
+ description: Hostname of the proxy URL.
+ port:
+ type: integer
+ description: Port of the proxy URL.
+ protocol:
+ type: string
+ description: Protocol of the proxy URL.
+ required:
+ - host
+ - port
+ - protocol
+ example:
+ host: example.com
+ port: 443
+ protocol: https
+ ProxyURLs:
+ title: ProxyURLs
+ description: >-
+ Array of proxy URLs associated with reaching the data-planes connected
+ to a control-plane.
+ type: array
+ format: set
+ items:
+ $ref: '#/components/schemas/ProxyURL'
+ example:
+ - host: example.com
+ port: 443
+ protocol: https
+ ControlPlaneFilterParameters:
+ title: ControlPlaneFilterParameters
+ type: object
+ additionalProperties: false
+ properties:
+ id:
+ oneOf:
+ - $ref: '#/components/schemas/StringFieldEqualsFilter'
+ - $ref: '#/components/schemas/StringFieldOEQFilter'
+ name:
+ oneOf:
+ - $ref: '#/components/schemas/StringFieldEqualsFilter'
+ - $ref: '#/components/schemas/StringFieldContainsFilter'
+ - $ref: '#/components/schemas/StringFieldNEQFilter'
+ cluster_type:
+ oneOf:
+ - $ref: '#/components/schemas/StringFieldEqualsFilter'
+ - $ref: '#/components/schemas/StringFieldNEQFilter'
+ cloud_gateway:
+ $ref: '#/components/schemas/BooleanFieldFilter'
+ StringFieldEqualsFilter:
+ title: StringFieldEqualsFilter
+ description: Filter a string value by exact match.
+ oneOf:
+ - type: string
+ - type: object
+ title: StringFieldEqualsComparison
+ additionalProperties: false
+ properties:
+ eq:
+ type: string
+ required:
+ - eq
+ type: string
+ StringFieldOEQFilter:
+ title: StringFieldOEQFilter
+ description: >-
+ Returns entities that exact match any of the comma-delimited phrases in
+ the filter string.
+ type: object
+ additionalProperties: false
+ properties:
+ oeq:
+ type: string
+ required:
+ - oeq
+ StringFieldContainsFilter:
+ title: StringFieldContainsFilter
+ description: Filter a string value field by partial contains.
+ type: object
+ additionalProperties: false
+ properties:
+ contains:
+ type: string
+ required:
+ - contains
+ StringFieldNEQFilter:
+ title: StringFieldNEQFilter
+ description: Filters on the given string field value by exact match inequality.
+ type: object
+ additionalProperties: false
+ properties:
+ neq:
+ type: string
+ required:
+ - neq
+ BooleanFieldFilter:
+ title: BooleanFieldFilter
+ description: Filter by a boolean value (true/false).
+ type: boolean
+ example: true
+ SortQuery:
+ title: SortQuery
+ type: string
+ example: name,created_at desc
+ description: >
+ The `asc` suffix is optional as the default sort order is ascending.
+
+ The `desc` suffix is used to specify a descending order.
+
+ Multiple sort attributes may be provided via a comma separated list.
+
+ JSONPath notation may be used to specify a sub-attribute (eg: 'foo.bar
+ desc').
+ PageMeta:
+ type: object
+ description: >-
+ Contains pagination query parameters and the total number of objects
+ returned.
+ required:
+ - number
+ - size
+ - total
+ properties:
+ number:
+ type: number
+ example: 1
+ size:
+ type: number
+ example: 10
+ total:
+ type: number
+ example: 100
+ PaginatedMeta:
+ type: object
+ title: PaginatedMeta
+ description: returns the pagination information
+ properties:
+ page:
+ $ref: '#/components/schemas/PageMeta'
+ required:
+ - page
+ BaseError:
+ type: object
+ title: Error
+ description: standard error
+ required:
+ - status
+ - title
+ - instance
+ - detail
+ properties:
+ status:
+ type: integer
+ description: >
+ The HTTP status code of the error. Useful when passing the response
+
+ body to child properties in a frontend UI. Must be returned as an
+ integer.
+ readOnly: true
+ title:
+ type: string
+ description: |
+ A short, human-readable summary of the problem. It should not
+ change between occurences of a problem, except for localization.
+ Should be provided as "Sentence case" for direct use in the UI.
+ readOnly: true
+ type:
+ type: string
+ description: The error type.
+ readOnly: true
+ instance:
+ type: string
+ description: |
+ Used to return the correlation ID back to the user, in the format
+ kong:trace:. This helps us find the relevant logs
+ when a customer reports an issue.
+ readOnly: true
+ detail:
+ type: string
+ description: >
+ A human readable explanation specific to this occurence of the
+ problem.
+
+ This field may contain request/entity data to help the user
+ understand
+
+ what went wrong. Enclose variable values in square brackets. Should
+ be
+
+ provided as "Sentence case" for direct use in the UI.
+ readOnly: true
+ InvalidRules:
+ description: invalid parameters rules
+ type: string
+ readOnly: true
+ nullable: true
+ enum:
+ - required
+ - is_array
+ - is_base64
+ - is_boolean
+ - is_date_time
+ - is_integer
+ - is_null
+ - is_number
+ - is_object
+ - is_string
+ - is_uuid
+ - is_fqdn
+ - is_arn
+ - unknown_property
+ - is_label
+ - matches_regex
+ - invalid
+ - is_supported_network_availability_zone_list
+ - is_supported_network_cidr_block
+ - is_supported_provider_region
+ InvalidParameterStandard:
+ type: object
+ additionalProperties: false
+ properties:
+ field:
+ type: string
+ example: name
+ readOnly: true
+ rule:
+ $ref: '#/components/schemas/InvalidRules'
+ source:
+ type: string
+ example: body
+ reason:
+ type: string
+ example: is a required field
+ readOnly: true
+ required:
+ - field
+ - reason
+ InvalidParameterMinimumLength:
+ type: object
+ additionalProperties: false
+ properties:
+ field:
+ type: string
+ example: name
+ readOnly: true
+ rule:
+ description: invalid parameters rules
+ type: string
+ readOnly: true
+ nullable: false
+ enum:
+ - min_length
+ - min_digits
+ - min_lowercase
+ - min_uppercase
+ - min_symbols
+ - min_items
+ - min
+ minimum:
+ type: integer
+ example: 8
+ source:
+ type: string
+ example: body
+ reason:
+ type: string
+ example: must have at least 8 characters
+ readOnly: true
+ required:
+ - field
+ - reason
+ - rule
+ - minimum
+ InvalidParameterMaximumLength:
+ type: object
+ additionalProperties: false
+ properties:
+ field:
+ type: string
+ example: name
+ readOnly: true
+ rule:
+ description: invalid parameters rules
+ type: string
+ readOnly: true
+ nullable: false
+ enum:
+ - max_length
+ - max_items
+ - max
+ maximum:
+ type: integer
+ example: 8
+ source:
+ type: string
+ example: body
+ reason:
+ type: string
+ example: must not have more than 8 characters
+ readOnly: true
+ required:
+ - field
+ - reason
+ - rule
+ - maximum
+ InvalidParameterChoiceItem:
+ type: object
+ additionalProperties: false
+ properties:
+ field:
+ type: string
+ example: name
+ readOnly: true
+ rule:
+ description: invalid parameters rules
+ type: string
+ readOnly: true
+ nullable: false
+ enum:
+ - enum
+ reason:
+ type: string
+ example: is a required field
+ readOnly: true
+ choices:
+ type: array
+ uniqueItems: true
+ readOnly: true
+ nullable: false
+ minItems: 1
+ items: {}
+ source:
+ type: string
+ example: body
+ required:
+ - field
+ - reason
+ - rule
+ - choices
+ InvalidParameterDependentItem:
+ type: object
+ additionalProperties: false
+ properties:
+ field:
+ type: string
+ example: name
+ readOnly: true
+ rule:
+ description: invalid parameters rules
+ type: string
+ readOnly: true
+ nullable: true
+ enum:
+ - dependent_fields
+ reason:
+ type: string
+ example: is a required field
+ readOnly: true
+ dependents:
+ type: array
+ uniqueItems: true
+ nullable: true
+ items: {}
+ readOnly: true
+ source:
+ type: string
+ example: body
+ required:
+ - field
+ - rule
+ - reason
+ - dependents
+ InvalidParameters:
+ type: array
+ nullable: false
+ uniqueItems: true
+ minItems: 1
+ description: invalid parameters
+ items:
+ oneOf:
+ - $ref: '#/components/schemas/InvalidParameterStandard'
+ - $ref: '#/components/schemas/InvalidParameterMinimumLength'
+ - $ref: '#/components/schemas/InvalidParameterMaximumLength'
+ - $ref: '#/components/schemas/InvalidParameterChoiceItem'
+ - $ref: '#/components/schemas/InvalidParameterDependentItem'
+ BadRequestError:
+ allOf:
+ - $ref: '#/components/schemas/BaseError'
+ - type: object
+ required:
+ - invalid_parameters
+ properties:
+ invalid_parameters:
+ $ref: '#/components/schemas/InvalidParameters'
+ UnauthorizedError:
+ allOf:
+ - $ref: '#/components/schemas/BaseError'
+ - type: object
+ properties:
+ status:
+ example: 401
+ title:
+ example: Unauthorized
+ type:
+ example: https://httpstatuses.com/401
+ instance:
+ example: kong:trace:1234567890
+ detail:
+ example: Invalid credentials
+ ForbiddenError:
+ allOf:
+ - $ref: '#/components/schemas/BaseError'
+ - type: object
+ properties:
+ status:
+ example: 403
+ title:
+ example: Forbidden
+ type:
+ example: https://httpstatuses.com/403
+ instance:
+ example: kong:trace:1234567890
+ detail:
+ example: Forbidden
+ ConflictError:
+ allOf:
+ - $ref: '#/components/schemas/BaseError'
+ - type: object
+ properties:
+ status:
+ example: 409
+ title:
+ example: Conflict
+ type:
+ example: https://httpstatuses.com/409
+ instance:
+ example: kong:trace:1234567890
+ detail:
+ example: Conflict
+ NotFoundError:
+ allOf:
+ - $ref: '#/components/schemas/BaseError'
+ - type: object
+ properties:
+ status:
+ example: 404
+ title:
+ example: Not Found
+ type:
+ example: https://httpstatuses.com/404
+ instance:
+ example: kong:trace:1234567890
+ detail:
+ example: Not found
+ CursorMetaWithSizeAndTotal:
+ type: object
+ required:
+ - size
+ - next
+ - total
+ properties:
+ next:
+ description: URI to the next page
+ type: string
+ format: path
+ nullable: true
+ size:
+ description: Requested page size
+ type: number
+ example: 10
+ total:
+ description: >-
+ Total number of objects in the collection; will only be present on
+ the first page
+ type: number
+ example: 974
+ nullable: true
+ CursorPaginatedMetaWithSizeAndTotal:
+ type: object
+ title: CursorPaginatedMetaWithSizeAndTotal
+ description: returns the pagination information
+ properties:
+ page:
+ $ref: '#/components/schemas/CursorMetaWithSizeAndTotal'
+ required:
+ - page
+ IdP:
+ title: IdP Configuration
+ type: object
+ description: >-
+ The IdP object contains the configuration data for the OIDC
+ authentication integration.
+
+
+ NOTE: The `openid` scope is required. Removing it could break the OIDC
+ integration.
+ properties:
+ issuer:
+ type: string
+ format: uri
+ example: https://myidp.com/oauth2
+ login_path:
+ type: string
+ example: myapp
+ client_id:
+ type: string
+ example: YOUR_CLIENT_ID
+ scopes:
+ type: array
+ items:
+ type: string
+ claim_mappings:
+ type: object
+ minProperties: 3
+ properties:
+ name:
+ type: string
+ example: name
+ email:
+ type: string
+ example: email
+ groups:
+ type: string
+ example: custom-groups-claim
+ User:
+ title: User
+ type: object
+ description: >-
+ The user object contains information about an individual user who can
+ use the Konnect application and API.
+ example:
+ id: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ email: user@email.com
+ full_name: Test User
+ preferred_name: test
+ active: true
+ created_at: '2022-02-07T17:46:57.52Z'
+ updated_at: '2022-10-08T17:00:00.52Z'
+ properties:
+ id:
+ type: string
+ format: uuid
+ example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ description: The User ID.
+ readOnly: true
+ email:
+ type: string
+ format: email
+ example: user@email.com
+ maxLength: 250
+ description: The email registered to the user.
+ full_name:
+ type: string
+ pattern: ^[\w \W]+$
+ maxLength: 250
+ description: The User's full name.
+ example: Jane Doe
+ preferred_name:
+ type: string
+ example: Jane
+ maxLength: 250
+ description: The User's preferred name.
+ active:
+ type: boolean
+ description: Returns True if a user has verified their email address.
+ readOnly: true
+ created_at:
+ type: string
+ format: date-time
+ example: '2022-02-07T17:46:57.52Z'
+ description: The time stamp for the date the account was registered.
+ readOnly: true
+ updated_at:
+ type: string
+ format: date-time
+ example: '2022-10-08T17:00:00.52Z'
+ description: >-
+ A Unix timestamp representation of the most recent change to the
+ User account.
+ readOnly: true
+ Team:
+ x-speakeasy-entity: Team
+ title: Team
+ type: object
+ description: The team object contains information about a group of users.
+ example:
+ id: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ name: IDM - Developers
+ description: The developers for the IDM API.
+ system_team: false
+ labels:
+ env: test
+ created_at: '1992-02-07T17:46:57.52Z'
+ updated_at: '2022-08-31T17:00:00.52Z'
+ properties:
+ id:
+ type: string
+ format: uuid
+ example: 7f9fd312-a987-4628-b4c5-bb4f4fddd5f7
+ description: The team ID.
+ readOnly: true
+ name:
+ type: string
+ pattern: ^[\w \W]+$
+ example: IDM - Developers
+ maxLength: 250
+ description: The name of the team.
+ description:
+ type: string
+ example: The developers for the IDM API.
+ maxLength: 250
+ description: The team description in Konnect.
+ system_team:
+ type: boolean
+ description: >-
+ Returns True if a user belongs to a `system_team`. System teams are
+ teams that can manage Konnect objects, like "Organization Admin", or
+ "Service"
+ readOnly: true
+ labels:
+ $ref: '#/components/schemas/Labels'
+ created_at:
+ type: string
+ format: date-time
+ example: '1992-02-07T17:46:57.52Z'
+ description: A Unix timestamp representation of team creation.
+ readOnly: true
+ updated_at:
+ type: string
+ format: date-time
+ example: '2022-02-07T17:00:00.52Z'
+ description: >
+ A Unix timestamp representation of the most recent change to the
+ team object in Konnect.
+ readOnly: true
+ TeamMapping:
+ title: TeamMapping
+ type: object
+ description: A team assignment is a mapping of an IdP group to a Konnect Team.
+ example:
+ group: Service Developers
+ team_ids:
+ - 6801e673-cc10-498a-94cd-4271de07a0d3
+ properties:
+ group:
+ type: string
+ example: Service Developers
+ description: The IdP group.
+ team_ids:
+ type: array
+ uniqueItems: true
+ description: An array of ID's that are mapped to the specified group.
+ items:
+ type: string
+ format: uuid
+ example: 6801e673-cc10-498a-94cd-4271de07a0d3
+ TeamGroupMapping:
+ title: TeamGroupMapping
+ type: object
+ description: A map of Konnect Team to IdP groups.
+ example:
+ team_id: 6801e673-cc10-498a-94cd-4271de07a0d3
+ groups:
+ - Tech Leads
+ - API Engineers
+ properties:
+ team_id:
+ type: string
+ format: uuid
+ example: 6801e673-cc10-498a-94cd-4271de07a0d3
+ description: The Konnect team ID.
+ groups:
+ type: array
+ uniqueItems: true
+ description: The IdP groups that are mapped to the specified team.
+ items:
+ type: string
+ example: API Engineers
+ AssignedRole:
+ title: AssignedRole
+ type: object
+ description: An assigned role is a role that has been assigned to a user or team.
+ example:
+ id: 54cc6168-ebb1-4300-8168-d62a0dd08fc8
+ role_name: Viewer
+ entity_id: 18ee2573-dec0-4b83-be99-fa7700bcdc61
+ entity_type_name: Control Planes
+ entity_region: us
+ properties:
+ id:
+ type: string
+ format: uuid
+ example: eaf7adf1-32c8-4bbf-b960-d1f8456afe67
+ description: The ID of the role assignment.
+ role_name:
+ type: string
+ example: Viewer
+ description: Name of the role being assigned.
+ entity_id:
+ type: string
+ format: uuid
+ example: 817d0422-45c9-4d88-8d64-45aef05c1ae7
+ description: A RBAC entity ID.
+ entity_type_name:
+ type: string
+ example: Control Planes
+ description: Name of the entity type the role is being assigned to.
+ entity_region:
+ type: string
+ enum:
+ - us
+ - eu
+ - au
+ - me
+ - '*'
+ example: eu
+ description: Region of the entity.
+ SystemAccount:
+ x-speakeasy-entity: SystemAccount
+ title: System Account
+ type: object
+ example:
+ id: 497f6eca-6276-4993-bfeb-53cbbbba6f08
+ name: Example System Account
+ description: This is a sample system account description.
+ created_at: '2022-08-24T14:15:22Z'
+ updated_at: '2022-10-05T10:33:49Z'
+ konnect_managed: false
+ description: Schema of the system account.
+ properties:
+ id:
+ type: string
+ format: uuid
+ description: ID of the system account.
+ readOnly: true
+ name:
+ type: string
+ description: Name of the system account.
+ description:
+ type: string
+ description: Description of the system account.
+ created_at:
+ type: string
+ format: date-time
+ description: Timestamp of when the system account was created.
+ readOnly: true
+ updated_at:
+ type: string
+ format: date-time
+ description: Timestamp of when the system account was last updated.
+ readOnly: true
+ konnect_managed:
+ type: boolean
+ description: The system account is managed by Konnect (true/false).
+ SystemAccountAccessToken:
+ x-speakeasy-entity: SystemAccountAccessToken
+ title: System Account Access Token
+ example:
+ id: 497f6eca-6276-4993-bfeb-53cbbbba6f08
+ name: Sample Access Token
+ created_at: '2022-08-01T14:16:09Z'
+ updated_at: '2022-08-02T08:35:49Z'
+ expires_at: '2022-12-31T12:52:23Z'
+ last_used_at: '2022-10-24T13:05:42Z'
+ description: Schema of the system account access token.
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ description: ID of the system account access token.
+ readOnly: true
+ name:
+ type: string
+ description: Name of the system account access token.
+ created_at:
+ type: string
+ format: date-time
+ description: Timestamp of when the system account access token was created.
+ readOnly: true
+ updated_at:
+ type: string
+ format: date-time
+ description: Timestamp of when the system account access token was last updated.
+ readOnly: true
+ expires_at:
+ type: string
+ format: date-time
+ description: Timestamp of when the system account access token will expire.
+ last_used_at:
+ type: string
+ format: date-time
+ description: Timestamp of when the system account access token was last used.
+ readOnly: true
+ StringFieldFilter:
+ title: StringFieldFilter
+ description: Filter a string value field either by exact match or partial contains.
+ oneOf:
+ - $ref: '#/components/schemas/StringFieldEqualsFilter'
+ - $ref: '#/components/schemas/StringFieldContainsFilter'
+ LabelsUpdate:
+ type: object
+ nullable: true
+ description: >
+ Labels store metadata of an entity that can be used for filtering an
+ entity list or for searching across entity types.
+
+
+ Labels are intended to store **INTERNAL** metadata.
+
+
+ Keys must be of length 1-63 characters, and cannot start with "kong",
+ "konnect", "mesh", "kic", or "_".
+ example:
+ env: test
+ maxProperties: 50
+ additionalProperties:
+ type: string
+ pattern: ^[a-z0-9A-Z]{1}([a-z0-9A-Z-._]*[a-z0-9A-Z]+)?$
+ minLength: 1
+ maxLength: 63
+ nullable: true
+ writeOnly: true
+ DataPlaneClientCertificate:
+ type: object
+ properties:
+ item:
+ x-speakeasy-entity: GatewayDataPlaneClientCertificate
+ type: object
+ properties:
+ id:
+ type: string
+ description: Unique ID of the certificate entity.
+ created_at:
+ type: integer
+ description: Date certificate was created.
+ updated_at:
+ type: integer
+ description: Date certificate was last updated.
+ cert:
+ type: string
+ description: JSON escaped string of the certificate.
+ ACL:
+ type: object
+ properties:
+ consumer:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ group:
+ type: string
+ id:
+ type: string
+ nullable: true
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ consumer:
+ id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
+ group: foo
+ id: b1f34145-0343-41a4-9602-4c69dec2f269
+ additionalProperties: false
+ required:
+ - group
+ ACLWithoutParents:
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ group:
+ type: string
+ id:
+ type: string
+ nullable: true
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ group: foo
+ id: b1f34145-0343-41a4-9602-4c69dec2f269
+ additionalProperties: false
+ required:
+ - group
+ BasicAuth:
+ type: object
+ properties:
+ consumer:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ password:
+ type: string
+ tags:
+ type: array
+ items:
+ type: string
+ username:
+ type: string
+ example:
+ consumer:
+ id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
+ id: b2f34145-0343-41a4-9602-4c69dec2f269
+ password: hashedsoopersecretvalue
+ username: darius
+ additionalProperties: false
+ required:
+ - username
+ - password
+ BasicAuthWithoutParents:
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ password:
+ type: string
+ tags:
+ type: array
+ items:
+ type: string
+ username:
+ type: string
+ example:
+ id: b2f34145-0343-41a4-9602-4c69dec2f269
+ password: hashedsoopersecretvalue
+ username: darius
+ additionalProperties: false
+ required:
+ - username
+ - password
+ CACertificate:
+ description: >-
+ A CA certificate object represents a trusted CA. These objects are used
+ by Kong to verify the validity of a client or server certificate.
+ type: object
+ properties:
+ cert:
+ description: PEM-encoded public certificate of the CA.
+ type: string
+ cert_digest:
+ description: >-
+ SHA256 hex digest of the public certificate. This field is read-only
+ and it cannot be set by the caller, the value is automatically
+ computed.
+ type: string
+ nullable: true
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Certificate for
+ grouping and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ cert: |-
+ -----BEGIN CERTIFICATE-----
+ certificate-content
+ -----END CERTIFICATE-----
+ id: b2f34145-0343-41a4-9602-4c69dec2f260
+ additionalProperties: false
+ required:
+ - cert
+ Certificate:
+ description: >-
+ A certificate object represents a public certificate, and can be
+ optionally paired with the corresponding private key. These objects are
+ used by Kong to handle SSL/TLS termination for encrypted requests, or
+ for use as a trusted CA store when validating peer certificate of
+ client/service. Certificates are optionally associated with SNI objects
+ to tie a cert/key pair to one or more hostnames. If intermediate
+ certificates are required in addition to the main certificate, they
+ should be concatenated together into one string according to the
+ following order: main certificate on the top, followed by any
+ intermediates.
+ type: object
+ properties:
+ cert:
+ description: >-
+ PEM-encoded public certificate chain of the SSL key pair. This field
+ is _referenceable_, which means it can be securely stored as a
+ [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
+ in a vault. References must follow a [specific
+ format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
+ type: string
+ cert_alt:
+ description: >-
+ PEM-encoded public certificate chain of the alternate SSL key pair.
+ This should only be set if you have both RSA and ECDSA types of
+ certificate available and would like Kong to prefer serving using
+ ECDSA certs when client advertises support for it. This field is
+ _referenceable_, which means it can be securely stored as a
+ [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
+ in a vault. References must follow a [specific
+ format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
+ type: string
+ nullable: true
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ key:
+ description: >-
+ PEM-encoded private key of the SSL key pair. This field is
+ _referenceable_, which means it can be securely stored as a
+ [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
+ in a vault. References must follow a [specific
+ format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
+ type: string
+ key_alt:
+ description: >-
+ PEM-encoded private key of the alternate SSL key pair. This should
+ only be set if you have both RSA and ECDSA types of certificate
+ available and would like Kong to prefer serving using ECDSA certs
+ when client advertises support for it. This field is
+ _referenceable_, which means it can be securely stored as a
+ [secret](/gateway/latest/plan-and-deploy/security/secrets-management/getting-started)
+ in a vault. References must follow a [specific
+ format](/gateway/latest/plan-and-deploy/security/secrets-management/reference-format).
+ type: string
+ nullable: true
+ snis:
+ type: array
+ items:
+ type: string
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Certificate for
+ grouping and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ cert: |-
+ -----BEGIN CERTIFICATE-----
+ certificate-content
+ -----END CERTIFICATE-----
+ id: b2f34145-0343-41a4-9602-4c69dec2f269
+ key: |-
+ -----BEGIN PRIVATE KEY-----
+ private-key-content
+ -----END PRIVATE KEY-----
+ additionalProperties: false
+ required:
+ - cert
+ - key
+ Consumer:
+ description: >-
+ The Consumer object represents a consumer - or a user - of a Service.
+ You can either rely on Kong as the primary datastore, or you can map the
+ consumer list with your database to keep consistency between Kong and
+ your existing primary datastore.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ custom_id:
+ description: >-
+ Field for storing an existing unique ID for the Consumer - useful
+ for mapping Kong with users in your existing database. You must send
+ either this field or `username` with the request.
+ type: string
+ nullable: true
+ id:
+ type: string
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Consumer for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ username:
+ description: >-
+ The unique username of the Consumer. You must send either this field
+ or `custom_id` with the request.
+ type: string
+ nullable: true
+ example:
+ custom_id: '4200'
+ id: 8a388226-80e8-4027-a486-25e4f7db5d21
+ tags:
+ - silver-tier
+ username: bob-the-builder
+ additionalProperties: false
+ ConsumerGroup:
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ name:
+ type: string
+ tags:
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ additionalProperties: false
+ required:
+ - name
+ ConsumerGroupInsideWrapper:
+ type: object
+ properties:
+ consumer_group:
+ $ref: '#/components/schemas/ConsumerGroup'
+ GatewayUnauthorizedError:
+ type: object
+ properties:
+ message:
+ type: string
+ status:
+ type: integer
+ required:
+ - message
+ - status
+ HMACAuth:
+ type: object
+ properties:
+ consumer:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ secret:
+ type: string
+ nullable: true
+ tags:
+ type: array
+ items:
+ type: string
+ username:
+ type: string
+ example:
+ consumer:
+ id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
+ id: 75695322-e8a0-4109-aed4-5416b0308d85
+ secret: wQazJ304DW5huJklHgUfjfiSyCyTAEDZ
+ username: xerxes
+ additionalProperties: false
+ required:
+ - username
+ HMACAuthWithoutParents:
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ secret:
+ type: string
+ nullable: true
+ tags:
+ type: array
+ items:
+ type: string
+ username:
+ type: string
+ example:
+ id: 75695322-e8a0-4109-aed4-5416b0308d85
+ secret: wQazJ304DW5huJklHgUfjfiSyCyTAEDZ
+ username: xerxes
+ additionalProperties: false
+ required:
+ - username
+ JWT:
+ type: object
+ properties:
+ algorithm:
+ type: string
+ enum:
+ - HS256
+ - HS384
+ - HS512
+ - RS256
+ - RS384
+ - RS512
+ - ES256
+ - ES384
+ - ES512
+ - PS256
+ - PS384
+ - PS512
+ - EdDSA
+ nullable: true
+ consumer:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ key:
+ type: string
+ nullable: true
+ rsa_public_key:
+ type: string
+ nullable: true
+ secret:
+ type: string
+ nullable: true
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ algorithm: HS256
+ consumer:
+ id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
+ id: 75695322-e8a0-4109-aed4-5416b0308d85
+ key: YJdmaDvVTJxtcWRCvkMikc8oELgAVNcz
+ secret: C50k0bcahDhLNhLKSUBSR1OMiFGzNZ7X
+ additionalProperties: false
+ JWTWithoutParents:
+ type: object
+ properties:
+ algorithm:
+ type: string
+ enum:
+ - HS256
+ - HS384
+ - HS512
+ - RS256
+ - RS384
+ - RS512
+ - ES256
+ - ES384
+ - ES512
+ - PS256
+ - PS384
+ - PS512
+ - EdDSA
+ nullable: true
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ key:
+ type: string
+ nullable: true
+ rsa_public_key:
+ type: string
+ nullable: true
+ secret:
+ type: string
+ nullable: true
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ algorithm: HS256
+ id: 75695322-e8a0-4109-aed4-5416b0308d85
+ key: YJdmaDvVTJxtcWRCvkMikc8oELgAVNcz
+ secret: C50k0bcahDhLNhLKSUBSR1OMiFGzNZ7X
+ additionalProperties: false
+ Key:
+ description: >-
+ A Key object holds a representation of asymmetric keys in various
+ formats. When Kong or a Kong plugin requires a specific public or
+ private key to perform certain operations, it can use this entity.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ jwk:
+ description: A JSON Web Key represented as a string.
+ type: string
+ nullable: true
+ kid:
+ description: A unique identifier for a key.
+ type: string
+ name:
+ description: The name to associate with the given keys.
+ type: string
+ nullable: true
+ pem:
+ description: A keypair in PEM format.
+ type: object
+ nullable: true
+ properties:
+ private_key:
+ type: string
+ public_key:
+ type: string
+ set:
+ description: The id (an UUID) of the key-set with which to associate the key.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ tags:
+ description: >-
+ An optional set of strings associated with the Key for grouping and
+ filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ id: d958f66b-8e99-44d2-b0b4-edd5bbf24658
+ jwk: '{"alg":"RSA", "kid": "42", ...}'
+ kid: '42'
+ name: a-key
+ pem:
+ private_key: '-----BEGIN'
+ public_key: '-----BEGIN'
+ set:
+ id: b86b331c-dcd0-4b3e-97ce-47c5a9543031
+ additionalProperties: false
+ required:
+ - kid
+ KeyAuth:
+ type: object
+ properties:
+ consumer:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ key:
+ type: string
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ consumer:
+ id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
+ id: b2f34145-0343-41a4-9602-4c69dec2f269
+ key: IL1deIyHyQA40WpeLeA1bIUXuvTwlGjo
+ additionalProperties: false
+ required:
+ - key
+ KeyAuthWithoutParents:
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ key:
+ type: string
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ id: b2f34145-0343-41a4-9602-4c69dec2f269
+ key: IL1deIyHyQA40WpeLeA1bIUXuvTwlGjo
+ additionalProperties: false
+ required:
+ - key
+ KeySet:
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ name:
+ type: string
+ nullable: true
+ tags:
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ id: b58c7d9d-e54f-444c-b24d-cdfc4159f61e
+ name: example-key-set
+ tags:
+ - idp-keys
+ additionalProperties: false
+ KeyWithoutParents:
+ description: >-
+ A Key object holds a representation of asymmetric keys in various
+ formats. When Kong or a Kong plugin requires a specific public or
+ private key to perform certain operations, it can use this entity.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ jwk:
+ description: A JSON Web Key represented as a string.
+ type: string
+ nullable: true
+ kid:
+ description: A unique identifier for a key.
+ type: string
+ name:
+ description: The name to associate with the given keys.
+ type: string
+ nullable: true
+ pem:
+ description: A keypair in PEM format.
+ type: object
+ nullable: true
+ properties:
+ private_key:
+ type: string
+ public_key:
+ type: string
+ set:
+ description: The id (an UUID) of the key-set with which to associate the key.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ tags:
+ description: >-
+ An optional set of strings associated with the Key for grouping and
+ filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ id: d958f66b-8e99-44d2-b0b4-edd5bbf24658
+ jwk: '{"alg":"RSA", "kid": "42", ...}'
+ kid: '42'
+ name: a-key
+ pem:
+ private_key: '-----BEGIN'
+ public_key: '-----BEGIN'
+ set:
+ id: b86b331c-dcd0-4b3e-97ce-47c5a9543031
+ additionalProperties: false
+ required:
+ - kid
+ MTLSAuth:
+ type: object
+ properties:
+ ca_certificate:
+ type: object
+ additionalProperties: false
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ nullable: true
+ default: null
+ consumer:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ subject_name:
+ type: string
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ ca_certificate:
+ id: b2f34145-0343-41a4-9602-4c69dec2f260
+ consumer:
+ id: 84a73fb8-50fc-44a7-a4d5-aa17728ee83f
+ id: b2f34145-0343-41a4-9602-4c69dec2f269
+ subject_name: CA_Subject_Name
+ additionalProperties: false
+ required:
+ - subject_name
+ MTLSAuthWithoutParents:
+ type: object
+ properties:
+ ca_certificate:
+ type: object
+ additionalProperties: false
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ nullable: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ subject_name:
+ type: string
+ tags:
+ type: array
+ items:
+ type: string
+ example:
+ ca_certificate:
+ id: b2f34145-0343-41a4-9602-4c69dec2f260
+ id: b2f34145-0343-41a4-9602-4c69dec2f269
+ subject_name: CA_Subject_Name
+ additionalProperties: false
+ required:
+ - subject_name
+ PaginationNextResponse:
+ description: URI to the next page (may be null)
+ type: string
+ PaginationOffsetResponse:
+ description: >-
+ Offset is used to paginate through the API. Provide this value to the
+ next list operation to fetch the next page
+ type: string
+ Plugin:
+ description: >-
+ A Plugin entity represents a plugin configuration that will be executed
+ during the HTTP request/response lifecycle. It is how you can add
+ functionalities to Services that run behind Kong, like Authentication or
+ Rate Limiting for example. You can find more information about how to
+ install and what values each plugin takes by visiting the [Kong
+ Hub](https://docs.konghq.com/hub/). When adding a Plugin Configuration
+ to a Service, every request made by a client to that Service will run
+ said Plugin. If a Plugin needs to be tuned to different values for some
+ specific Consumers, you can do so by creating a separate plugin instance
+ that specifies both the Service and the Consumer, through the `service`
+ and `consumer` fields.
+ type: object
+ properties:
+ config:
+ description: >-
+ The configuration properties for the Plugin which can be found on
+ the plugins documentation page in the [Kong
+ Hub](https://docs.konghq.com/hub/).
+ type: object
+ additionalProperties: true
+ consumer:
+ description: >-
+ If set, the plugin will activate only for requests where the
+ specified has been authenticated. (Note that some plugins can not be
+ restricted to consumers this way.). Leave unset for the plugin to
+ activate regardless of the authenticated Consumer.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ consumer_group:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ enabled:
+ description: Whether the plugin is applied.
+ type: boolean
+ nullable: true
+ id:
+ type: string
+ nullable: true
+ instance_name:
+ type: string
+ nullable: true
+ name:
+ description: >-
+ The name of the Plugin that's going to be added. Currently, the
+ Plugin must be installed in every Kong instance separately.
+ type: string
+ ordering:
+ type: object
+ nullable: true
+ properties:
+ after:
+ type: object
+ properties:
+ access:
+ type: array
+ items:
+ type: string
+ before:
+ type: object
+ properties:
+ access:
+ type: array
+ items:
type: string
- enum:
- - Mesh Control Plane
- roles:
- type: object
- properties:
- admin:
- type: object
- additionalProperties: false
- properties:
- name:
- type: string
- enum:
- - Admin
- description:
- type: string
- example: >-
- This role grants full write access to the related
- to Mesh control planes.
- enum:
- - >-
- This role grants full write access to the
- related to Mesh control planes.
- required:
- - name
- - description
- creator:
- type: object
- additionalProperties: false
- properties:
- name:
- type: string
- enum:
- - Creator
- description:
- type: string
- example: >-
- This role grants access to create new Mesh control
- planes.
- enum:
- - >-
- This role grants access to create new Mesh
- control planes.
- required:
- - name
- - description
- viewer:
- type: object
- additionalProperties: false
- properties:
- name:
- type: string
- enum:
- - Viewer
- description:
- type: string
- example: >-
- This role grants access to read-only permissions
- to Mesh control planes.
- enum:
- - >-
- This role grants access to read-only permissions
- to Mesh control planes.
- required:
- - name
- - description
- required:
- - name
- - roles
- title: Roles Response
- SystemAccountCollection:
- description: A paginated list response for a collection of system accounts.
- content:
- application/json:
- schema:
+ protocols:
+ description: >-
+ A list of the request protocols that will trigger this plugin. The
+ default value, as well as the possible values allowed on this field,
+ may change depending on the plugin type. For example, plugins that
+ only work in stream mode will only support `"tcp"` and `"tls"`.
+ type: array
+ items:
+ enum:
+ - grpc
+ - grpcs
+ - http
+ - https
+ - tcp
+ - tls
+ - tls_passthrough
+ - udp
+ - ws
+ - wss
+ type: string
+ nullable: true
+ route:
+ description: >-
+ If set, the plugin will only activate when receiving requests via
+ the specified route. Leave unset for the plugin to activate
+ regardless of the Route being used.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ service:
+ description: >-
+ If set, the plugin will only activate when receiving requests via
+ one of the routes belonging to the specified Service. Leave unset
+ for the plugin to activate regardless of the Service being matched.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ tags:
+ description: >-
+ An optional set of strings associated with the Plugin for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ config:
+ anonymous: null
+ hide_credentials: false
+ key_in_body: false
+ key_in_header: true
+ key_in_query: true
+ key_names:
+ - apikey
+ run_on_preflight: true
+ enabled: true
+ id: 3fd1eea1-885a-4011-b986-289943ff8177
+ name: key-auth
+ protocols:
+ - grpc
+ - grpcs
+ - http
+ - https
+ additionalProperties: false
+ required:
+ - name
+ - config
+ PluginWithoutParents:
+ description: >-
+ A Plugin entity represents a plugin configuration that will be executed
+ during the HTTP request/response lifecycle. It is how you can add
+ functionalities to Services that run behind Kong, like Authentication or
+ Rate Limiting for example. You can find more information about how to
+ install and what values each plugin takes by visiting the [Kong
+ Hub](https://docs.konghq.com/hub/). When adding a Plugin Configuration
+ to a Service, every request made by a client to that Service will run
+ said Plugin. If a Plugin needs to be tuned to different values for some
+ specific Consumers, you can do so by creating a separate plugin instance
+ that specifies both the Service and the Consumer, through the `service`
+ and `consumer` fields.
+ type: object
+ properties:
+ config:
+ description: >-
+ The configuration properties for the Plugin which can be found on
+ the plugins documentation page in the [Kong
+ Hub](https://docs.konghq.com/hub/).
+ type: object
+ additionalProperties: true
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ enabled:
+ description: Whether the plugin is applied.
+ type: boolean
+ nullable: true
+ id:
+ type: string
+ nullable: true
+ instance_name:
+ type: string
+ nullable: true
+ name:
+ description: >-
+ The name of the Plugin that's going to be added. Currently, the
+ Plugin must be installed in every Kong instance separately.
+ type: string
+ ordering:
+ type: object
+ nullable: true
+ properties:
+ after:
+ type: object
+ properties:
+ access:
+ type: array
+ items:
+ type: string
+ before:
+ type: object
+ properties:
+ access:
+ type: array
+ items:
+ type: string
+ protocols:
+ description: >-
+ A list of the request protocols that will trigger this plugin. The
+ default value, as well as the possible values allowed on this field,
+ may change depending on the plugin type. For example, plugins that
+ only work in stream mode will only support `"tcp"` and `"tls"`.
+ type: array
+ items:
+ enum:
+ - grpc
+ - grpcs
+ - http
+ - https
+ - tcp
+ - tls
+ - tls_passthrough
+ - udp
+ - ws
+ - wss
+ type: string
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Plugin for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ config:
+ anonymous: null
+ hide_credentials: false
+ key_in_body: false
+ key_in_header: true
+ key_in_query: true
+ key_names:
+ - apikey
+ run_on_preflight: true
+ enabled: true
+ id: 3fd1eea1-885a-4011-b986-289943ff8177
+ name: key-auth
+ protocols:
+ - grpc
+ - grpcs
+ - http
+ - https
+ additionalProperties: false
+ required:
+ - name
+ - config
+ Route:
+ description: >-
+ Route entities define rules to match client requests. Each Route is
+ associated with a Service, and a Service may have multiple Routes
+ associated to it. Every request matching a given Route will be proxied
+ to its associated Service. The combination of Routes and Services (and
+ the separation of concerns between them) offers a powerful routing
+ mechanism with which it is possible to define fine-grained entry-points
+ in Kong leading to different upstream services of your infrastructure.
+ You need at least one matching rule that applies to the protocol being
+ matched by the Route.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ destinations:
+ description: >-
+ A list of IP destinations of incoming connections that match this
+ Route when using stream routing. Each entry is an object with fields
+ "ip" (optionally in CIDR range notation) and/or "port".
+ type: array
+ items:
+ properties:
+ ip:
+ type: string
+ port:
+ type: integer
+ type: object
+ nullable: true
+ headers:
+ description: >-
+ One or more lists of values indexed by header name that will cause
+ this Route to match if present in the request. The `Host` header
+ cannot be used with this attribute: hosts should be specified using
+ the `hosts` attribute. When `headers` contains only one value and
+ that value starts with the special prefix `~*`, the value is
+ interpreted as a regular expression.
+ type: object
+ additionalProperties:
+ type: string
+ nullable: true
+ hosts:
+ description: >-
+ A list of domain names that match this Route. Note that the hosts
+ value is case sensitive.
+ type: array
+ items:
+ type: string
+ nullable: true
+ https_redirect_status_code:
+ description: >-
+ The status code Kong responds with when all properties of a Route
+ match except the protocol i.e. if the protocol of the request is
+ `HTTP` instead of `HTTPS`. `Location` header is injected by Kong if
+ the field is set to 301, 302, 307 or 308. Note: This config applies
+ only if the Route is configured to only accept the `https` protocol.
+ type: integer
+ enum:
+ - 426
+ - 301
+ - 302
+ - 307
+ - 308
+ nullable: true
+ id:
+ type: string
+ nullable: true
+ methods:
+ description: A list of HTTP methods that match this Route.
+ type: array
+ items:
+ type: string
+ nullable: true
+ name:
+ description: >-
+ The name of the Route. Route names must be unique, and they are case
+ sensitive. For example, there can be two different Routes named
+ "test" and "Test".
+ type: string
+ nullable: true
+ path_handling:
+ description: >-
+ Controls how the Service path, Route path and requested path are
+ combined when sending a request to the upstream. See above for a
+ detailed description of each behavior.
+ type: string
+ enum:
+ - v0
+ - v1
+ nullable: true
+ paths:
+ description: A list of paths that match this Route.
+ type: array
+ items:
+ type: string
+ nullable: true
+ preserve_host:
+ description: >-
+ When matching a Route via one of the `hosts` domain names, use the
+ request `Host` header in the upstream request headers. If set to
+ `false`, the upstream `Host` header will be that of the Service's
+ `host`.
+ type: boolean
+ nullable: true
+ protocols:
+ description: >-
+ An array of the protocols this Route should allow. See the [Route
+ Object](#route-object) section for a list of accepted protocols.
+ When set to only `"https"`, HTTP requests are answered with an
+ upgrade error. When set to only `"http"`, HTTPS requests are
+ answered with an error.
+ type: array
+ items:
+ enum:
+ - grpc
+ - grpcs
+ - http
+ - https
+ - tcp
+ - tls
+ - tls_passthrough
+ - udp
+ - ws
+ - wss
+ type: string
+ nullable: true
+ regex_priority:
+ description: >-
+ A number used to choose which route resolves a given request when
+ several routes match it using regexes simultaneously. When two
+ routes match the path and have the same `regex_priority`, the older
+ one (lowest `created_at`) is used. Note that the priority for
+ non-regex routes is different (longer non-regex routes are matched
+ before shorter ones).
+ type: integer
+ nullable: true
+ request_buffering:
+ description: >-
+ Whether to enable request body buffering or not. With HTTP 1.1, it
+ may make sense to turn this off on services that receive data with
+ chunked transfer encoding.
+ type: boolean
+ nullable: true
+ response_buffering:
+ description: >-
+ Whether to enable response body buffering or not. With HTTP 1.1, it
+ may make sense to turn this off on services that send data with
+ chunked transfer encoding.
+ type: boolean
+ nullable: true
+ service:
+ description: >-
+ The Service this Route is associated to. This is where the Route
+ proxies traffic to.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ snis:
+ description: A list of SNIs that match this Route when using stream routing.
+ type: array
+ items:
+ type: string
+ nullable: true
+ sources:
+ description: >-
+ A list of IP sources of incoming connections that match this Route
+ when using stream routing. Each entry is an object with fields "ip"
+ (optionally in CIDR range notation) and/or "port".
+ type: array
+ items:
+ properties:
+ ip:
+ type: string
+ port:
+ type: integer
type: object
+ nullable: true
+ strip_path:
+ description: >-
+ When matching a Route via one of the `paths`, strip the matching
+ prefix from the upstream request URL.
+ type: boolean
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Route for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ hosts:
+ - foo.example.com
+ - foo.example.us
+ id: 56c4566c-14cc-4132-9011-4139fcbbe50a
+ name: example-route
+ paths:
+ - /v1
+ - /v2
+ service:
+ id: bd380f99-659d-415e-b0e7-72ea05df3218
+ additionalProperties: false
+ RouteWithoutParents:
+ description: >-
+ Route entities define rules to match client requests. Each Route is
+ associated with a Service, and a Service may have multiple Routes
+ associated to it. Every request matching a given Route will be proxied
+ to its associated Service. The combination of Routes and Services (and
+ the separation of concerns between them) offers a powerful routing
+ mechanism with which it is possible to define fine-grained entry-points
+ in Kong leading to different upstream services of your infrastructure.
+ You need at least one matching rule that applies to the protocol being
+ matched by the Route.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ destinations:
+ description: >-
+ A list of IP destinations of incoming connections that match this
+ Route when using stream routing. Each entry is an object with fields
+ "ip" (optionally in CIDR range notation) and/or "port".
+ type: array
+ items:
properties:
- meta:
- $ref: '#/components/schemas/PaginatedMeta'
- data:
- type: array
- items:
- $ref: '#/components/schemas/SystemAccount'
- title: System Account Collection Response
- SystemAccountSingle:
- description: A response including a single system account.
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/SystemAccount'
- SystemAccountAccessTokenSingle:
- description: A response including a single system account access token.
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/SystemAccountAccessToken'
- SystemAccountAccessTokenCollection:
+ ip:
+ type: string
+ port:
+ type: integer
+ type: object
+ nullable: true
+ headers:
+ description: >-
+ One or more lists of values indexed by header name that will cause
+ this Route to match if present in the request. The `Host` header
+ cannot be used with this attribute: hosts should be specified using
+ the `hosts` attribute. When `headers` contains only one value and
+ that value starts with the special prefix `~*`, the value is
+ interpreted as a regular expression.
+ type: object
+ additionalProperties:
+ type: string
+ nullable: true
+ hosts:
+ description: >-
+ A list of domain names that match this Route. Note that the hosts
+ value is case sensitive.
+ type: array
+ items:
+ type: string
+ nullable: true
+ https_redirect_status_code:
+ description: >-
+ The status code Kong responds with when all properties of a Route
+ match except the protocol i.e. if the protocol of the request is
+ `HTTP` instead of `HTTPS`. `Location` header is injected by Kong if
+ the field is set to 301, 302, 307 or 308. Note: This config applies
+ only if the Route is configured to only accept the `https` protocol.
+ type: integer
+ enum:
+ - 426
+ - 301
+ - 302
+ - 307
+ - 308
+ nullable: true
+ id:
+ type: string
+ nullable: true
+ methods:
+ description: A list of HTTP methods that match this Route.
+ type: array
+ items:
+ type: string
+ nullable: true
+ name:
+ description: >-
+ The name of the Route. Route names must be unique, and they are case
+ sensitive. For example, there can be two different Routes named
+ "test" and "Test".
+ type: string
+ nullable: true
+ path_handling:
+ description: >-
+ Controls how the Service path, Route path and requested path are
+ combined when sending a request to the upstream. See above for a
+ detailed description of each behavior.
+ type: string
+ enum:
+ - v0
+ - v1
+ nullable: true
+ paths:
+ description: A list of paths that match this Route.
+ type: array
+ items:
+ type: string
+ nullable: true
+ preserve_host:
+ description: >-
+ When matching a Route via one of the `hosts` domain names, use the
+ request `Host` header in the upstream request headers. If set to
+ `false`, the upstream `Host` header will be that of the Service's
+ `host`.
+ type: boolean
+ nullable: true
+ protocols:
+ description: >-
+ An array of the protocols this Route should allow. See the [Route
+ Object](#route-object) section for a list of accepted protocols.
+ When set to only `"https"`, HTTP requests are answered with an
+ upgrade error. When set to only `"http"`, HTTPS requests are
+ answered with an error.
+ type: array
+ items:
+ enum:
+ - grpc
+ - grpcs
+ - http
+ - https
+ - tcp
+ - tls
+ - tls_passthrough
+ - udp
+ - ws
+ - wss
+ type: string
+ nullable: true
+ regex_priority:
+ description: >-
+ A number used to choose which route resolves a given request when
+ several routes match it using regexes simultaneously. When two
+ routes match the path and have the same `regex_priority`, the older
+ one (lowest `created_at`) is used. Note that the priority for
+ non-regex routes is different (longer non-regex routes are matched
+ before shorter ones).
+ type: integer
+ nullable: true
+ request_buffering:
+ description: >-
+ Whether to enable request body buffering or not. With HTTP 1.1, it
+ may make sense to turn this off on services that receive data with
+ chunked transfer encoding.
+ type: boolean
+ nullable: true
+ response_buffering:
+ description: >-
+ Whether to enable response body buffering or not. With HTTP 1.1, it
+ may make sense to turn this off on services that send data with
+ chunked transfer encoding.
+ type: boolean
+ nullable: true
+ snis:
+ description: A list of SNIs that match this Route when using stream routing.
+ type: array
+ items:
+ type: string
+ nullable: true
+ sources:
+ description: >-
+ A list of IP sources of incoming connections that match this Route
+ when using stream routing. Each entry is an object with fields "ip"
+ (optionally in CIDR range notation) and/or "port".
+ type: array
+ items:
+ properties:
+ ip:
+ type: string
+ port:
+ type: integer
+ type: object
+ nullable: true
+ strip_path:
+ description: >-
+ When matching a Route via one of the `paths`, strip the matching
+ prefix from the upstream request URL.
+ type: boolean
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Route for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ hosts:
+ - foo.example.com
+ - foo.example.us
+ id: 56c4566c-14cc-4132-9011-4139fcbbe50a
+ name: example-route
+ paths:
+ - /v1
+ - /v2
+ additionalProperties: false
+ SNI:
description: >-
- A paginated list response for a collection of system accounts access
- tokens.
- content:
- application/json:
- schema:
- type: object
- properties:
- meta:
- $ref: '#/components/schemas/PaginatedMeta'
- data:
- type: array
- items:
- $ref: '#/components/schemas/SystemAccountAccessToken'
- title: System Account Access Token Collection Reponse
- SystemAccountAccessTokenCreated:
+ An SNI object represents a many-to-one mapping of hostnames to a
+ certificate. That is, a certificate object can have many hostnames
+ associated with it; when Kong receives an SSL request, it uses the SNI
+ field in the Client Hello to lookup the certificate object based on the
+ SNI associated with the certificate.
+ type: object
+ properties:
+ certificate:
+ description: >-
+ The id (a UUID) of the certificate with which to associate the SNI
+ hostname. The Certificate must have a valid private key associated
+ with it to be used by the SNI object.
+ type: object
+ additionalProperties: false
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ nullable: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ name:
+ description: The SNI name to associate with the given certificate.
+ type: string
+ tags:
+ description: >-
+ An optional set of strings associated with the SNIs for grouping and
+ filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ certificate:
+ id: bd380f99-659d-415e-b0e7-72ea05df3218
+ id: 36c4566c-14cc-4132-9011-4139fcbbe50a
+ name: some.example.org
+ additionalProperties: false
+ required:
+ - name
+ - certificate
+ SNIWithoutParents:
+ description: >-
+ An SNI object represents a many-to-one mapping of hostnames to a
+ certificate. That is, a certificate object can have many hostnames
+ associated with it; when Kong receives an SSL request, it uses the SNI
+ field in the Client Hello to lookup the certificate object based on the
+ SNI associated with the certificate.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ name:
+ description: The SNI name to associate with the given certificate.
+ type: string
+ tags:
+ description: >-
+ An optional set of strings associated with the SNIs for grouping and
+ filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ id: 36c4566c-14cc-4132-9011-4139fcbbe50a
+ name: some.example.org
+ additionalProperties: false
+ required:
+ - name
+ Service:
+ description: >-
+ Service entities, as the name implies, are abstractions of each of your
+ own upstream services. Examples of Services would be a data
+ transformation microservice, a billing API, etc. The main attribute of a
+ Service is its URL (where Kong should proxy traffic to), which can be
+ set as a single string or by specifying its `protocol`, `host`, `port`
+ and `path` individually. Services are associated to Routes (a Service
+ can have many Routes associated with it). Routes are entry-points in
+ Kong and define rules to match client requests. Once a Route is matched,
+ Kong proxies the request to its associated Service. See the [Proxy
+ Reference][proxy-reference] for a detailed explanation of how Kong
+ proxies traffic.
+ type: object
+ properties:
+ ca_certificates:
+ description: >-
+ Array of `CA Certificate` object UUIDs that are used to build the
+ trust store while verifying upstream server's TLS certificate. If
+ set to `null` when Nginx default is respected. If default CA list in
+ Nginx are not specified and TLS verification is enabled, then
+ handshake with upstream server will always fail (because no CA are
+ trusted).
+ type: array
+ items:
+ type: string
+ nullable: true
+ client_certificate:
+ description: >-
+ Certificate to be used as client certificate while TLS handshaking
+ to the upstream server.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ connect_timeout:
+ description: >-
+ The timeout in milliseconds for establishing a connection to the
+ upstream server.
+ type: integer
+ nullable: true
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ enabled:
+ description: >-
+ Whether the Service is active. If set to `false`, the proxy behavior
+ will be as if any routes attached to it do not exist (404). Default:
+ `true`.
+ type: boolean
+ nullable: true
+ host:
+ description: >-
+ The host of the upstream server. Note that the host value is case
+ sensitive.
+ type: string
+ id:
+ type: string
+ nullable: true
+ name:
+ description: The Service name.
+ type: string
+ nullable: true
+ path:
+ description: The path to be used in requests to the upstream server.
+ type: string
+ nullable: true
+ port:
+ description: The upstream server port.
+ type: integer
+ protocol:
+ description: The protocol used to communicate with the upstream.
+ type: string
+ enum:
+ - grpc
+ - grpcs
+ - http
+ - https
+ - tcp
+ - tls
+ - tls_passthrough
+ - udp
+ - ws
+ - wss
+ read_timeout:
+ description: >-
+ The timeout in milliseconds between two successive read operations
+ for transmitting a request to the upstream server.
+ type: integer
+ nullable: true
+ retries:
+ description: The number of retries to execute upon failure to proxy.
+ type: integer
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Service for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ tls_verify:
+ description: >-
+ Whether to enable verification of upstream server TLS certificate.
+ If set to `null`, then the Nginx default is respected.
+ type: boolean
+ nullable: true
+ tls_verify_depth:
+ description: >-
+ Maximum depth of chain while verifying Upstream server's TLS
+ certificate. If set to `null`, then the Nginx default is respected.
+ type: integer
+ nullable: true
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ url:
+ description: >-
+ Helper field to set `protocol`, `host`, `port` and `path` using a
+ URL. This field is write-only and is not returned in responses.
+ type: string
+ writeOnly: true
+ write_timeout:
+ description: >-
+ The timeout in milliseconds between two successive write operations
+ for transmitting a request to the upstream server.
+ type: integer
+ nullable: true
+ example:
+ host: example.internal
+ id: 49fd316e-c457-481c-9fc7-8079153e4f3c
+ name: example-service
+ path: /
+ port: 80
+ protocol: http
+ additionalProperties: false
+ required:
+ - protocol
+ - host
+ - port
+ Target:
description: >-
- A response including a single system account access token with the
- token.
- content:
- application/json:
- schema:
- x-speakeasy-entity: SystemAccountAccessToken
- type: object
- properties:
- id:
- description: ID of the system account access token.
- type: string
- format: uuid
- readOnly: true
- name:
- description: Name of the system account access token.
- type: string
- created_at:
- description: Timestamp of when the system account access token was created.
- type: string
- format: date-time
- readOnly: true
- updated_at:
- description: >-
- Timestamp of when the system account access token was last
- updated.
- type: string
- format: date-time
- readOnly: true
- expires_at:
- description: Timestamp of when the system account access token will expire.
- type: string
- format: date-time
- readOnly: true
- last_used_at:
- description: >-
- Timestamp of when the system account access token was last
- used.
- type: string
- format: date-time
- readOnly: true
- token:
- description: The token of the system account access token.
- type: string
- readOnly: true
- example:
- id: 497f6eca-6276-4993-bfeb-53cbbbba6f08
- name: Sample Access Token
- created_at: '2022-08-01T14:16:09Z'
- updated_at: '2022-08-02T08:35:49Z'
- expires_at: '2022-12-31T12:52:23Z'
- last_used_at: '2022-10-24T13:05:42Z'
- title: System Account Access Token Created Response
- MeOrganization:
- description: Me Organization
- content:
- application/json:
- schema:
- type: object
- properties:
- id:
- description: UUID of the organization.
- type: string
- format: uuid
- readOnly: true
- name:
- description: Name of the organization.
- type: string
- owner_id:
- description: Owner ID of the organization.
- type: string
- login_path:
- description: >-
- Path to organization-specific login when single sign on (SSO)
- is enabled. Blank otherwise.
- type: string
- created_at:
- description: Date the organization was created.
- type: string
- format: date-time
- readOnly: true
- updated_at:
- description: Date the organization was last updated.
- type: string
- format: date-time
- readOnly: true
- state:
- description: State of the organization
- type: string
- enum:
- - active
- - inactive
- - deleting
- - deleted
- retention_period_days:
- description: >-
- The number of days an organization spends inactive before
- being deleted.
- type: integer
- example:
- id: d99c041a-c7cf-46a2-bf3a-44bb5f75400e
- name: string
- owner_id: 1c9c3848-5897-4f2c-beed-df6f3e3adb37
- created_at: '2023-01-23T17:22:52.150Z'
- updated_at: '2023-01-23T17:22:52.150Z'
- state: active
- retention_period_days: 90
- title: Me Organization Response
- IdPConfiguration:
- description: A get action response of the IdP configuration.
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/IdP'
- DataPlaneClientCertificateResponse:
- description: Response body for retrieving a dp-client-certificate.
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/DataPlaneClientCertificate'
- GetExpectedConfigHashResponse:
+ A target is an ip address/hostname with a port that identifies an
+ instance of a backend service. Every upstream can have many targets, and
+ the targets can be dynamically added, modified, or deleted. Changes take
+ effect on the fly. To disable a target, post a new one with `weight=0`;
+ alternatively, use the `DELETE` convenience method to accomplish the
+ same. The current target object definition is the one with the latest
+ `created_at`.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: number
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Target for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ target:
+ description: >-
+ The target address (ip or hostname) and port. If the hostname
+ resolves to an SRV record, the `port` value will be overridden by
+ the value from the DNS record.
+ type: string
+ nullable: true
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: number
+ readOnly: true
+ upstream:
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ weight:
+ description: >-
+ The weight this target gets within the upstream loadbalancer
+ (`0`-`65535`). If the hostname resolves to an SRV record, the
+ `weight` value will be overridden by the value from the DNS record.
+ type: integer
+ nullable: true
+ example:
+ id: 089292a7-ba3d-4d88-acf0-97b4b2e2621a
+ target: 203.0.113.42
+ upstream:
+ id: 5f1d7e76-2fed-4806-a6af-869984f025cb
+ weight: 100
+ additionalProperties: false
+ TargetWithoutParents:
description: >-
- Response body for retrieving the expected config hash of the control
- plane.
- content:
- application/json:
- schema:
- type: object
- properties:
- expected_hash:
- description: The expected configuration hash.
- type: string
- created_at:
- description: Date the control plane configuration was created.
- type: integer
- updated_at:
- description: Date the control plane configuration was last updated.
- type: integer
- required:
- - expected_hash
- - created_at
- - updated_at
- ListDataPlaneCertificatesResponse:
- description: Example response
- content:
- application/json:
- schema:
- type: object
- properties:
- items:
- type: array
- items:
- $ref: '#/components/schemas/DataPlaneClientCertificate'
- page:
- type: object
- properties:
- total:
- type: integer
- list-nodes:
- description: Example response
- content:
- application/json:
- schema:
- type: object
- properties:
- items:
- type: array
- items:
+ A target is an ip address/hostname with a port that identifies an
+ instance of a backend service. Every upstream can have many targets, and
+ the targets can be dynamically added, modified, or deleted. Changes take
+ effect on the fly. To disable a target, post a new one with `weight=0`;
+ alternatively, use the `DELETE` convenience method to accomplish the
+ same. The current target object definition is the one with the latest
+ `created_at`.
+ type: object
+ properties:
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: number
+ readOnly: true
+ id:
+ type: string
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Target for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ target:
+ description: >-
+ The target address (ip or hostname) and port. If the hostname
+ resolves to an SRV record, the `port` value will be overridden by
+ the value from the DNS record.
+ type: string
+ nullable: true
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: number
+ readOnly: true
+ weight:
+ description: >-
+ The weight this target gets within the upstream loadbalancer
+ (`0`-`65535`). If the hostname resolves to an SRV record, the
+ `weight` value will be overridden by the value from the DNS record.
+ type: integer
+ nullable: true
+ example:
+ id: 089292a7-ba3d-4d88-acf0-97b4b2e2621a
+ target: 203.0.113.42
+ weight: 100
+ additionalProperties: false
+ Upstream:
+ description: >-
+ The upstream object represents a virtual hostname and can be used to
+ loadbalance incoming requests over multiple services (targets). So for
+ example an upstream named `service.v1.xyz` for a Service object whose
+ `host` is `service.v1.xyz`. Requests for this Service would be proxied
+ to the targets defined within the upstream. An upstream also includes a
+ [health checker][healthchecks], which is able to enable and disable
+ targets based on their ability or inability to serve requests. The
+ configuration for the health checker is stored in the upstream object,
+ and applies to all of its targets.
+ type: object
+ properties:
+ algorithm:
+ description: Which load balancing algorithm to use.
+ type: string
+ enum:
+ - consistent-hashing
+ - least-connections
+ - round-robin
+ - latency
+ nullable: true
+ client_certificate:
+ description: >-
+ If set, the certificate to be used as client certificate while TLS
+ handshaking to the upstream server.
+ type: object
+ additionalProperties: false
+ nullable: true
+ properties:
+ id:
+ type: string
+ x-foreign: true
+ x-speakeasy-terraform-plan-only: true
+ default: null
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ hash_fallback:
+ description: >-
+ What to use as hashing input if the primary `hash_on` does not
+ return a hash (eg. header is missing, or no Consumer identified).
+ Not available if `hash_on` is set to `cookie`.
+ type: string
+ enum:
+ - none
+ - consumer
+ - ip
+ - header
+ - cookie
+ - path
+ - query_arg
+ - uri_capture
+ nullable: true
+ hash_fallback_header:
+ description: >-
+ The header name to take the value from as hash input. Only required
+ when `hash_fallback` is set to `header`.
+ type: string
+ nullable: true
+ hash_fallback_query_arg:
+ description: >-
+ The name of the query string argument to take the value from as hash
+ input. Only required when `hash_fallback` is set to `query_arg`.
+ type: string
+ nullable: true
+ hash_fallback_uri_capture:
+ description: >-
+ The name of the route URI capture to take the value from as hash
+ input. Only required when `hash_fallback` is set to `uri_capture`.
+ type: string
+ nullable: true
+ hash_on:
+ description: >-
+ What to use as hashing input. Using `none` results in a
+ weighted-round-robin scheme with no hashing.
+ type: string
+ enum:
+ - none
+ - consumer
+ - ip
+ - header
+ - cookie
+ - path
+ - query_arg
+ - uri_capture
+ nullable: true
+ hash_on_cookie:
+ description: >-
+ The cookie name to take the value from as hash input. Only required
+ when `hash_on` or `hash_fallback` is set to `cookie`. If the
+ specified cookie is not in the request, Kong will generate a value
+ and set the cookie in the response.
+ type: string
+ nullable: true
+ hash_on_cookie_path:
+ description: >-
+ The cookie path to set in the response headers. Only required when
+ `hash_on` or `hash_fallback` is set to `cookie`.
+ type: string
+ nullable: true
+ hash_on_header:
+ description: >-
+ The header name to take the value from as hash input. Only required
+ when `hash_on` is set to `header`.
+ type: string
+ nullable: true
+ hash_on_query_arg:
+ description: >-
+ The name of the query string argument to take the value from as hash
+ input. Only required when `hash_on` is set to `query_arg`.
+ type: string
+ nullable: true
+ hash_on_uri_capture:
+ description: >-
+ The name of the route URI capture to take the value from as hash
+ input. Only required when `hash_on` is set to `uri_capture`.
+ type: string
+ nullable: true
+ healthchecks:
+ type: object
+ nullable: true
+ properties:
+ active:
+ type: object
+ properties:
+ concurrency:
+ type: integer
+ headers:
type: object
- properties:
- id:
- type: string
- version:
- type: string
- hostname:
- type: string
- last_ping:
- type: integer
- type:
- type: string
- created_at:
- type: integer
- updated_at:
- type: integer
- config_hash:
- type: string
- compatibility_status:
- type: object
- properties:
- state:
- type: string
- page:
- type: object
- properties:
- total:
- type: integer
- next:
+ additionalProperties:
type: string
- list-nodes-eol:
- description: Example response
- content:
- application/json:
- schema:
- type: object
- properties:
- items:
- type: array
- items:
+ healthy:
type: object
properties:
- node_id:
- type: string
- node_version:
- type: string
- message:
- type: string
- page:
- type: object
- properties:
- total:
- type: integer
- get-node:
- description: Example response
- content:
- application/json:
- schema:
- type: object
- properties:
- item:
- type: object
- properties:
- id:
- type: string
- version:
- type: string
- hostname:
- type: string
- last_ping:
- type: integer
- type:
- type: string
- created_at:
- type: integer
- updated_at:
- type: integer
- config_hash:
- type: string
- compatibility_status:
- type: object
- properties:
- state:
- type: string
- list-plugin-schemas:
- description: A paginated list response for a collection of custom plugin schemas.
- content:
- application/json:
- schema:
- type: object
- properties:
- items:
- type: array
- items:
+ http_statuses:
+ type: array
+ items:
+ type: integer
+ interval:
+ type: number
+ successes:
+ type: integer
+ http_path:
+ type: string
+ https_sni:
+ type: string
+ https_verify_certificate:
+ type: boolean
+ timeout:
+ type: number
+ type:
+ type: string
+ enum:
+ - tcp
+ - http
+ - https
+ - grpc
+ - grpcs
+ unhealthy:
type: object
properties:
- lua_schema:
- description: The custom plugin schema; `jq -Rs '.' schema.lua`.
- type: string
- example: >-
- return { name = \"myplugin\", fields = { { config = {
- type = \"record\", fields = { } } } } }
- name:
- description: >-
- The custom plugin name determined by the custom plugin
- schema.
- type: string
- example: myplugin
- created_at:
- description: >-
- An ISO-8604 timestamp representation of custom plugin
- schema creation date.
+ http_failures:
type: integer
- example: 1422386534
- updated_at:
- description: >-
- An ISO-8604 timestamp representation of custom plugin
- schema update date.
+ http_statuses:
+ type: array
+ items:
+ type: integer
+ interval:
+ type: number
+ tcp_failures:
type: integer
- example: 1422412345
- page:
- type: object
- properties:
- total:
- type: integer
- plugin-schemas:
- description: A response for a single custom plugin schema.
- content:
- application/json:
- schema:
- type: object
- properties:
- item:
- x-speakeasy-entity: GatewayCustomPluginSchema
- type: object
- properties:
- lua_schema:
- description: The custom plugin schema; `jq -Rs '.' schema.lua`.
- type: string
- example: >-
- return { name = \"myplugin\", fields = { { config = { type
- = \"record\", fields = { } } } } }
- name:
- description: >-
- The custom plugin name determined by the custom plugin
- schema.
- type: string
- example: myplugin
- created_at:
- description: >-
- An ISO-8604 timestamp representation of custom plugin
- schema creation date.
- type: integer
- example: 1422386534
- updated_at:
- description: >-
- An ISO-8604 timestamp representation of custom plugin
- schema update date.
- type: integer
- example: 1422412345
- HTTP401Error:
- description: Unauthorized
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/GatewayUnauthorizedError'
- Conflict:
- description: Conflict
- content:
- application/problem+json:
- schema:
- $ref: '#/components/schemas/ConflictError'
- securitySchemes:
- personalAccessToken:
- type: http
- scheme: bearer
- bearerFormat: Token
- description: >-
- The personal access token is meant to be used as an alternative to
- basic-auth when accessing Konnect via APIs. You can generate a Personal
- Access Token (PAT) from the personal access token page in the Konnect
- dashboard.
- systemAccountAccessToken:
- type: http
- scheme: bearer
- bearerFormat: Token
- description: >
- The system account access token is meant for automations and
- integrations that are not directly associated with a human identity.
-
- You can generate a system account Access Token by creating a system
- account and then obtaining a system account access token for that
- account.
-
- The access token must be passed in the header of a request, for example:
-
- `curl -X GET 'https://global.api.konghq.com/v2/users/' --header
- 'Authorization: Bearer spat_i2Ej...'`
- konnectAccessToken:
- type: http
- scheme: bearer
- bearerFormat: JWT
+ timeouts:
+ type: integer
+ passive:
+ type: object
+ properties:
+ healthy:
+ type: object
+ properties:
+ http_statuses:
+ type: array
+ items:
+ type: integer
+ successes:
+ type: integer
+ type:
+ type: string
+ enum:
+ - tcp
+ - http
+ - https
+ - grpc
+ - grpcs
+ unhealthy:
+ type: object
+ properties:
+ http_failures:
+ type: integer
+ http_statuses:
+ type: array
+ items:
+ type: integer
+ tcp_failures:
+ type: integer
+ timeouts:
+ type: integer
+ threshold:
+ type: number
+ host_header:
+ description: >-
+ The hostname to be used as `Host` header when proxying requests
+ through Kong.
+ type: string
+ nullable: true
+ id:
+ type: string
+ nullable: true
+ name:
+ description: This is a hostname, which must be equal to the `host` of a Service.
+ type: string
+ slots:
+ description: >-
+ The number of slots in the load balancer algorithm. If `algorithm`
+ is set to `round-robin`, this setting determines the maximum number
+ of slots. If `algorithm` is set to `consistent-hashing`, this
+ setting determines the actual number of slots in the algorithm.
+ Accepts an integer in the range `10`-`65536`.
+ type: integer
+ nullable: true
+ tags:
+ description: >-
+ An optional set of strings associated with the Upstream for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ use_srv_name:
+ description: >-
+ If set, the balancer will use SRV hostname(if DNS Answer has SRV
+ record) as the proxy upstream `Host`.
+ type: boolean
+ nullable: true
+ example:
+ algorithm: round-robin
+ hash_fallback: none
+ hash_on: none
+ hash_on_cookie_path: /
+ healthchecks:
+ active:
+ concurrency: 10
+ healthy:
+ http_statuses:
+ - 200
+ - 302
+ interval: 0
+ successes: 0
+ http_path: /
+ https_verify_certificate: true
+ timeout: 1
+ type: http
+ unhealthy:
+ http_failures: 0
+ http_statuses:
+ - 429
+ - 404
+ - 500
+ - 501
+ - 502
+ - 503
+ - 504
+ - 505
+ interval: 0
+ tcp_failures: 0
+ timeouts: 0
+ passive:
+ healthy:
+ http_statuses:
+ - 200
+ - 201
+ - 202
+ - 203
+ - 204
+ - 205
+ - 206
+ - 207
+ - 208
+ - 226
+ - 300
+ - 301
+ - 302
+ - 303
+ - 304
+ - 305
+ - 306
+ - 307
+ - 308
+ successes: 0
+ type: http
+ unhealthy:
+ http_failures: 0
+ http_statuses:
+ - 429
+ - 500
+ - 503
+ tcp_failures: 0
+ timeouts: 0
+ threshold: 0
+ id: 6eed5e9c-5398-4026-9a4c-d48f18a2431e
+ name: api.example.internal
+ slots: 10000
+ additionalProperties: false
+ required:
+ - name
+ Vault:
description: >-
- The Konnect access token is meant to be used by the Konnect dashboard
- and the decK CLI to authenticate with.
-tags:
- - name: Control Planes
- - name: Control Plane Groups
- - name: Auth Settings
- - name: Invites
- - name: Roles
- - name: Team Membership
- - name: Teams
- - name: Users
- - name: System Accounts
- - name: System Accounts - Access Tokens
- - name: System Accounts - Roles
- - name: System Accounts - Team Membership
- - name: Me
- - name: Authentication
- - name: Impersonation Settings
- - description: DP Nodes
- name: DP Nodes
- - description: DP Certificates
- name: DP Certificates
- - description: Custom Plugin Schemas
- name: Custom Plugin Schemas
- - description: >
- Service entities are abstractions of your microservice interfaces or
- formal APIs. For example, a service could be a data transformation
- microservice or a billing API.
-
-
-
- The main attribute of a service is the destination URL for proxying
- traffic. This URL can be set as a single string or by specifying its
- protocol, host, port and path individually.
-
-
-
- Services are associated to routes, and a single service can have many
- routes associated with it. Routes are entrypoints in Kong Gateway which
- define rules to match client requests. Once a route is matched, Kong
- Gateway proxies the request to its associated service. See the [Proxy
- Reference](https://docs.konghq.com/gateway/latest/how-kong-works/routing-traffic/)
- for a detailed explanation of how Kong proxies traffic.
-
-
-
- Services can be both [tagged and filtered by
- tags](https://docs.konghq.com/gateway/latest/admin-api/#tags).
- name: Services
- - description: >
- Route entities define rules to match client requests. Each route is
- associated with a service, and a service may have multiple routes
- associated to it. Every request matching a given route will be proxied to
- the associated service. You need at least one matching rule that applies
- to the protocol being matched by the route.
-
-
-
- The combination of routes and services, and the separation of concerns
- between them, offers a powerful routing mechanism with which it is
- possible to define fine-grained entrypoints in Kong Gateway leading to
- different upstream services of your infrastructure.
-
-
-
- Depending on the protocol, one of the following attributes must be set:
-
-
-
-
- - `http`: At least one of `methods`, `hosts`, `headers`, or `paths`
-
- - `https`: At least one of `methods`, `hosts`, `headers`, `paths`, or
- `snis`
-
- - `tcp`: At least one of `sources` or `destinations`
-
- - `tls`: at least one of `sources`, `destinations`, or `snis`
-
- - `tls_passthrough`: set `snis`
-
- - `grpc`: At least one of `hosts`, `headers`, or `paths`
-
- - `grpcs`: At least one of `hosts`, `headers`, `paths`, or `snis`
-
- - `ws`: At least one of `hosts`, `headers`, or `paths`
-
- - `wss`: At least one of `hosts`, `headers`, `paths`, or `snis`
-
- A route can't have both `tls` and `tls_passthrough` protocols at same time.
-
- Learn more about the router:
- - [Configure routes using
- expressions](https://docs.konghq.com/gateway/latest/key-concepts/routes/expressions)
-
- - [Router Expressions language
- reference](https://docs.konghq.com/gateway/latest/reference/router-expressions-language/)
- name: Routes
- - description: >
- A plugin entity represents a plugin configuration that will be executed
- during the HTTP request/response lifecycle. Plugins let you add
- functionality to services that run behind a Kong Gateway instance, like
- authentication or rate limiting.
-
- You can find more information about available plugins and which values
- each plugin accepts at the [Plugin Hub](https://docs.konghq.com/hub/).
-
-
-
- When adding a plugin configuration to a service, the plugin will run on
- every request made by a client to that service. If a plugin needs to be
- tuned to different values for some specific consumers, you can do so by
- creating a separate plugin instance that specifies both the service and
- the consumer, through the service and consumer fields.
-
-
-
- Plugins can be both [tagged and filtered by
- tags](https://docs.konghq.com/gateway/latest/admin-api/#tags).
- name: Plugins
- - description: >
- The consumer object represents a consumer - or a user - of a service.
-
- You can either rely on Kong Gateway as the primary datastore, or you can
- map the consumer list with your database to keep consistency between Kong
- Gateway and your existing primary datastore.
- name: Consumers
- - description: >-
- Consumer groups enable the organization and categorization of consumers
- (users or applications) within an API ecosystem.
-
- By grouping consumers together, you eliminate the need to manage them
- individually, providing a scalable, efficient approach to managing
- configurations.
- name: Consumer Groups
- - description: >
- A certificate object represents a public certificate, and can be
- optionally paired with the corresponding private key. These objects are
- used by Kong Gateway to handle SSL/TLS termination for encrypted requests,
- or for use as a trusted CA store when validating peer certificate of
- client/service.
-
-
-
- Certificates are optionally associated with SNI objects to tie a cert/key
- pair to one or more hostnames.
-
-
-
- If intermediate certificates are required in addition to the main
- certificate, they should be concatenated together into one string.
- name: Certificates
- - description: >-
- An SNI object represents a many-to-one mapping of hostnames to a
- certificate.
-
-
-
- A certificate object can have many hostnames associated with it. When Kong
- Gateway receives an SSL request, it uses the SNI field in the Client Hello
- to look up the certificate object based on the SNI associated with the
- certificate.
- name: SNIs
- - description: >-
- A CA certificate object represents a trusted certificate authority.
-
- These objects are used by Kong Gateway to verify the validity of a client
- or server certificate.
- name: CA Certificates
- - description: >-
- The upstream object represents a virtual hostname and can be used to load
- balance incoming requests over multiple services (targets).
-
-
-
- An upstream also includes a [health
- checker](https://docs.konghq.com/gateway/latest/how-kong-works/health-checks/),
- which can enable and disable targets based on their ability or inability
- to serve requests.
+ Vault entities are used to configure different Vault connectors.
+ Examples of Vaults are Environment Variables, Hashicorp Vault and AWS
+ Secrets Manager. Configuring a Vault allows referencing the secrets with
+ other entities. For example a certificate entity can store a reference
+ to a certificate and key, stored in a vault, instead of storing the
+ certificate and key within the entity. This allows a proper separation
+ of secrets and configuration and prevents secret sprawl.
+ type: object
+ properties:
+ config:
+ description: >-
+ The configuration properties for the Vault which can be found on the
+ vaults' documentation page.
+ type: object
+ additionalProperties: true
+ created_at:
+ description: Unix epoch when the resource was created.
+ type: integer
+ readOnly: true
+ description:
+ description: The description of the Vault entity.
+ type: string
+ nullable: true
+ id:
+ type: string
+ nullable: true
+ name:
+ description: >-
+ The name of the Vault that's going to be added. Currently, the Vault
+ implementation must be installed in every Kong instance.
+ type: string
+ prefix:
+ description: >-
+ The unique prefix (or identifier) for this Vault configuration. The
+ prefix is used to load the right Vault configuration and
+ implementation when referencing secrets with the other entities.
+ type: string
+ tags:
+ description: >-
+ An optional set of strings associated with the Vault for grouping
+ and filtering.
+ type: array
+ items:
+ type: string
+ updated_at:
+ description: Unix epoch when the resource was last updated.
+ type: integer
+ readOnly: true
+ example:
+ config:
+ prefix: ENV_PREFIX
+ description: environment variable based vault
+ id: 2747d1e5-8246-4f65-a939-b392f1ee17f8
+ name: env
+ prefix: env
+ tags:
+ - foo
+ - bar
+ additionalProperties: false
+ required:
+ - name
+ - prefix
+ - config
+ securitySchemes:
+ personalAccessToken:
+ type: http
+ scheme: bearer
+ bearerFormat: Token
+ description: >-
+ The personal access token is meant to be used as an alternative to
+ basic-auth when accessing Konnect via APIs. You can generate a Personal
+ Access Token (PAT) from the personal access token page in the Konnect
+ dashboard.
+ systemAccountAccessToken:
+ type: http
+ scheme: bearer
+ bearerFormat: Token
+ description: >
+ The system account access token is meant for automations and
+ integrations that are not directly associated with a human identity.
- The configuration for the health checker is stored in the upstream object,
- and applies to all of its targets.
- name: Upstreams
- - description: >
- Vault objects are used to configure different vault connectors for
- [managing
- secrets](https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/).
+ You can generate a system account Access Token by creating a system
+ account and then obtaining a system account access token for that
+ account.
- Configuring a vault lets you reference secrets from other entities.
+ The access token must be passed in the header of a request, for example:
- This allows for a proper separation of secrets and configuration and
- prevents secret sprawl.
+ `curl -X GET 'https://global.api.konghq.com/v2/users/' --header
+ 'Authorization: Bearer spat_i2Ej...'`
+ konnectAccessToken:
+ type: http
+ scheme: bearer
+ bearerFormat: JWT
+ description: >-
+ The Konnect access token is meant to be used by the Konnect dashboard
+ and the decK CLI to authenticate with.
+ requestBodies:
+ GroupMembershipAdd:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GroupMembership'
+ description: >-
+ Request body for adding a list of child control planes to a control
+ plane group membership.
+ GroupMembershipRemove:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GroupMembership'
+ description: >-
+ Request body for removing a list of child control planes from a control
+ plane group membership.
+ GroupMembershipUpsert:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GroupMembership'
+ description: >-
+ Request body for upserting a list of child control planes to a control
+ plane group membership.
+ UpdateImpersonationSettingsRequest:
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ enabled:
+ type: boolean
+ example: true
+ description: >-
+ Indicates if user impersonation is allowed for the
+ organization.
+ description: The request schema for adding a system account to a team.
+ UpdateUser:
+ description: The request schema for the update user request.
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ full_name:
+ type: string
+ pattern: ^[\w \W]+$
+ example: James C. Woods
+ description: The user's full name.
+ writeOnly: true
+ preferred_name:
+ type: string
+ maxLength: 250
+ example: Jimmy
+ description: The user's desired name.
+ writeOnly: true
+ CreateTeam:
+ description: >-
+ The request schema for the create team request.
-
- For example, you could store a certificate and a key in a vault, then
- reference them from a certificate entity. This way, the certificate and
- key are not stored in the entity directly and are more secure.
+ If you pass the same `name` and `description` of an existing team in the
+ request, a team with the same `name` and `description` will be created.
+ The two teams will have different `team_id` values to differentiate
+ them.
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: Team
+ type: object
+ properties:
+ name:
+ type: string
+ example: IDM - Developers
+ pattern: ^[\w \W]+$
+ description: A name for the team being created.
+ writeOnly: true
+ description:
+ type: string
+ maxLength: 250
+ example: The Identity Management (IDM) team.
+ description: The description of the new team.
+ writeOnly: true
+ labels:
+ $ref: '#/components/schemas/Labels'
+ required:
+ - name
+ UpdateTeam:
+ description: The request schema for the update team request.
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: Team
+ type: object
+ properties:
+ name:
+ type: string
+ example: IDM - Developers
+ pattern: ^[\w \W]+$
+ description: The name of the team.
+ writeOnly: true
+ description:
+ type: string
+ maxLength: 250
+ example: The Identity Management (IDM) API team.
+ description: The description of the team.
+ writeOnly: true
+ labels:
+ $ref: '#/components/schemas/LabelsUpdate'
+ AddUserToTeam:
+ description: The request schema for adding a user to a team.
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ example: df120cb4-f60b-47bc-a2f8-6a28e6a3c63b
+ format: uuid
+ description: The user ID for the user being added to a team.
+ writeOnly: true
+ x-speakeasy-name-override: user_id
+ required:
+ - id
+ UpdateTeamMappings:
+ content:
+ application/json:
+ schema:
+ type: object
+ example:
+ mappings:
+ - group: Service Developers
+ team_ids:
+ - af91db4c-6e51-403e-a2bf-33d27ae50c0a
+ properties:
+ mappings:
+ type: array
+ description: The mappings object.
+ items:
+ type: object
+ properties:
+ group:
+ type: string
+ team_ids:
+ type: array
+ items:
+ type: string
+ description: The request schema for updating IdP team mappings.
+ PatchTeamGroupMappings:
+ content:
+ application/json:
+ schema:
+ type: object
+ example:
+ data:
+ - group: Service Developers
+ team_ids:
+ - af91db4c-6e51-403e-a2bf-33d27ae50c0a
+ properties:
+ data:
+ type: array
+ description: The IdP groups to map to the given team.
+ items:
+ type: object
+ properties:
+ team_id:
+ type: string
+ format: uuid
+ groups:
+ type: array
+ items:
+ type: string
+ description: >-
+ The request schema for a partial update of mappings from Konnect Teams
+ to IdP Groups.
+ AssignRole:
+ content:
+ application/json:
+ schema:
+ type: object
+ description: >-
+ An assigned role is a role that has been assigned to a user or
+ team.
+ properties:
+ role_name:
+ type: string
+ example: Viewer
+ description: The desired role.
+ enum:
+ - Admin
+ - Appearance Maintainer
+ - Application Registration
+ - Certificate Admin
+ - Cloud Gateway Cluster Admin
+ - Cloud Gateway Cluster Viewer
+ - Consumer Admin
+ - Creator
+ - Deployer
+ - Discovery Admin
+ - Discovery Viewer
+ - Gateway Service Admin
+ - Integration Admin
+ - Integration Viewer
+ - Key Admin
+ - Maintainer
+ - Network Admin
+ - Network Creator
+ - Network Viewer
+ - Plugin Admin
+ - Plugins Admin
+ - Product Publisher
+ - Publisher
+ - Route Admin
+ - SNI Admin
+ - Service Admin
+ - Service Creator
+ - Service Viewer
+ - Upstream Admin
+ - Vault Admin
+ - Viewer
+ entity_id:
+ type: string
+ format: uuid
+ example: e67490ce-44dc-4cbd-b65e-b52c746fc26a
+ description: The ID of the entity.
+ entity_type_name:
+ type: string
+ example: Control Planes
+ description: The type of entity.
+ enum:
+ - APIs
+ - API Products
+ - Application Auth Strategies
+ - Audit Logs
+ - Control Planes
+ - DCR Providers
+ - Identity
+ - Mesh Control Planes
+ - Networks
+ - Portals
+ - Service Hub
+ entity_region:
+ type: string
+ enum:
+ - us
+ - eu
+ - au
+ - me
+ - '*'
+ example: eu
+ description: The region of the team.
+ description: The request schema for assigning a role.
+ InviteUser:
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ email:
+ type: string
+ format: email
+ example: james.c.woods@example.com
+ writeOnly: true
+ required:
+ - email
+ description: >-
+ The request schema for the invite user request.
-
- Secrets rotation can be managed using
- [TTLs](https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/advanced-usage/).
- name: Vaults
- - description: >
- A key object holds a representation of asymmetric keys in various formats.
- When Kong Gateway or a Kong plugin requires a specific public or private
- key to perform certain operations, it can use this entity.
- name: Keys
- - description: >
- A JSON Web key set. Key sets are the preferred way to expose keys to
- plugins because they tell the plugin where to look for keys or have a
- scoping mechanism to restrict plugins to specific keys.
- name: KeySets
- - name: API-keys
- - name: Basic-auth credentials
- - name: JWTs
- - name: HMAC-auth credentials
- - name: MTLS-auth credentials
- - name: ACLs
+ If you pass an `email` that is not already an active user in the
+ request, a fresh invitation email will be created and sent to the new
+ user.
+ CreateSystemAccount:
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: SystemAccount
+ type: object
+ required:
+ - name
+ - description
+ properties:
+ name:
+ type: string
+ description: Name of the system account.
+ description:
+ type: string
+ description: >-
+ Description of the system account. Useful when the system
+ account name is not sufficient to differentiate one system
+ account from another.
+ konnect_managed:
+ type: boolean
+ description: The system account is managed by Konnect (true/false).
+ description: The request schema to create a system account.
+ UpdateSystemAccount:
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: SystemAccount
+ type: object
+ properties:
+ name:
+ type: string
+ description: Name of the system account.
+ description:
+ type: string
+ description: Description of the system account.
+ description: The request schema for the update system account request.
+ UpdateSystemAccountAccessToken:
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: SystemAccountAccessToken
+ type: object
+ properties:
+ name:
+ type: string
+ description: Name of the system account access token.
+ CreateSystemAccountAccessToken:
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: SystemAccountAccessToken
+ type: object
+ properties:
+ name:
+ type: string
+ expires_at:
+ type: string
+ format: date-time
+ description: The request body to create a system account access token.
+ AddSystemAccountToTeam:
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: SystemAccountTeam
+ type: object
+ properties:
+ id:
+ x-speakeasy-name-override: account_id
+ type: string
+ description: ID of the system account.
+ format: uuid
+ description: The request schema for adding a system account to a team.
+ UpdateAuthenticationSettings:
+ description: The request schema to update an organization's authentication settings.
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ basic_auth_enabled:
+ type: boolean
+ example: true
+ description: The organization has basic auth enabled.
+ oidc_auth_enabled:
+ type: boolean
+ example: false
+ description: The organization has OIDC disabled.
+ saml_auth_enabled:
+ type: boolean
+ example: false
+ description: The organization has SAML disabled.
+ idp_mapping_enabled:
+ type: boolean
+ example: true
+ description: Whether IdP groups determine the Konnect teams a user has.
+ konnect_mapping_enabled:
+ type: boolean
+ example: false
+ description: Whether a Konnect Identity Admin assigns teams to a user.
+ UpdateIdPConfiguration:
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ issuer:
+ type: string
+ format: uri
+ example: https://myidp.com/oauth2
+ login_path:
+ type: string
+ example: myapp
+ client_id:
+ type: string
+ example: YOUR_CLIENT_ID
+ client_secret:
+ type: string
+ example: YOUR_CLIENT_SECRET
+ scopes:
+ type: array
+ items:
+ type: string
+ claim_mappings:
+ type: object
+ minProperties: 3
+ properties:
+ name:
+ type: string
+ example: name
+ email:
+ type: string
+ example: email
+ groups:
+ type: string
+ example: custom-group-claim
+ description: The request schema for the update IdP configuration request.
+ DataPlaneClientCertificateRequest:
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ cert:
+ type: string
+ description: JSON escaped string of the certificate.
+ required:
+ - cert
+ description: Request body for creating a dp-client-certificate.
+ create-plugin-schemas:
+ content:
+ application/json:
+ schema:
+ x-speakeasy-entity: GatewayCustomPluginSchema
+ type: object
+ properties:
+ lua_schema:
+ type: string
+ description: |
+ The custom plugin schema; `jq -Rs '.' schema.lua`.
+ example: >-
+ return { name = \"myplugin\", fields = { { config = { type =
+ \"record\", fields = { } } } } }
+ required:
+ - lua_schema
externalDocs:
description: Documentation for Kong Gateway and its APIs
url: https://docs.konghq.com
-security:
- - personalAccessToken: []
- - systemAccountAccessToken: []
- - konnectAccessToken: []
diff --git a/routes.go b/routes.go
index 2d2beb2..3b825e0 100644
--- a/routes.go
+++ b/routes.go
@@ -22,21 +22,23 @@ import (
// Depending on the protocol, one of the following attributes must be set:
//
//
-// - `http`: At least one of `methods`, `hosts`, `headers`, or `paths`
-// - `https`: At least one of `methods`, `hosts`, `headers`, `paths`, or `snis`
-// - `tcp`: At least one of `sources` or `destinations`
-// - `tls`: at least one of `sources`, `destinations`, or `snis`
-// - `tls_passthrough`: set `snis`
-// - `grpc`: At least one of `hosts`, `headers`, or `paths`
-// - `grpcs`: At least one of `hosts`, `headers`, `paths`, or `snis`
-// - `ws`: At least one of `hosts`, `headers`, or `paths`
-// - `wss`: At least one of `hosts`, `headers`, `paths`, or `snis`
-//
-// A route can't have both `tls` and `tls_passthrough` protocols at same time.
-//
-// Learn more about the router:
-// - [Configure routes using expressions](https://docs.konghq.com/gateway/latest/key-concepts/routes/expressions)
-// - [Router Expressions language reference](https://docs.konghq.com/gateway/latest/reference/router-expressions-language/)
+// - `http`: At least one of `methods`, `hosts`, `headers`, or `paths`
+// - `https`: At least one of `methods`, `hosts`, `headers`, `paths`, or `snis`
+// - `tcp`: At least one of `sources` or `destinations`
+// - `tls`: at least one of `sources`, `destinations`, or `snis`
+// - `tls_passthrough`: set `snis`
+// - `grpc`: At least one of `hosts`, `headers`, or `paths`
+// - `grpcs`: At least one of `hosts`, `headers`, `paths`, or `snis`
+// - `ws`: At least one of `hosts`, `headers`, or `paths`
+// - `wss`: At least one of `hosts`, `headers`, `paths`, or `snis`
+//
+//
+// A route can't have both `tls` and `tls_passthrough` protocols at same time.
+//
+// Learn more about the router:
+//
+// - [Configure routes using expressions](https://docs.konghq.com/gateway/latest/key-concepts/routes/expressions)
+// - [Router Expressions language reference](https://docs.konghq.com/gateway/latest/reference/router-expressions-language/)
type Routes struct {
sdkConfiguration sdkConfiguration
}
diff --git a/sdk.go b/sdk.go
index f728b9a..d63e4b2 100644
--- a/sdk.go
+++ b/sdk.go
@@ -134,6 +134,9 @@ type SDK struct {
// - `grpcs`: At least one of `hosts`, `headers`, `paths`, or `snis`
// - `ws`: At least one of `hosts`, `headers`, or `paths`
// - `wss`: At least one of `hosts`, `headers`, `paths`, or `snis`
+ //
+ //
+ //
//
// A route can't have both `tls` and `tls_passthrough` protocols at same time.
//
@@ -261,9 +264,9 @@ func New(opts ...SDKOption) *SDK {
sdkConfiguration: sdkConfiguration{
Language: "go",
OpenAPIDocVersion: "0.0.1",
- SDKVersion: "0.1.15",
+ SDKVersion: "0.1.16",
GenVersion: "2.483.1",
- UserAgent: "speakeasy-sdk/go 0.1.15 2.483.1 0.0.1 github.com/Kong/sdk-konnect-go",
+ UserAgent: "speakeasy-sdk/go 0.1.16 2.483.1 0.0.1 github.com/Kong/sdk-konnect-go",
Hooks: hooks.New(),
},
}