diff --git a/static/api-specs/idn/beta/paths/access-profile-entitlements.yaml b/static/api-specs/idn/beta/paths/access-profile-entitlements.yaml index abb60b168..24696f5be 100644 --- a/static/api-specs/idn/beta/paths/access-profile-entitlements.yaml +++ b/static/api-specs/idn/beta/paths/access-profile-entitlements.yaml @@ -84,7 +84,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:access-profile:read] + - oauth2: [idn:access-profile:read, idn:access-profile:manage] diff --git a/static/api-specs/idn/beta/paths/access-profile.yaml b/static/api-specs/idn/beta/paths/access-profile.yaml index c53f99c54..300c54f34 100644 --- a/static/api-specs/idn/beta/paths/access-profile.yaml +++ b/static/api-specs/idn/beta/paths/access-profile.yaml @@ -36,7 +36,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:access-profile:read] + - oauth2: [idn:access-profile:read, idn:access-profile:manage] patch: operationId: patchAccessProfile tags: diff --git a/static/api-specs/idn/beta/paths/access-profiles.yaml b/static/api-specs/idn/beta/paths/access-profiles.yaml index f56b2948b..450efced8 100644 --- a/static/api-specs/idn/beta/paths/access-profiles.yaml +++ b/static/api-specs/idn/beta/paths/access-profiles.yaml @@ -111,7 +111,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:access-profile:read] + - oauth2: [idn:access-profile:read, idn:access-profile:manage] post: operationId: createAccessProfile tags: diff --git a/static/api-specs/idn/beta/paths/access-roles-change-segment-assignments.yaml b/static/api-specs/idn/beta/paths/access-roles-change-segment-assignments.yaml index 7424cb4ce..9f3ad3240 100644 --- a/static/api-specs/idn/beta/paths/access-roles-change-segment-assignments.yaml +++ b/static/api-specs/idn/beta/paths/access-roles-change-segment-assignments.yaml @@ -2,7 +2,7 @@ post: operationId: accessRolesChangeSegmentAssignments tags: - Segments - summary: Change Segment assignments for roles and access-profiles only. + summary: Change Segment assignments. description: >- This API allows to change the Segment assignments for roles and access-profiles. @@ -38,4 +38,4 @@ post: $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:segments:write] \ No newline at end of file + - oauth2: [idn:segments:manage] diff --git a/static/api-specs/idn/beta/paths/account.yaml b/static/api-specs/idn/beta/paths/account.yaml index c2bf624a1..b56a3eedf 100644 --- a/static/api-specs/idn/beta/paths/account.yaml +++ b/static/api-specs/idn/beta/paths/account.yaml @@ -8,7 +8,7 @@ get: A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:accounts:read] + - oauth2: [idn:accounts:read, idn:accounts:manage] parameters: - in: path name: id diff --git a/static/api-specs/idn/beta/paths/accounts.yaml b/static/api-specs/idn/beta/paths/accounts.yaml index e34a99ff0..a1c6233c4 100644 --- a/static/api-specs/idn/beta/paths/accounts.yaml +++ b/static/api-specs/idn/beta/paths/accounts.yaml @@ -8,7 +8,7 @@ get: A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:accounts:read] + - oauth2: [idn:accounts:read, idn:accounts:manage] parameters: - in: query name: detailLevel @@ -56,14 +56,15 @@ get: content: application/json: schema: - type: array - items: - oneOf: - - $ref: '../schemas/SlimAccount.yaml' - - $ref: '../schemas/FullAccount.yaml' - + oneOf: + - type: array + items: + $ref: '../schemas/SlimAccount.yaml' + - type: array + items: + $ref: '../schemas/FullAccount.yaml' examples: - Slim Accounts: + SlimAccounts: description: List of slim accounts that would result with *detailLevel = SLIM* value: - "attributes": null @@ -83,7 +84,7 @@ get: "uuid": "{e4218fa4-da52-4bb0-aa41-d2dcc08a7ad8}" - Full Accounts: + FullAccounts: description: List of slim accounts that would result with *detailLevel = FULL* or not specifying it value: - "attributes": null diff --git a/static/api-specs/idn/beta/paths/connector-rule-validate.yaml b/static/api-specs/idn/beta/paths/connector-rule-validate.yaml index 7a1201e66..cf7345784 100644 --- a/static/api-specs/idn/beta/paths/connector-rule-validate.yaml +++ b/static/api-specs/idn/beta/paths/connector-rule-validate.yaml @@ -22,6 +22,8 @@ post: application/json: schema: $ref: '../schemas/ConnectorRuleValidationResponse.yaml' + '400': + $ref: '../../v3/responses/400.yaml' '401': $ref: '../../v3/responses/401.yaml' '403': @@ -31,4 +33,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:connector-rule:read] + - oauth2: [idn:rule-management-connector:read, idn:rule-management-connector:manage] diff --git a/static/api-specs/idn/beta/paths/connector-rule.yaml b/static/api-specs/idn/beta/paths/connector-rule.yaml index 0b6430423..75375878c 100644 --- a/static/api-specs/idn/beta/paths/connector-rule.yaml +++ b/static/api-specs/idn/beta/paths/connector-rule.yaml @@ -17,6 +17,7 @@ get: explode: false schema: type: string + example: 8c190e6787aa4ed9a90bd9d5344523fb responses: '200': description: Connector rule with the given ID @@ -24,12 +25,20 @@ get: application/json: schema: $ref: '../schemas/ConnectorRuleResponse.yaml' + '400': + $ref: '../../v3/responses/400.yaml' + '401': + $ref: '../../v3/responses/401.yaml' '403': $ref: '../../v3/responses/403.yaml' '404': $ref: '../../v3/responses/404.yaml' + '429': + $ref: '../../v3/responses/429.yaml' + '500': + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:connector-rule:read] + - oauth2: [idn:rule-management-connector:read, idn:rule-management-connector:manage] put: tags: @@ -51,6 +60,7 @@ put: explode: false schema: type: string + example: 8c190e6787aa4ed9a90bd9d5344523fb requestBody: description: >- The connector rule with updated data @@ -67,6 +77,8 @@ put: $ref: '../schemas/ConnectorRuleResponse.yaml' '400': $ref: '../../v3/responses/400.yaml' + '401': + $ref: '../../v3/responses/401.yaml' '403': $ref: '../../v3/responses/403.yaml' '404': @@ -76,7 +88,7 @@ put: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:connector-rule:write] + - oauth2: [idn:rule-management-connector:manage] delete: tags: @@ -97,9 +109,14 @@ delete: explode: false schema: type: string + example: 8c190e6787aa4ed9a90bd9d5344523fb responses: '204': $ref: '../../v3/responses/204.yaml' + '400': + $ref: '../../v3/responses/400.yaml' + '401': + $ref: '../../v3/responses/401.yaml' '403': $ref: '../../v3/responses/403.yaml' '404': @@ -109,5 +126,5 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:connector-rule:write] + - oauth2: [idn:rule-management-connector:manage] diff --git a/static/api-specs/idn/beta/paths/connector-rules.yaml b/static/api-specs/idn/beta/paths/connector-rules.yaml index 332ec4ec7..6644bca83 100644 --- a/static/api-specs/idn/beta/paths/connector-rules.yaml +++ b/static/api-specs/idn/beta/paths/connector-rules.yaml @@ -28,7 +28,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:connector-rule:read] + - oauth2: [idn:rule-management-connector:read, idn:rule-management-connector:manage] post: tags: - Connector Rule Management @@ -64,4 +64,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:connector-rule:write] + - oauth2: [idn:rule-management-connector:manage] diff --git a/static/api-specs/idn/beta/paths/ears-entitlement-parents.yaml b/static/api-specs/idn/beta/paths/ears-entitlement-parents.yaml index fbce43d09..be2dc7a3b 100644 --- a/static/api-specs/idn/beta/paths/ears-entitlement-parents.yaml +++ b/static/api-specs/idn/beta/paths/ears-entitlement-parents.yaml @@ -6,7 +6,7 @@ get: description: >- This API returns a list of all parent entitlements of a given entitlement. security: - - oauth2: ['idn:entitlement:read'] + - oauth2: [idn:entitlement:read, idn:entitlement:manage] parameters: - $ref: '../../v3/parameters/limit.yaml' - $ref: '../../v3/parameters/offset.yaml' diff --git a/static/api-specs/idn/beta/paths/ears-entitlement.yaml b/static/api-specs/idn/beta/paths/ears-entitlement.yaml index 8ba4eba91..d7af9e824 100644 --- a/static/api-specs/idn/beta/paths/ears-entitlement.yaml +++ b/static/api-specs/idn/beta/paths/ears-entitlement.yaml @@ -6,7 +6,7 @@ get: description: >- This API returns an entitlement by its ID. security: - - oauth2: ['idn:entitlement:read'] + - oauth2: [idn:entitlement:read, idn:entitlement:manage] parameters: - in: path name: id @@ -85,7 +85,7 @@ patch: A token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API. security: - - oauth2: ['idn:entitlement:update'] + - oauth2: [idn:entitlement:manage] parameters: - name: id in: path @@ -185,4 +185,4 @@ patch: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/entitlement-request-config.yaml b/static/api-specs/idn/beta/paths/entitlement-request-config.yaml index 287abb9ab..a84f313c1 100644 --- a/static/api-specs/idn/beta/paths/entitlement-request-config.yaml +++ b/static/api-specs/idn/beta/paths/entitlement-request-config.yaml @@ -6,7 +6,7 @@ get: description: >- This API returns the entitlement request config for a specified entitlement. security: - - oauth2: ['idn:entitlement:read'] + - oauth2: [idn:entitlement:read, idn:entitlement:manage] parameters: - in: path name: id @@ -67,7 +67,7 @@ put: description: >- This API replaces the entitlement request config for a specified entitlement. security: - - oauth2: ['idn:entitlement:update'] + - oauth2: [idn:entitlement:manage] parameters: - name: id in: path @@ -125,4 +125,4 @@ put: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/entitlement.yaml b/static/api-specs/idn/beta/paths/entitlement.yaml index 5424b5c20..f282624b3 100644 --- a/static/api-specs/idn/beta/paths/entitlement.yaml +++ b/static/api-specs/idn/beta/paths/entitlement.yaml @@ -6,7 +6,7 @@ post: description: >- This internal endpoint creates an entitlement using the given entitlement payload security: - - oauth2: ['idn:entitlement:create'] + - oauth2: [idn:entitlement:manage] requestBody: required: true content: diff --git a/static/api-specs/idn/beta/paths/entitlements.yaml b/static/api-specs/idn/beta/paths/entitlements.yaml index 24b46101e..1c15f21f1 100644 --- a/static/api-specs/idn/beta/paths/entitlements.yaml +++ b/static/api-specs/idn/beta/paths/entitlements.yaml @@ -4,7 +4,7 @@ get: - Entitlements summary: Gets a list of entitlements. security: - - oauth2: ['idn:entitlement:read'] + - oauth2: [idn:entitlement:read, idn:entitlement:manage] description: >- This API returns a list of entitlements. diff --git a/static/api-specs/idn/beta/paths/identity-profile-default-config.yaml b/static/api-specs/idn/beta/paths/identity-profile-default-config.yaml index 764b70c1a..45cb759cd 100644 --- a/static/api-specs/idn/beta/paths/identity-profile-default-config.yaml +++ b/static/api-specs/idn/beta/paths/identity-profile-default-config.yaml @@ -2,7 +2,7 @@ get: operationId: getDefaultIdentityAttributeConfig tags: - Identity Profiles - summary: Gets the default identity attribute config + summary: Default identity attribute config description: >- This returns the default identity attribute config @@ -36,6 +36,6 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile-default-mapping:read] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/identity-profile-refresh-identities.yaml b/static/api-specs/idn/beta/paths/identity-profile-refresh-identities.yaml index 580a03bb7..33fc92a6f 100644 --- a/static/api-specs/idn/beta/paths/identity-profile-refresh-identities.yaml +++ b/static/api-specs/idn/beta/paths/identity-profile-refresh-identities.yaml @@ -2,7 +2,7 @@ post: operationId: refreshIdentityProfile tags: - Identity Profiles - summary: Refreshes all the identities under this profile + summary: Refreshes all identities under profile description: >- This refreshes all identities under the profile @@ -33,6 +33,6 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:refresh] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/identity-profile.yaml b/static/api-specs/idn/beta/paths/identity-profile.yaml index 1c8ecf026..18ab6f2aa 100644 --- a/static/api-specs/idn/beta/paths/identity-profile.yaml +++ b/static/api-specs/idn/beta/paths/identity-profile.yaml @@ -36,7 +36,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:read] + - oauth2: [idn:identity-profile:read, idn:identity-profile:manage] delete: operationId: deleteIdentityProfile @@ -77,7 +77,7 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:delete] + - oauth2: [idn:identity-profile:manage] patch: operationId: updateIdentityProfile @@ -157,4 +157,4 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:update] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/identity-profiles-bulk-delete.yaml b/static/api-specs/idn/beta/paths/identity-profiles-bulk-delete.yaml index 548d2f854..2f39ecfbe 100644 --- a/static/api-specs/idn/beta/paths/identity-profiles-bulk-delete.yaml +++ b/static/api-specs/idn/beta/paths/identity-profiles-bulk-delete.yaml @@ -36,4 +36,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:delete] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/identity-profiles-export.yaml b/static/api-specs/idn/beta/paths/identity-profiles-export.yaml index 08a8184c6..014670803 100644 --- a/static/api-specs/idn/beta/paths/identity-profiles-export.yaml +++ b/static/api-specs/idn/beta/paths/identity-profiles-export.yaml @@ -27,6 +27,7 @@ get: **priority**: *eq, ne* + example: id eq 8c190e6787aa4ed9a90bd9d5344523fb - in: query name: sorters schema: @@ -37,6 +38,7 @@ get: Sorting is supported for the following fields: **id**, **name**, **priority** + example: name,-priority responses: '200': description: List of export objects with identity profiles. @@ -59,4 +61,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:read] + - oauth2: [idn:identity-profile:read, idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/identity-profiles-id.yaml b/static/api-specs/idn/beta/paths/identity-profiles-id.yaml index 54f836dab..e8c7b4638 100644 --- a/static/api-specs/idn/beta/paths/identity-profiles-id.yaml +++ b/static/api-specs/idn/beta/paths/identity-profiles-id.yaml @@ -23,8 +23,12 @@ delete: schema: $ref: '../../v3/schemas/BaseReferenceDto.yaml' description: A DTO with a TaskResult reference of the delete job + '400': + $ref: '../../v3/responses/400.yaml' '401': $ref: '../../v3/responses/401.yaml' + '403': + $ref: '../../v3/responses/403.yaml' '404': $ref: '../../v3/responses/404.yaml' '429': @@ -32,7 +36,7 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:delete] + - oauth2: [idn:identity-profile:manage] patch: operationId: updateIdentityProfile @@ -53,7 +57,7 @@ patch: * modified security: - - oauth2: [idn:identity-profile:update] + - oauth2: [idn:identity-profile:manage] parameters: - in: path name: id @@ -96,4 +100,4 @@ patch: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/identity-profiles-identity-preview.yaml b/static/api-specs/idn/beta/paths/identity-profiles-identity-preview.yaml index 5f51dd290..36e897be4 100644 --- a/static/api-specs/idn/beta/paths/identity-profiles-identity-preview.yaml +++ b/static/api-specs/idn/beta/paths/identity-profiles-identity-preview.yaml @@ -35,4 +35,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:preview] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/identity-profiles-import.yaml b/static/api-specs/idn/beta/paths/identity-profiles-import.yaml index 25111659c..56b294aa3 100644 --- a/static/api-specs/idn/beta/paths/identity-profiles-import.yaml +++ b/static/api-specs/idn/beta/paths/identity-profiles-import.yaml @@ -32,4 +32,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:create] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/identity-profiles.yaml b/static/api-specs/idn/beta/paths/identity-profiles.yaml index 8ac558dd2..9f600136a 100644 --- a/static/api-specs/idn/beta/paths/identity-profiles.yaml +++ b/static/api-specs/idn/beta/paths/identity-profiles.yaml @@ -29,6 +29,7 @@ get: **priority**: *eq, ne* + example: id eq 8c190e6787aa4ed9a90bd9d5344523fb - in: query name: sorters schema: @@ -39,6 +40,7 @@ get: Sorting is supported for the following fields: **id**, **name**, **priority** + example: name,-priority responses: '200': description: List of identityProfiles. @@ -59,7 +61,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:read] + - oauth2: [idn:identity-profile:read, idn:identity-profile:manage] post: operationId: createIdentityProfile @@ -94,5 +96,5 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity-profile:create] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/beta/paths/managed-client-status.yaml b/static/api-specs/idn/beta/paths/managed-client-status.yaml index ff1f5277c..4e672fb9e 100644 --- a/static/api-specs/idn/beta/paths/managed-client-status.yaml +++ b/static/api-specs/idn/beta/paths/managed-client-status.yaml @@ -1,7 +1,7 @@ get: tags: - Managed Clients - summary: Get a specified Managed Client Status. + summary: Specified Managed Client Status. description: Retrieve Managed Client Status by ID. operationId: getManagedClientStatus parameters: @@ -43,7 +43,7 @@ get: post: tags: - Managed Clients - summary: Handle a status request from a client + summary: Handle status request from client description: Update a status detail passed in from the client operationId: updateManagedClientStatus parameters: @@ -80,4 +80,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client-status:update] \ No newline at end of file + - oauth2: [idn:managed-client-status:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clients-credentials.yaml b/static/api-specs/idn/beta/paths/managed-clients-credentials.yaml index bb1c1034f..ec5f57c2f 100644 --- a/static/api-specs/idn/beta/paths/managed-clients-credentials.yaml +++ b/static/api-specs/idn/beta/paths/managed-clients-credentials.yaml @@ -33,4 +33,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client:read] \ No newline at end of file + - oauth2: [idn:remote-client:read, idn:remote-client:manage, idn:managed-client-status:read, idn:managed-client-status:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clients-metrics-credentials.yaml b/static/api-specs/idn/beta/paths/managed-clients-metrics-credentials.yaml index 1f4f1991e..993cb5112 100644 --- a/static/api-specs/idn/beta/paths/managed-clients-metrics-credentials.yaml +++ b/static/api-specs/idn/beta/paths/managed-clients-metrics-credentials.yaml @@ -33,4 +33,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage, idn:managed-client-status:read, idn:managed-client-status:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clients-path.yaml b/static/api-specs/idn/beta/paths/managed-clients-path.yaml index 9755e221f..830be416b 100644 --- a/static/api-specs/idn/beta/paths/managed-clients-path.yaml +++ b/static/api-specs/idn/beta/paths/managed-clients-path.yaml @@ -33,7 +33,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage, idn:managed-client-status:read, idn:managed-client-status:manage] patch: tags: - Managed Clients @@ -76,7 +76,7 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client:update] + - oauth2: [idn:remote-client:manage] delete: operationId: deleteManagedClient tags: @@ -107,4 +107,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client:delete] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clients.yaml b/static/api-specs/idn/beta/paths/managed-clients.yaml index 0b9eb6f2a..c6c9184d0 100644 --- a/static/api-specs/idn/beta/paths/managed-clients.yaml +++ b/static/api-specs/idn/beta/paths/managed-clients.yaml @@ -43,7 +43,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage] post: tags: - Managed Clients @@ -79,4 +79,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-client:create] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-cache.yaml b/static/api-specs/idn/beta/paths/managed-cluster-cache.yaml index 77c245de7..b2ebb307f 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-cache.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-cache.yaml @@ -12,16 +12,19 @@ delete: schema: type: string description: The cluster pod. Required + example: cluster_pod - in: query name: org schema: type: string description: The cluster org. Required if the cluster id was set. + example: cluster_org - in: query name: clusterId schema: type: string description: The cluster id + example: 8c190e6787aa4ed9a90bd9d5344523fb responses: '202': description: Accepted. Delete request accepted and is in progress. @@ -39,4 +42,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:delete] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-log-config.yaml b/static/api-specs/idn/beta/paths/managed-cluster-log-config.yaml index 28cf2c872..e80e9ac72 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-log-config.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-log-config.yaml @@ -36,7 +36,7 @@ get: "500": $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-log-config:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage] put: tags: - Managed Clusters @@ -80,4 +80,4 @@ put: "500": $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-log-config:write] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-path-full.yaml b/static/api-specs/idn/beta/paths/managed-cluster-path-full.yaml index 6327e1afd..9cb2fb9da 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-path-full.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-path-full.yaml @@ -34,7 +34,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage] patch: tags: - Managed Clusters @@ -77,7 +77,7 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:update] + - oauth2: [idn:remote-client:manage] delete: operationId: deleteManagedCluster tags: @@ -116,4 +116,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:delete] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-path-internal.yaml b/static/api-specs/idn/beta/paths/managed-cluster-path-internal.yaml index 1eedd6a06..713cea4a0 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-path-internal.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-path-internal.yaml @@ -40,7 +40,7 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:update] + - oauth2: [idn:remote-client:manage] delete: operationId: deleteManagedCluster tags: @@ -79,4 +79,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:delete] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-path.yaml b/static/api-specs/idn/beta/paths/managed-cluster-path.yaml index bf078c863..247c4dfe2 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-path.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-path.yaml @@ -23,9 +23,15 @@ get: $ref: '../schemas/ManagedCluster.yaml' "400": $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' "404": $ref: '../../v3/responses/404.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-processes.yaml b/static/api-specs/idn/beta/paths/managed-cluster-processes.yaml index 4938eb91f..1b2c06925 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-processes.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-processes.yaml @@ -36,4 +36,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-process:read] + - oauth2: [idn:managed-process:read, idn:managed-process:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-reboot.yaml b/static/api-specs/idn/beta/paths/managed-cluster-reboot.yaml index ce5fdbc3b..d2582969a 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-reboot.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-reboot.yaml @@ -37,4 +37,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:update] \ No newline at end of file + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-status.yaml b/static/api-specs/idn/beta/paths/managed-cluster-status.yaml index a4c4a40c2..4f6863a15 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-status.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-status.yaml @@ -1,7 +1,7 @@ get: tags: - Managed Clusters - summary: Get a specified Managed Cluster Status. + summary: Specified Managed Cluster Status. description: Retrieve Managed Cluster Status by ID. operationId: getManagedClusterStatus parameters: @@ -32,4 +32,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-status:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-types-path.yaml b/static/api-specs/idn/beta/paths/managed-cluster-types-path.yaml index 86d0058b4..9165bb48e 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-types-path.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-types-path.yaml @@ -36,7 +36,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-types:read] + - oauth2: [idn:managed-cluster-types:read, idn:managed-cluster-types:manage] patch: tags: - Managed Cluster Types @@ -82,7 +82,7 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-types:update] + - oauth2: [idn:managed-cluster-types:manage] delete: operationId: deleteManagedClusterType tags: @@ -116,4 +116,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-types:delete] + - oauth2: [idn:managed-cluster-types:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-types.yaml b/static/api-specs/idn/beta/paths/managed-cluster-types.yaml index 5f6d74f89..67f3e9167 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-types.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-types.yaml @@ -49,7 +49,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-types:read] + - oauth2: [idn:managed-cluster-types:read, idn:managed-cluster-types:manage] post: tags: - Managed Cluster Types @@ -88,4 +88,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster-types:create] + - oauth2: [idn:managed-cluster-types:manage] diff --git a/static/api-specs/idn/beta/paths/managed-cluster-upgrade.yaml b/static/api-specs/idn/beta/paths/managed-cluster-upgrade.yaml index 4969da24b..4e948e7b8 100644 --- a/static/api-specs/idn/beta/paths/managed-cluster-upgrade.yaml +++ b/static/api-specs/idn/beta/paths/managed-cluster-upgrade.yaml @@ -43,4 +43,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:upgrade] \ No newline at end of file + - oauth2: [idn:managed-cluster-upgrade:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clusters-create.yaml b/static/api-specs/idn/beta/paths/managed-clusters-create.yaml index 36d3dc916..3249dc747 100644 --- a/static/api-specs/idn/beta/paths/managed-clusters-create.yaml +++ b/static/api-specs/idn/beta/paths/managed-clusters-create.yaml @@ -33,4 +33,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:create] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clusters-full.yaml b/static/api-specs/idn/beta/paths/managed-clusters-full.yaml index 8009b40f8..9404e9f09 100644 --- a/static/api-specs/idn/beta/paths/managed-clusters-full.yaml +++ b/static/api-specs/idn/beta/paths/managed-clusters-full.yaml @@ -17,6 +17,7 @@ get: **operational**: *eq* + example: operational eq operation responses: "200": description: Responds with a list of ManagedCluster. @@ -37,7 +38,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage] post: tags: - Managed Clusters @@ -73,4 +74,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:create] + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clusters-set-encryption-keys.yaml b/static/api-specs/idn/beta/paths/managed-clusters-set-encryption-keys.yaml index 47881f082..e112887b0 100644 --- a/static/api-specs/idn/beta/paths/managed-clusters-set-encryption-keys.yaml +++ b/static/api-specs/idn/beta/paths/managed-clusters-set-encryption-keys.yaml @@ -1,7 +1,7 @@ post: tags: - Managed Clusters - summary: Set new encryption keys for a Managed Cluster + summary: New encryption keys for ManagedCluster description: >- Set new encryption keys for a Managed Cluster @@ -43,4 +43,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:update] \ No newline at end of file + - oauth2: [idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-clusters.yaml b/static/api-specs/idn/beta/paths/managed-clusters.yaml index 1f4287c34..2d9c18057 100644 --- a/static/api-specs/idn/beta/paths/managed-clusters.yaml +++ b/static/api-specs/idn/beta/paths/managed-clusters.yaml @@ -17,6 +17,7 @@ get: **operational**: *eq* + example: operational eq operation responses: "200": description: Responds with a list of ManagedCluster. @@ -37,4 +38,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-cluster:read] + - oauth2: [idn:remote-client:read, idn:remote-client:manage] diff --git a/static/api-specs/idn/beta/paths/managed-processes-path.yaml b/static/api-specs/idn/beta/paths/managed-processes-path.yaml index 3a6945bf1..bd4df9ecf 100644 --- a/static/api-specs/idn/beta/paths/managed-processes-path.yaml +++ b/static/api-specs/idn/beta/paths/managed-processes-path.yaml @@ -36,7 +36,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-process:read] + - oauth2: [idn:managed-process:read, idn:managed-process:manage] patch: tags: - Managed Processes @@ -82,7 +82,7 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-process:update] + - oauth2: [idn:managed-process:manage] delete: operationId: deleteManagedProcess tags: @@ -116,4 +116,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-process:delete] + - oauth2: [idn:managed-process:manage] diff --git a/static/api-specs/idn/beta/paths/managed-processes.yaml b/static/api-specs/idn/beta/paths/managed-processes.yaml index 36809284a..c77fc61ec 100644 --- a/static/api-specs/idn/beta/paths/managed-processes.yaml +++ b/static/api-specs/idn/beta/paths/managed-processes.yaml @@ -49,7 +49,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-process:read] + - oauth2: [idn:managed-process:read, idn:managed-process:manage] post: tags: - Managed Processes @@ -88,4 +88,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:managed-process:create] + - oauth2: [idn:managed-process:manage] diff --git a/static/api-specs/idn/beta/paths/mfa-config-test.yaml b/static/api-specs/idn/beta/paths/mfa-config-test.yaml index 944becff4..9b7325b78 100644 --- a/static/api-specs/idn/beta/paths/mfa-config-test.yaml +++ b/static/api-specs/idn/beta/paths/mfa-config-test.yaml @@ -2,14 +2,14 @@ get: operationId: testMFAConfig tags: - MFA Configuration - summary: Test configuration of a MFA method + summary: MFA method's test configuration description: >- This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter. A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:mfa-config:read] + - oauth2: [idn:mfa-configuration:read, idn:mfa-configuration:manage] parameters: - in: path name: method diff --git a/static/api-specs/idn/beta/paths/mfa-config.yaml b/static/api-specs/idn/beta/paths/mfa-config.yaml index 1c0c5b451..926fd577c 100644 --- a/static/api-specs/idn/beta/paths/mfa-config.yaml +++ b/static/api-specs/idn/beta/paths/mfa-config.yaml @@ -2,12 +2,12 @@ get: operationId: getMFAConfig tags: - MFA Configuration - summary: Get configuration of a MFA method + summary: Configuration of a MFA method description: >- This API returns the configuration of a given MFA method. A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:mfa-config:read] + - oauth2: [idn:mfa-configuration:read, idn:mfa-configuration:manage] parameters: - in: path name: method @@ -47,12 +47,12 @@ put: operationId: setMFAConfig tags: - MFA Configuration - summary: Set configuration of a MFA method + summary: Set MFA method configuration description: >- This API sets the configuration of a given MFA method. A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:mfa-config:write] + - oauth2: [idn:mfa-configuration:manage] parameters: - in: path name: method diff --git a/static/api-specs/idn/beta/paths/non-employee-record.yaml b/static/api-specs/idn/beta/paths/non-employee-record.yaml index db2d52c57..712014b2a 100644 --- a/static/api-specs/idn/beta/paths/non-employee-record.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-record.yaml @@ -8,10 +8,6 @@ get: description: >- This gets a non-employee record. - Request will require the following scope: - - 'idn:nesr:read' - parameters: - in: path name: id @@ -53,6 +49,7 @@ put: description: >- Non-employee record id (UUID) required: true + example: 2c91808b6ef1d43e016efba0ce470904 schema: type: string requestBody: @@ -96,6 +93,7 @@ patch: description: >- Non-employee record id (UUID) required: true + example: 2c91808b6ef1d43e016efba0ce470904 schema: type: string requestBody: @@ -140,15 +138,13 @@ delete: description: >- This request will delete a non-employee record. - Request will require the following security scope: - - 'idn:nesr:delete' parameters: - in: path name: id description: >- Non-Employee record id (UUID) required: true + example: 2c91808b6ef1d43e016efba0ce470904 schema: type: string responses: @@ -163,4 +159,4 @@ delete: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/non-employee-request.yaml b/static/api-specs/idn/beta/paths/non-employee-request.yaml index 829cf318e..4c99d14db 100644 --- a/static/api-specs/idn/beta/paths/non-employee-request.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-request.yaml @@ -43,18 +43,14 @@ delete: - Non-Employee Lifecycle Management summary: Delete Non-Employee Request description: >- - This request will delete a non-employee request. - - Request will require the following scope: - - 'idn:nesr:delete' - + This request will delete a non-employee request. parameters: - in: path name: id description: >- Non-Employee request id in the UUID format required: true + example: 2c91808b6ef1d43e016efba0ce470904 schema: type: string format: uuid @@ -72,4 +68,4 @@ delete: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/non-employee-source-aggregate.yaml b/static/api-specs/idn/beta/paths/non-employee-source-aggregate.yaml index 21d8340d9..84e0d7c33 100644 --- a/static/api-specs/idn/beta/paths/non-employee-source-aggregate.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-source-aggregate.yaml @@ -4,17 +4,17 @@ post: - oauth2: [idn:nelm:manage] tags: - Non-Employee Lifecycle Management - summary: Aggregate all accounts for a Non-Employee Source + summary: Aggregate all Non-Employee Source accounts description: >- This fetches all the non-employee records related to a non-employee source and publishes an aggregation event for each one. - Requires auth scope of 'idn:nesr:create' parameters: - in: path name: sourceId description: >- Non-Employee sourceId required: true + example: 2c91808b6ef1d43e016efba0ce470904 schema: type: string responses: @@ -31,4 +31,4 @@ post: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/non-employee-source.yaml b/static/api-specs/idn/beta/paths/non-employee-source.yaml index 7bff7e95a..22549b367 100644 --- a/static/api-specs/idn/beta/paths/non-employee-source.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-source.yaml @@ -44,15 +44,13 @@ patch: patch a non-employee source. (Partial Update) Patchable field: **name, description, approvers, accountManagers** - Request will require the following security scope: - - 'idn:nesr:update' parameters: - in: path name: sourceId description: >- Source Id required: true + example: 2c91808b6ef1d43e016efba0ce470904 schema: type: string requestBody: @@ -104,15 +102,13 @@ delete: description: >- This request will delete a non-employee source. - Request will require the following security scope: - - 'idn:nesr:delete' parameters: - in: path name: sourceId description: >- Source Id required: true + example: 2c91808b6ef1d43e016efba0ce470904 schema: type: string responses: diff --git a/static/api-specs/idn/beta/paths/non-employee-sources-bulk-upload-status.yaml b/static/api-specs/idn/beta/paths/non-employee-sources-bulk-upload-status.yaml index 79667cb54..63160f635 100644 --- a/static/api-specs/idn/beta/paths/non-employee-sources-bulk-upload-status.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-sources-bulk-upload-status.yaml @@ -4,13 +4,10 @@ get: - oauth2: [idn:nelm:read] tags: - Non-Employee Lifecycle Management - summary: Obtain the status of bulk upload on the source + summary: Bulk upload status on source description: | The nonEmployeeBulkUploadStatus API returns the status of the newest bulk upload job for the specified source. - Request will need the following scope: - - 'idn:nesr:read' parameters: - in: path example: "2c918085842e69ae018432d22ccb212f" diff --git a/static/api-specs/idn/beta/paths/non-employee-sources-export-non-employees.yaml b/static/api-specs/idn/beta/paths/non-employee-sources-export-non-employees.yaml index ba794e674..4514388ee 100644 --- a/static/api-specs/idn/beta/paths/non-employee-sources-export-non-employees.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-sources-export-non-employees.yaml @@ -1,16 +1,13 @@ get: operationId: exportNonEmployeeRecords security: - - oauth2: [idn:nelm:read] + - oauth2: [idn:nelm:read, idn:nelm:manage] tags: - Non-Employee Lifecycle Management summary: Exports Non-Employee Records to CSV description: >- This requests a CSV download for all non-employees from a provided source. - Request will need the following security scope: - - 'idn:nesr:read' parameters: - in: path example: "2c918085842e69ae018432d22ccb212f" diff --git a/static/api-specs/idn/beta/paths/non-employee-sources-schema-attribute.yaml b/static/api-specs/idn/beta/paths/non-employee-sources-schema-attribute.yaml index 7f2b86a31..3e23ba14d 100644 --- a/static/api-specs/idn/beta/paths/non-employee-sources-schema-attribute.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-sources-schema-attribute.yaml @@ -46,25 +46,24 @@ patch: - oauth2: [idn:nelm:manage] tags: - Non-Employee Lifecycle Management - summary: Patch a Schema Attribute for Non-Employee Source + summary: Patch Non-Employee Source's Schema Attribute description: | This end-point patches a specific schema attribute for a non-employee SourceId. - Request will require a security scope of: - - 'idn:nesr:update' parameters: - in: path name: attributeId schema: type: string required: true + example: 2c91808b6ef1d43e016efba0ce470904 description: The Schema Attribute Id (UUID) - in: path name: sourceId schema: type: string required: true + example: 2c91808b6ef1d43e016efba0ce470904 description: The Source id requestBody: description: A list of schema attribute update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. @@ -105,25 +104,24 @@ delete: - oauth2: [idn:nelm:manage] tags: - Non-Employee Lifecycle Management - summary: Delete a Schema Attribute for Non-Employee Source + summary: Delete Non-Employee Source's Schema Attribute description: | This end-point deletes a specific schema attribute for a non-employee source. - - Request will require a security scope of: - 'idn:nesr:delete' parameters: - in: path name: attributeId schema: type: string required: true + example: 2c91808b6ef1d43e016efba0ce470904 description: The Schema Attribute Id (UUID) - in: path name: sourceId schema: type: string required: true + example: 2c91808b6ef1d43e016efba0ce470904 description: The Source id responses: '204': diff --git a/static/api-specs/idn/beta/paths/non-employee-sources-schema-attributes.yaml b/static/api-specs/idn/beta/paths/non-employee-sources-schema-attributes.yaml index 2ba95aef6..307ec1395 100644 --- a/static/api-specs/idn/beta/paths/non-employee-sources-schema-attributes.yaml +++ b/static/api-specs/idn/beta/paths/non-employee-sources-schema-attributes.yaml @@ -53,22 +53,20 @@ post: - oauth2: [idn:nelm:manage] tags: - Non-Employee Lifecycle Management - summary: Create a new Schema Attribute for Non-Employee Source + summary: Create Non-Employee Source Schema Attribute description: >- This API creates a new schema attribute for Non-Employee Source. The schema technical name must be unique in the source. Attempts to create a schema attribute with an existing name will result in a "400.1.409 Reference conflict" response. At most, 10 custom attributes can be created per schema. Attempts to create more than 10 will result in a "400.1.4 Limit violation" response. - Request requires a security scope of: - - 'idn:nesr:create' parameters: - in: path name: sourceId schema: type: string required: true + example: 2c91808b6ef1d43e016efba0ce470904 description: The Source id requestBody: required: true @@ -100,19 +98,17 @@ delete: - oauth2: [idn:nelm:manage] tags: - Non-Employee Lifecycle Management - summary: Delete all custom schema attributes for Non-Employee Source + summary: Delete all custom schema attributes description: >- This end-point deletes all custom schema attributes for a non-employee source. - Request requires a security scope of: - - 'idn:nesr:delete' parameters: - in: path name: sourceId schema: type: string required: true + example: 2c91808b6ef1d43e016efba0ce470904 description: The Source id responses: '204': @@ -127,4 +123,4 @@ delete: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/org-config.yaml b/static/api-specs/idn/beta/paths/org-config.yaml index 8fffd9584..c42e45401 100644 --- a/static/api-specs/idn/beta/paths/org-config.yaml +++ b/static/api-specs/idn/beta/paths/org-config.yaml @@ -4,7 +4,7 @@ get: - Org Config summary: Get Org configuration settings security: - - oauth2: [ idn:org-configs:read] + - oauth2: [ idn:org-configs:read, idn:org-configs:manage] description: >- Get org configuration with only external (org admin) accessible properties for the current org. responses: diff --git a/static/api-specs/idn/beta/paths/role-access-profiles.yaml b/static/api-specs/idn/beta/paths/role-access-profiles.yaml index c9ca20b65..d8f46e6ad 100644 --- a/static/api-specs/idn/beta/paths/role-access-profiles.yaml +++ b/static/api-specs/idn/beta/paths/role-access-profiles.yaml @@ -80,4 +80,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:read,idn:role-checked:read] \ No newline at end of file + - oauth2: [idn:role-unchecked:read, idn:role-unchecked:manage, idn:role-checked:manage, idn:role-checked:read] diff --git a/static/api-specs/idn/beta/paths/role-assigned-identities.yaml b/static/api-specs/idn/beta/paths/role-assigned-identities.yaml index 6238f0335..70d807384 100644 --- a/static/api-specs/idn/beta/paths/role-assigned-identities.yaml +++ b/static/api-specs/idn/beta/paths/role-assigned-identities.yaml @@ -2,7 +2,7 @@ get: operationId: getRoleAssignedIdentities tags: - Roles - summary: Get a list of Identities assigned a Role + summary: Identities assigned a Role parameters: - in: path name: id @@ -68,5 +68,5 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:read,idn:role-checked:read] + - oauth2: [idn:role-unchecked:read, idn:role-unchecked:manage, idn:role-checked:manage, idn:role-checked:read] diff --git a/static/api-specs/idn/beta/paths/role-bulk-delete.yaml b/static/api-specs/idn/beta/paths/role-bulk-delete.yaml index c2f72d5c8..3aac7b014 100644 --- a/static/api-specs/idn/beta/paths/role-bulk-delete.yaml +++ b/static/api-specs/idn/beta/paths/role-bulk-delete.yaml @@ -76,4 +76,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:delete,idn:role-checked:delete] + - oauth2: [idn:role-unchecked:manage, idn:role-checked:manage] diff --git a/static/api-specs/idn/beta/paths/role.yaml b/static/api-specs/idn/beta/paths/role.yaml index c8ad6fbfa..4ace54828 100644 --- a/static/api-specs/idn/beta/paths/role.yaml +++ b/static/api-specs/idn/beta/paths/role.yaml @@ -37,7 +37,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:read,idn:role-checked:read] + - oauth2: [idn:role-unchecked:read, idn:role-unchecked:manage, idn:role-checked:manage, idn:role-checked:read] patch: operationId: patchRole tags: @@ -192,7 +192,7 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:update,idn:role-checked:update] + - oauth2: [idn:role-unchecked:manage,idn:role-checked:manage] delete: operationId: deleteRole tags: @@ -227,4 +227,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:delete,idn:role-checked:delete] + - oauth2: [idn:role-unchecked:manage,idn:role-checked:manage] diff --git a/static/api-specs/idn/beta/paths/roles-by-identity.yaml b/static/api-specs/idn/beta/paths/roles-by-identity.yaml index 7c74b6702..c26d05b4b 100644 --- a/static/api-specs/idn/beta/paths/roles-by-identity.yaml +++ b/static/api-specs/idn/beta/paths/roles-by-identity.yaml @@ -2,7 +2,7 @@ get: operationId: getRolesByIdentity tags: - Roles - summary: Get a list of Roles assigned to Identity + summary: Roles assigned to Identity description: >- This API returns a list of Roles assigned to Identity. @@ -38,4 +38,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:identity:read,idn:identity-self:read] + - oauth2: [idn:identity:read, idn:identity:manage, idn:identity-account-read, idn:identity-self:read] diff --git a/static/api-specs/idn/beta/paths/roles.yaml b/static/api-specs/idn/beta/paths/roles.yaml index 0b7ad232d..cdfd61093 100644 --- a/static/api-specs/idn/beta/paths/roles.yaml +++ b/static/api-specs/idn/beta/paths/roles.yaml @@ -95,7 +95,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:read,idn:role-checked:read] + - oauth2: [idn:role-unchecked:read, idn:role-unchecked:manage, idn:role-checked:manage, idn:role-checked:read] post: operationId: createRole tags: @@ -136,4 +136,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:create,idn:role-checked:create] + - oauth2: [idn:role-unchecked:manage, idn:role-checked:manage] diff --git a/static/api-specs/idn/beta/paths/s3-proxy.yaml b/static/api-specs/idn/beta/paths/s3-proxy.yaml index 964d282b9..0460dbf5d 100644 --- a/static/api-specs/idn/beta/paths/s3-proxy.yaml +++ b/static/api-specs/idn/beta/paths/s3-proxy.yaml @@ -11,8 +11,8 @@ get: If the bucket type is shared, no further validation is needed. If the bucket type is org, the information in the JWT is validated against the path query parameter. A token with API authority is required to access this endpoint.. - security: - - oauth2: [idn:s3-proxy:read] + security: + - oauth2: [idn:s3-proxy:read] parameters: - in: query name: path @@ -48,4 +48,4 @@ get: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/service-desk-integration-configuration.yaml b/static/api-specs/idn/beta/paths/service-desk-integration-configuration.yaml index 520cafb6b..a9d5deeb7 100644 --- a/static/api-specs/idn/beta/paths/service-desk-integration-configuration.yaml +++ b/static/api-specs/idn/beta/paths/service-desk-integration-configuration.yaml @@ -1,7 +1,7 @@ get: tags: - Service Desk Integration - summary: Get the time check configuration of queued SDIM tickets + summary: Get the time check configuration description: Get the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: getStatusCheckDetails responses: @@ -24,12 +24,12 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:read,idn:service-desk-integration:read] + - oauth2: [idn:service-desk-admin:read, idn:service-desk-admin:manage, idn:service-desk-integration:read, idn:service-desk-integration:manage] put: tags: - Service Desk Integration - summary: Update the time check configuration of queued SDIM tickets + summary: Update the time check configuration description: Update the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: updateStatusCheckDetails requestBody: @@ -59,4 +59,4 @@ put: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] + - oauth2: [idn:service-desk-admin:manage ,idn:service-desk-integration:manage] diff --git a/static/api-specs/idn/beta/paths/service-desk-integration-types.yaml b/static/api-specs/idn/beta/paths/service-desk-integration-types.yaml index f424bbf56..1e3d22ccd 100644 --- a/static/api-specs/idn/beta/paths/service-desk-integration-types.yaml +++ b/static/api-specs/idn/beta/paths/service-desk-integration-types.yaml @@ -26,4 +26,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:read,idn:service-desk-integration:read] + - oauth2: [idn:service-desk-admin:read, idn:service-desk-admin:manage, idn:service-desk-integration:read, idn:service-desk-integration:manage] diff --git a/static/api-specs/idn/beta/paths/service-desk-integration.yaml b/static/api-specs/idn/beta/paths/service-desk-integration.yaml index 2f1a0dd41..1bf6ff999 100644 --- a/static/api-specs/idn/beta/paths/service-desk-integration.yaml +++ b/static/api-specs/idn/beta/paths/service-desk-integration.yaml @@ -1,7 +1,7 @@ get: tags: - Service Desk Integration - summary: Get a Service Desk integration by ID + summary: Get a Service Desk integration description: Get an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: getServiceDeskIntegration parameters: @@ -39,7 +39,7 @@ get: put: tags: - Service Desk Integration - summary: Update a Service Desk integration by ID + summary: Update a Service Desk integration description: Update an existing Service Desk integration by ID with updated value in JSON form as the request body. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: updateServiceDeskIntegration parameters: @@ -79,12 +79,12 @@ put: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] delete: tags: - Service Desk Integration - summary: Delete a Service Desk integration by ID + summary: Delete a Service Desk integration description: Delete an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: deleteServiceDeskIntegration parameters: @@ -113,13 +113,13 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] patch: operationId: patchServiceDeskIntegration tags: - Service Desk Integration - summary: Service Desk Integration Update - PATCH + summary: Service Desk Integration Update PATCH description: Update an existing ServiceDeskIntegration by ID with a PATCH request. parameters: - name: id @@ -164,4 +164,4 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] \ No newline at end of file + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] diff --git a/static/api-specs/idn/beta/paths/service-desk-integrations.yaml b/static/api-specs/idn/beta/paths/service-desk-integrations.yaml index 4249801b6..e5403566b 100644 --- a/static/api-specs/idn/beta/paths/service-desk-integrations.yaml +++ b/static/api-specs/idn/beta/paths/service-desk-integrations.yaml @@ -19,6 +19,7 @@ get: Sorting is supported for the following fields: **name** + example: name - name: filters in: query required: false @@ -44,6 +45,7 @@ get: **cluster**: *eq, in* + example: id eq 2c91808b6ef1d43e016efba0ce470904 - $ref: '../../v3/parameters/count.yaml' responses: "200": @@ -71,7 +73,7 @@ get: post: tags: - Service Desk Integration - summary: Create a new Service Desk integration + summary: Create new Service Desk integration description: Create a new Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: createServiceDeskIntegration requestBody: @@ -101,4 +103,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] \ No newline at end of file + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] diff --git a/static/api-specs/idn/beta/paths/sod/arm-risk.yaml b/static/api-specs/idn/beta/paths/sod/arm-risk.yaml index 54b45c618..23aa9c202 100644 --- a/static/api-specs/idn/beta/paths/sod/arm-risk.yaml +++ b/static/api-specs/idn/beta/paths/sod/arm-risk.yaml @@ -2,14 +2,14 @@ get: operationId: getArmRiskById tags: - SOD Policy - summary: This API gets the specified ARM risk. + summary: Gets the specified ARM risk. description: >- This API gets the specified ARM risk. Any authenticated token can call this API. security: - - oauth2: [idn:sod-policy:read] + - oauth2: [idn:sod-policy:read, idn:sod-policy:manage] parameters: - in: path name: id @@ -38,4 +38,4 @@ get: '429': $ref: '../../../v3/responses/429.yaml' '500': - $ref: '../../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/source-accounts-schema.yaml b/static/api-specs/idn/beta/paths/source-accounts-schema.yaml index 68afd5827..69e32f369 100644 --- a/static/api-specs/idn/beta/paths/source-accounts-schema.yaml +++ b/static/api-specs/idn/beta/paths/source-accounts-schema.yaml @@ -30,7 +30,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:source-schema:read] + - oauth2: [idn:source-schema:read, idn:source-schema:manage] post: tags: - Sources @@ -74,4 +74,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:source-schema:update] + - oauth2: [idn:source-schema:manage] diff --git a/static/api-specs/idn/beta/paths/source-connector-check-connection.yaml b/static/api-specs/idn/beta/paths/source-connector-check-connection.yaml index 3cbd5b37c..5aefdf298 100644 --- a/static/api-specs/idn/beta/paths/source-connector-check-connection.yaml +++ b/static/api-specs/idn/beta/paths/source-connector-check-connection.yaml @@ -2,14 +2,14 @@ post: operationId: testSourceConnection tags: - Sources - summary: Check connection for the source connector. + summary: Check connection for source connector. description: >- This endpoint validates that the configured credentials are valid and will properly authenticate with the source identified by the sourceId path parameter. A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:source-connector:write] + - oauth2: [idn:source-connector:manage] parameters: - in: path name: sourceId @@ -25,6 +25,8 @@ post: application/json: schema: $ref: '../schemas/StatusResponse.yaml' + '400': + $ref: '../../v3/responses/400.yaml' '401': $ref: '../../v3/responses/401.yaml' '403': diff --git a/static/api-specs/idn/beta/paths/source-connector-initiate-extract.yaml b/static/api-specs/idn/beta/paths/source-connector-initiate-extract.yaml index 267a5bb2f..534c5c2e0 100644 --- a/static/api-specs/idn/beta/paths/source-connector-initiate-extract.yaml +++ b/static/api-specs/idn/beta/paths/source-connector-initiate-extract.yaml @@ -8,7 +8,7 @@ post: A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:source-connector:write] + - oauth2: [idn:source-connector:manage] parameters: - in: path name: sourceId diff --git a/static/api-specs/idn/beta/paths/source-connector-peek-resource-objects.yaml b/static/api-specs/idn/beta/paths/source-connector-peek-resource-objects.yaml index 6828df722..0d06fad92 100644 --- a/static/api-specs/idn/beta/paths/source-connector-peek-resource-objects.yaml +++ b/static/api-specs/idn/beta/paths/source-connector-peek-resource-objects.yaml @@ -2,13 +2,13 @@ post: operationId: peekResourceObjects tags: - Sources - summary: Peek resource objects from the source connector + summary: Peek source connector's resource objects description: >- Retrieves a sample of data returned from account and group aggregation requests. A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:source-connector:write] + - oauth2: [idn:source-connector:manage] parameters: - in: path name: sourceId diff --git a/static/api-specs/idn/beta/paths/source-connector-ping-cluster.yaml b/static/api-specs/idn/beta/paths/source-connector-ping-cluster.yaml index ffb98566d..35fbdba82 100644 --- a/static/api-specs/idn/beta/paths/source-connector-ping-cluster.yaml +++ b/static/api-specs/idn/beta/paths/source-connector-ping-cluster.yaml @@ -2,13 +2,13 @@ post: operationId: pingCluster tags: - Sources - summary: Ping cluster for the source connector + summary: Ping cluster for source connector description: >- This endpoint validates that the cluster being used by the source is reachable from IdentityNow. A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:source-connector:write] + - oauth2: [idn:source-connector:manage] parameters: - in: path name: sourceId @@ -24,6 +24,8 @@ post: application/json: schema: $ref: '../schemas/StatusResponse.yaml' + '400': + $ref: '../../v3/responses/400.yaml' '401': $ref: '../../v3/responses/401.yaml' '403': diff --git a/static/api-specs/idn/beta/paths/source-connector-test-configuration.yaml b/static/api-specs/idn/beta/paths/source-connector-test-configuration.yaml index 05f61371a..86267a900 100644 --- a/static/api-specs/idn/beta/paths/source-connector-test-configuration.yaml +++ b/static/api-specs/idn/beta/paths/source-connector-test-configuration.yaml @@ -2,14 +2,14 @@ post: operationId: testSourceConfiguration tags: - Sources - summary: Test configuration for the source connector + summary: Test configuration for source connector description: >- This endpoint performs a more detailed validation of the source's configuration that can take longer than the lighter weight credential validation performed by the checkConnection API. A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:source-connector:write] + - oauth2: [idn:source-connector:manage] parameters: - in: path name: sourceId @@ -25,6 +25,8 @@ post: application/json: schema: $ref: '../schemas/StatusResponse.yaml' + '400': + $ref: '../../v3/responses/400.yaml' '401': $ref: '../../v3/responses/401.yaml' '403': diff --git a/static/api-specs/idn/beta/paths/source-entitlements-schema.yaml b/static/api-specs/idn/beta/paths/source-entitlements-schema.yaml index d9c204018..f3f549d0e 100644 --- a/static/api-specs/idn/beta/paths/source-entitlements-schema.yaml +++ b/static/api-specs/idn/beta/paths/source-entitlements-schema.yaml @@ -36,7 +36,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:source-schema:read] + - oauth2: [idn:source-schema:read, idn:source-schema:manage] post: tags: - Sources @@ -86,4 +86,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:source-schema:update] + - oauth2: [idn:source-schema:manage] diff --git a/static/api-specs/idn/beta/paths/sources-entitlement-request-config.yaml b/static/api-specs/idn/beta/paths/sources-entitlement-request-config.yaml index 8ac47f5ad..127103ff5 100644 --- a/static/api-specs/idn/beta/paths/sources-entitlement-request-config.yaml +++ b/static/api-specs/idn/beta/paths/sources-entitlement-request-config.yaml @@ -1,6 +1,6 @@ get: security: - - oauth2: [ idn:sources:read ] + - oauth2: [ idn:sources:read, idn:sources:manage ] operationId: getSourceEntitlementRequestConfig summary: Get Source Entitlement Request Configuration tags: @@ -91,7 +91,7 @@ get: put: security: - - oauth2: [ idn:sources:update ] + - oauth2: [ idn:sources:manage ] operationId: updateSourceEntitlementRequestConfig summary: Update Source Entitlement Request Configuration tags: @@ -179,4 +179,4 @@ put: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/paths/sp-config-export.yaml b/static/api-specs/idn/beta/paths/sp-config-export.yaml index 985f26661..44ef70f0d 100644 --- a/static/api-specs/idn/beta/paths/sp-config-export.yaml +++ b/static/api-specs/idn/beta/paths/sp-config-export.yaml @@ -1,17 +1,13 @@ post: operationId: exportSpConfig security: - - oauth2: [sp:config:export] + - oauth2: [sp:config:read, sp:config:manage] tags: - SP-Config summary: Initiates Configuration Objects Export Job. description: >- This post will export objects from the tenant to a JSON configuration file. - Request will need one of the following security scopes: - - - sp:config:read - - sp:config:manage requestBody: description: Export options control what will be included in the export. required: true diff --git a/static/api-specs/idn/beta/paths/sp-config-objects.yaml b/static/api-specs/idn/beta/paths/sp-config-objects.yaml index f6e85845e..3eba56d7e 100644 --- a/static/api-specs/idn/beta/paths/sp-config-objects.yaml +++ b/static/api-specs/idn/beta/paths/sp-config-objects.yaml @@ -1,7 +1,7 @@ get: operationId: listSpConfigObjects security: - - oauth2: [sp:config:export] + - oauth2: [sp:config:read, sp:config:manage] tags: - SP-Config summary: Get Config Object details @@ -9,10 +9,6 @@ get: This gets the list of object configurations which are known to the tenant export/import service. Object configurations that contain "importUrl" and "exportUrl" are available for export/import. - Request will need one of the following security scopes: - - - sp:config:read - - sp:config:manage responses: '200': description: >- diff --git a/static/api-specs/idn/beta/paths/task-definition.yaml b/static/api-specs/idn/beta/paths/task-definition.yaml index 4b05ac162..80fcce547 100644 --- a/static/api-specs/idn/beta/paths/task-definition.yaml +++ b/static/api-specs/idn/beta/paths/task-definition.yaml @@ -4,7 +4,7 @@ get: tags: - Task Management - summary: Retrieves a task definition summary by task definition ID + summary: Retrieves a task definition summary description: Get a specified TaskDefinitionSummary. operationId: getTaskDefinitionSummary parameters: @@ -24,12 +24,20 @@ get: application/json: schema: $ref: '../schemas/TaskDefinitionSummary.yaml' + "400": + $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' "404": $ref: '../../v3/responses/404.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:task-definition:read] + - oauth2: [idn:task-definition:read, idn:task-definition:manage] patch: tags: - Task Management @@ -61,9 +69,15 @@ patch: $ref: '../schemas/TaskDefinitionSummary.yaml' "400": $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' "404": $ref: '../../v3/responses/404.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:task-definition:write] + - oauth2: [idn:task-definition:manage] diff --git a/static/api-specs/idn/beta/paths/transform.yaml b/static/api-specs/idn/beta/paths/transform.yaml index d54d5a88f..06be45864 100644 --- a/static/api-specs/idn/beta/paths/transform.yaml +++ b/static/api-specs/idn/beta/paths/transform.yaml @@ -17,6 +17,7 @@ get: explode: false schema: type: string + example: 2c9180835d2e5168015d32f890ca1581 responses: "200": description: Transform with the given ID @@ -24,12 +25,20 @@ get: application/json: schema: $ref: '../schemas/Transform.yaml' + "400": + $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' "404": $ref: '../../v3/responses/404.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:read] + - oauth2: [idn:transform:read, idn:transform:manage] put: tags: - Transforms @@ -50,6 +59,7 @@ put: explode: false schema: type: string + example: 2c9180835d2e5168015d32f890ca1581 requestBody: description: >- The updated transform object (must include "name", "type", and "attributes" fields). @@ -76,12 +86,18 @@ put: internal: false "400": $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' "404": $ref: '../../v3/responses/404.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:write] + - oauth2: [idn:transform:manage] delete: tags: - Transforms @@ -101,12 +117,21 @@ delete: explode: false schema: type: string + example: 2c9180835d2e5168015d32f890ca1581 responses: "204": $ref: '../../v3/responses/204.yaml' + "400": + $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' "404": $ref: '../../v3/responses/404.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:delete] + - oauth2: [idn:transform:manage] diff --git a/static/api-specs/idn/beta/paths/transforms.yaml b/static/api-specs/idn/beta/paths/transforms.yaml index 58c3772eb..8ba6668a7 100644 --- a/static/api-specs/idn/beta/paths/transforms.yaml +++ b/static/api-specs/idn/beta/paths/transforms.yaml @@ -31,6 +31,7 @@ get: **internal**: *eq* **name**: *eq*, *sw* + example: name eq ExampleTransformName123 required: false style: form explode: true @@ -56,10 +57,18 @@ get: type: substring attributes: { "begin": 0, "end": 3 } internal: true + "400": + $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms-list:read] + - oauth2: [idn:transform:read, idn:transform:manage] post: tags: - Transforms @@ -91,7 +100,13 @@ post: $ref: '../schemas/Transform.yaml' "400": $ref: '../../v3/responses/400.yaml' + "401": + $ref: '../../v3/responses/401.yaml' "403": $ref: '../../v3/responses/403.yaml' + "429": + $ref: '../../v3/responses/429.yaml' + "500": + $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:write] + - oauth2: [idn:transform:manage] diff --git a/static/api-specs/idn/beta/paths/trigger-invocations-status.yaml b/static/api-specs/idn/beta/paths/trigger-invocations-status.yaml index 5208d96ae..cfe3c3433 100644 --- a/static/api-specs/idn/beta/paths/trigger-invocations-status.yaml +++ b/static/api-specs/idn/beta/paths/trigger-invocations-status.yaml @@ -66,5 +66,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-invocation-status:read' + - oauth2: [sp:trigger-service-invocation-status:read, sp:trigger-service-invocation-status:manage] diff --git a/static/api-specs/idn/beta/paths/trigger-invocations-test.yaml b/static/api-specs/idn/beta/paths/trigger-invocations-test.yaml index 5eaa50112..f454c6f08 100644 --- a/static/api-specs/idn/beta/paths/trigger-invocations-test.yaml +++ b/static/api-specs/idn/beta/paths/trigger-invocations-test.yaml @@ -53,5 +53,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-invocation-test:create' + - oauth2: [sp:trigger-service-invocation-status:manage] diff --git a/static/api-specs/idn/beta/paths/trigger-subscription.yaml b/static/api-specs/idn/beta/paths/trigger-subscription.yaml index 698cacb0f..7cf4e012f 100644 --- a/static/api-specs/idn/beta/paths/trigger-subscription.yaml +++ b/static/api-specs/idn/beta/paths/trigger-subscription.yaml @@ -88,8 +88,7 @@ put: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions:update' + - oauth2: [sp:trigger-service-subscriptions:manage] patch: operationId: patchSubscription @@ -138,8 +137,7 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions:update' + - oauth2: [sp:trigger-service-subscriptions:manage] delete: operationId: deleteSubscription @@ -172,5 +170,4 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions:delete' + - oauth2: [sp:trigger-service-subscriptions:manage] diff --git a/static/api-specs/idn/beta/paths/trigger-subscriptions-internal.yaml b/static/api-specs/idn/beta/paths/trigger-subscriptions-internal.yaml index f1ad5ec84..dc554ae40 100644 --- a/static/api-specs/idn/beta/paths/trigger-subscriptions-internal.yaml +++ b/static/api-specs/idn/beta/paths/trigger-subscriptions-internal.yaml @@ -31,5 +31,4 @@ post: $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions:create' + - oauth2: [sp:trigger-service-subscriptions:manage] diff --git a/static/api-specs/idn/beta/paths/trigger-subscriptions-validate-filter.yaml b/static/api-specs/idn/beta/paths/trigger-subscriptions-validate-filter.yaml index 205ea05f4..f9b6116ea 100644 --- a/static/api-specs/idn/beta/paths/trigger-subscriptions-validate-filter.yaml +++ b/static/api-specs/idn/beta/paths/trigger-subscriptions-validate-filter.yaml @@ -43,5 +43,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions-validate-filter:create' + - oauth2: [sp:trigger-service-subscriptions:manage] diff --git a/static/api-specs/idn/beta/paths/trigger-subscriptions.yaml b/static/api-specs/idn/beta/paths/trigger-subscriptions.yaml index 5f4da2a12..95ba17459 100644 --- a/static/api-specs/idn/beta/paths/trigger-subscriptions.yaml +++ b/static/api-specs/idn/beta/paths/trigger-subscriptions.yaml @@ -77,8 +77,7 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions:create' + - oauth2: [sp:trigger-service-subscriptions:manage] get: operationId: listSubscriptions @@ -194,5 +193,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions:read' + - oauth2: [sp:trigger-service-subscriptions:read] diff --git a/static/api-specs/idn/beta/paths/triggers.yaml b/static/api-specs/idn/beta/paths/triggers.yaml index 3e4ab4d8f..e7d555287 100644 --- a/static/api-specs/idn/beta/paths/triggers.yaml +++ b/static/api-specs/idn/beta/paths/triggers.yaml @@ -58,5 +58,4 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: - - 'idn:trigger-service-subscriptions:read' + - oauth2: [sp:trigger-service-subscriptions:read] diff --git a/static/api-specs/idn/beta/paths/workflow-execution-cancel.yaml b/static/api-specs/idn/beta/paths/workflow-execution-cancel.yaml index 6258448f3..fc68902c2 100644 --- a/static/api-specs/idn/beta/paths/workflow-execution-cancel.yaml +++ b/static/api-specs/idn/beta/paths/workflow-execution-cancel.yaml @@ -6,7 +6,7 @@ post: description: >- Use this API to cancel a running workflow execution. security: - - oauth2: [sp:workflow:execute] + - oauth2: [sp:workflow-execute:external] parameters: - name: id in: path diff --git a/static/api-specs/idn/beta/paths/workflow-external-execute-test.yaml b/static/api-specs/idn/beta/paths/workflow-external-execute-test.yaml index a3840feaa..6170e50a9 100644 --- a/static/api-specs/idn/beta/paths/workflow-external-execute-test.yaml +++ b/static/api-specs/idn/beta/paths/workflow-external-execute-test.yaml @@ -6,7 +6,7 @@ post: description: >- Validate a workflow with an "External Trigger" can receive input. The response includes the input that the workflow received, which can be used to validate that the input is intact when it reaches the workflow. security: - - oauth2: [sp:workflow:external-execute] + - oauth2: [sp:workflow-execute:external] parameters: - name: id in: path diff --git a/static/api-specs/idn/beta/paths/workflow-external-execute.yaml b/static/api-specs/idn/beta/paths/workflow-external-execute.yaml index 2d25cadf1..3496ba67e 100644 --- a/static/api-specs/idn/beta/paths/workflow-external-execute.yaml +++ b/static/api-specs/idn/beta/paths/workflow-external-execute.yaml @@ -6,7 +6,7 @@ post: description: >- This endpoint allows a service outside of IdentityNow to initiate a workflow that uses the "External Trigger" step. The external service will invoke this endpoint with the input data it wants to send to the workflow in the body. security: - - oauth2: [sp:workflow:external-execute] + - oauth2: [sp:workflow-execute:external] parameters: - name: id in: path diff --git a/static/api-specs/idn/beta/paths/workflow-external-oauth-client.yaml b/static/api-specs/idn/beta/paths/workflow-external-oauth-client.yaml index a91864a1e..b29d93299 100644 --- a/static/api-specs/idn/beta/paths/workflow-external-oauth-client.yaml +++ b/static/api-specs/idn/beta/paths/workflow-external-oauth-client.yaml @@ -6,7 +6,7 @@ post: description: >- Create OAuth client ID, client secret, and callback URL for use in an external trigger. External triggers will need this information to generate an access token to authenticate to the callback URL and submit a trigger payload that will initiate the workflow. security: - - oauth2: [sp:workflow:update] + - oauth2: [sp:workflow:manage] parameters: - name: id in: path diff --git a/static/api-specs/idn/beta/paths/workflow-test.yaml b/static/api-specs/idn/beta/paths/workflow-test.yaml index febc59ab0..59f8712b3 100644 --- a/static/api-specs/idn/beta/paths/workflow-test.yaml +++ b/static/api-specs/idn/beta/paths/workflow-test.yaml @@ -10,7 +10,7 @@ post: **This will cause a live run of the workflow, which could result in unintended modifications to your IDN tenant.** security: - - oauth2: [sp:workflow:execute] + - oauth2: [sp:workflow-execute:external] parameters: - name: id in: path diff --git a/static/api-specs/idn/beta/paths/workflow.yaml b/static/api-specs/idn/beta/paths/workflow.yaml index 83adde035..ba9733df3 100644 --- a/static/api-specs/idn/beta/paths/workflow.yaml +++ b/static/api-specs/idn/beta/paths/workflow.yaml @@ -43,7 +43,7 @@ put: description: >- Perform a full update of a workflow. The updated workflow object is returned in the response. security: - - oauth2: [sp:workflow:update] + - oauth2: [sp:workflow:manage] parameters: - name: id in: path @@ -85,7 +85,7 @@ patch: description: >- Partially update an existing Workflow using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. security: - - oauth2: [sp:workflow:update] + - oauth2: [sp:workflow:manage] parameters: - name: id in: path @@ -194,7 +194,7 @@ delete: description: >- Delete a workflow. **Enabled workflows cannot be deleted**. They must first be disabled. security: - - oauth2: [sp:workflow:delete] + - oauth2: [sp:workflow:manage] parameters: - name: id in: path diff --git a/static/api-specs/idn/beta/paths/workflows.yaml b/static/api-specs/idn/beta/paths/workflows.yaml index 0533e046b..c0e02e42a 100644 --- a/static/api-specs/idn/beta/paths/workflows.yaml +++ b/static/api-specs/idn/beta/paths/workflows.yaml @@ -6,7 +6,7 @@ post: description: >- Create a new workflow with the desired trigger and steps specified in the request body. security: - - oauth2: [sp:workflow:create] + - oauth2: [sp:workflow:manage] requestBody: required: true content: @@ -152,4 +152,4 @@ get: '429': $ref: '../../v3/responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' \ No newline at end of file + $ref: '../../v3/responses/500.yaml' diff --git a/static/api-specs/idn/beta/schemas/Argument.yaml b/static/api-specs/idn/beta/schemas/Argument.yaml index d9f1e4c33..6371eb69e 100644 --- a/static/api-specs/idn/beta/schemas/Argument.yaml +++ b/static/api-specs/idn/beta/schemas/Argument.yaml @@ -1,4 +1,5 @@ type: object +nullable: true properties: name: type: string @@ -10,6 +11,7 @@ properties: example: the first name of the identity type: type: string + nullable: true description: the programmatic type of the argument example: String required: diff --git a/static/api-specs/idn/beta/schemas/BaseCommonDto.yaml b/static/api-specs/idn/beta/schemas/BaseCommonDto.yaml index 12aed1621..02c89bb9c 100644 --- a/static/api-specs/idn/beta/schemas/BaseCommonDto.yaml +++ b/static/api-specs/idn/beta/schemas/BaseCommonDto.yaml @@ -16,10 +16,10 @@ properties: type: string format: date-time readOnly: true - example: true + example: "2023-01-03T21:16:22.432Z" modified: description: Last modification date of the Object type: string format: date-time readOnly: true - example: true + example: "2023-01-03T21:16:22.432Z" diff --git a/static/api-specs/idn/beta/schemas/BasicAuthConfig.yaml b/static/api-specs/idn/beta/schemas/BasicAuthConfig.yaml index c61655389..bec9a86d8 100644 --- a/static/api-specs/idn/beta/schemas/BasicAuthConfig.yaml +++ b/static/api-specs/idn/beta/schemas/BasicAuthConfig.yaml @@ -9,4 +9,5 @@ properties: nullable: true description: The password to authenticate. On response, this field is set to null as to not return secrets. example: null +nullable: true description: Config required if BASIC_AUTH is used. diff --git a/static/api-specs/idn/beta/schemas/BearerTokenAuthConfig.yaml b/static/api-specs/idn/beta/schemas/BearerTokenAuthConfig.yaml index c4c35bc94..8f932a8e1 100644 --- a/static/api-specs/idn/beta/schemas/BearerTokenAuthConfig.yaml +++ b/static/api-specs/idn/beta/schemas/BearerTokenAuthConfig.yaml @@ -5,5 +5,6 @@ properties: nullable: true description: Bearer token example: null +nullable: true description: Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets. diff --git a/static/api-specs/idn/beta/schemas/ConnectorRuleCreateRequest.yaml b/static/api-specs/idn/beta/schemas/ConnectorRuleCreateRequest.yaml index f164d8020..fb651e829 100644 --- a/static/api-specs/idn/beta/schemas/ConnectorRuleCreateRequest.yaml +++ b/static/api-specs/idn/beta/schemas/ConnectorRuleCreateRequest.yaml @@ -59,5 +59,7 @@ properties: $ref: './SourceCode.yaml' attributes: type: object + nullable: true description: a map of string to objects - example: {} \ No newline at end of file + example: {} + diff --git a/static/api-specs/idn/beta/schemas/ConnectorRuleResponse.yaml b/static/api-specs/idn/beta/schemas/ConnectorRuleResponse.yaml index d636633e9..35b31e683 100644 --- a/static/api-specs/idn/beta/schemas/ConnectorRuleResponse.yaml +++ b/static/api-specs/idn/beta/schemas/ConnectorRuleResponse.yaml @@ -2,6 +2,7 @@ description: ConnectorRuleResponse allOf: - $ref: './ConnectorRuleCreateRequest.yaml' - type: object + nullable: true required: - id - created @@ -16,5 +17,6 @@ allOf: example: '021-07-22T15:59:23Z' modified: type: string + nullable: true description: an ISO 8601 UTC timestamp when this rule was last modified example: '021-07-22T15:59:23Z' diff --git a/static/api-specs/idn/beta/schemas/FullAccount.yaml b/static/api-specs/idn/beta/schemas/FullAccount.yaml index 9e433043a..128d256a7 100644 --- a/static/api-specs/idn/beta/schemas/FullAccount.yaml +++ b/static/api-specs/idn/beta/schemas/FullAccount.yaml @@ -1,6 +1,6 @@ # The Full version of the Account DTO which contains data stored on the DB objects # other than just the Account object -type: object +#type: object title: Full Account allOf: - $ref: './SlimAccount.yaml' diff --git a/static/api-specs/idn/beta/schemas/IdentityAttributeConfig.yaml b/static/api-specs/idn/beta/schemas/IdentityAttributeConfig.yaml index a7987afec..5a6e5b135 100644 --- a/static/api-specs/idn/beta/schemas/IdentityAttributeConfig.yaml +++ b/static/api-specs/idn/beta/schemas/IdentityAttributeConfig.yaml @@ -4,6 +4,7 @@ properties: type: boolean description: If the profile or mapping is enabled example: true + default: true attributeTransforms: type: array items: diff --git a/static/api-specs/idn/beta/schemas/IdentityExceptionReportReference.yaml b/static/api-specs/idn/beta/schemas/IdentityExceptionReportReference.yaml index 723f55770..18258984f 100644 --- a/static/api-specs/idn/beta/schemas/IdentityExceptionReportReference.yaml +++ b/static/api-specs/idn/beta/schemas/IdentityExceptionReportReference.yaml @@ -1,4 +1,5 @@ type: object +nullable: true properties: taskResultId: type: string diff --git a/static/api-specs/idn/beta/schemas/IdentityListItem.yaml b/static/api-specs/idn/beta/schemas/IdentityListItem.yaml index e457241f5..49f9ed586 100644 --- a/static/api-specs/idn/beta/schemas/IdentityListItem.yaml +++ b/static/api-specs/idn/beta/schemas/IdentityListItem.yaml @@ -20,7 +20,7 @@ properties: type: boolean default: true description: indicates if an identity is active or not - example: true + example: true deletedDate: type: string nullable: true diff --git a/static/api-specs/idn/beta/schemas/IdentityProfile.yaml b/static/api-specs/idn/beta/schemas/IdentityProfile.yaml index ac826ba41..646e5d1c3 100644 --- a/static/api-specs/idn/beta/schemas/IdentityProfile.yaml +++ b/static/api-specs/idn/beta/schemas/IdentityProfile.yaml @@ -6,6 +6,7 @@ allOf: properties: description: type: string + nullable: true description: The description of the Identity Profile. example: My custom flat file profile owner: @@ -52,6 +53,7 @@ allOf: description: The authoritative source for this Identity Profile. identityRefreshRequired: type: boolean + default: false description: True if a identity refresh is needed. Typically triggered when a change on the source has been made example: true identityCount: @@ -66,4 +68,5 @@ allOf: hasTimeBasedAttr: description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. type: boolean + default: true example: true diff --git a/static/api-specs/idn/beta/schemas/SlimAccount.yaml b/static/api-specs/idn/beta/schemas/SlimAccount.yaml index ea987444c..efa41a302 100644 --- a/static/api-specs/idn/beta/schemas/SlimAccount.yaml +++ b/static/api-specs/idn/beta/schemas/SlimAccount.yaml @@ -1,5 +1,5 @@ # The Slim version of the Account DTO containing only data from the Account object -type: object +#type: object title: Slim Account allOf: - $ref: './BaseCommonDto.yaml' @@ -51,3 +51,8 @@ allOf: attributes: type: object description: A map containing attributes associated with the account + additionalProperties: true + example: + firstName: "SailPoint" + lastName: "Support" + displayName: "SailPoint Support" diff --git a/static/api-specs/idn/beta/schemas/SpConfigObject.yaml b/static/api-specs/idn/beta/schemas/SpConfigObject.yaml index 58ff8cd86..3d799e8b0 100644 --- a/static/api-specs/idn/beta/schemas/SpConfigObject.yaml +++ b/static/api-specs/idn/beta/schemas/SpConfigObject.yaml @@ -12,14 +12,13 @@ properties: description: >- Url and query parameters to be used to resolve this type of object by Id. resolveByNameUrl: - $ref: './SpConfigUrl.yaml' + type: array + items: + $ref: './SpConfigUrl.yaml' description: >- Url and query parameters to be used to resolve this type of object by name. exportUrl: - type: string - description: >- - Url to export this type of object. - example: ets://trigger-subscriptions/export + $ref: './SpConfigUrl.yaml' exportRight: type: string description: >- @@ -32,10 +31,7 @@ properties: Pagination limit imposed by the target service for this object type. example: 10 importUrl: - type: string - description: >- - Url to import this type of object. - example: ets://trigger-subscriptions/import + $ref: './SpConfigUrl.yaml' importRight: type: string description: >- @@ -57,6 +53,7 @@ properties: example: ["$.owner"] signatureRequired: type: boolean + default: false description: >- If true, this type of object will be JWS signed and cannot be modified before import. example: false diff --git a/static/api-specs/idn/beta/schemas/Subscription.yaml b/static/api-specs/idn/beta/schemas/Subscription.yaml index a2d4490aa..7515cea28 100644 --- a/static/api-specs/idn/beta/schemas/Subscription.yaml +++ b/static/api-specs/idn/beta/schemas/Subscription.yaml @@ -1,12 +1,12 @@ type: object required: -- id -- triggerId -- type -- name -- triggerName -- enabled -- responseDeadline + - id + - triggerId + - type + - name + - triggerName + - enabled + - responseDeadline properties: id: type: string diff --git a/static/api-specs/idn/beta/schemas/SubscriptionPostRequest.yaml b/static/api-specs/idn/beta/schemas/SubscriptionPostRequest.yaml index b0d497db8..75b7e8866 100644 --- a/static/api-specs/idn/beta/schemas/SubscriptionPostRequest.yaml +++ b/static/api-specs/idn/beta/schemas/SubscriptionPostRequest.yaml @@ -1,8 +1,8 @@ type: object required: -- triggerId -- type -- name + - triggerId + - type + - name properties: name: type: string @@ -44,4 +44,4 @@ properties: example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' externalDocs: description: JSONPath filter documentation - url: https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events \ No newline at end of file + url: https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events diff --git a/static/api-specs/idn/beta/schemas/SubscriptionPutRequest.yaml b/static/api-specs/idn/beta/schemas/SubscriptionPutRequest.yaml index a94b02e08..31e6a1d91 100644 --- a/static/api-specs/idn/beta/schemas/SubscriptionPutRequest.yaml +++ b/static/api-specs/idn/beta/schemas/SubscriptionPutRequest.yaml @@ -36,4 +36,4 @@ properties: example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' externalDocs: description: JSONPath filter documentation - url: https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events \ No newline at end of file + url: https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events diff --git a/static/api-specs/idn/beta/schemas/SubscriptionType.yaml b/static/api-specs/idn/beta/schemas/SubscriptionType.yaml index 729125221..8ae1f709c 100644 --- a/static/api-specs/idn/beta/schemas/SubscriptionType.yaml +++ b/static/api-specs/idn/beta/schemas/SubscriptionType.yaml @@ -1,6 +1,4 @@ type: string +enum: [HTTP, EVENTBRIDGE, INLINE, SCRIPT, WORKFLOW] description: Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required. -enum: - - HTTP - - EVENTBRIDGE example: HTTP diff --git a/static/api-specs/idn/beta/schemas/Transform.yaml b/static/api-specs/idn/beta/schemas/Transform.yaml index 980b322f3..ac6435062 100644 --- a/static/api-specs/idn/beta/schemas/Transform.yaml +++ b/static/api-specs/idn/beta/schemas/Transform.yaml @@ -26,12 +26,13 @@ properties: example: concat attributes: type: object + nullable: true description: >- Meta-data about the transform. Values in this list are specific to the type of transform to be executed. - additionalProperties: true example: { "inputFormat": "MMM dd yyyy, HH:mm:ss.SSS", "outputFormat": "yyyy/dd/MM" } internal: type: boolean + default: false readOnly: true description: >- Indicates whether this is an internal SailPoint-created transform or a customer-created transform diff --git a/static/api-specs/idn/beta/schemas/TransformDefinition.yaml b/static/api-specs/idn/beta/schemas/TransformDefinition.yaml index bcb276da5..0527f2d36 100644 --- a/static/api-specs/idn/beta/schemas/TransformDefinition.yaml +++ b/static/api-specs/idn/beta/schemas/TransformDefinition.yaml @@ -6,8 +6,10 @@ properties: example: accountAttribute attributes: type: object - additionalProperties: - type: object + nullable: true + additionalProperties: true +# type: object +# nullable: true description: >- Arbitrary key-value pairs to store any metadata for the object example: { diff --git a/static/api-specs/idn/v3/paths/identity-profile-default-config.yaml b/static/api-specs/idn/v3/paths/identity-profile-default-config.yaml index 03e49d378..55fdb267b 100644 --- a/static/api-specs/idn/v3/paths/identity-profile-default-config.yaml +++ b/static/api-specs/idn/v3/paths/identity-profile-default-config.yaml @@ -36,4 +36,4 @@ get: '500': $ref: '../responses/500.yaml' security: - - oauth2: [idn:identity-profile-default-mapping:read] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/v3/paths/identity-profile-lifecycle-state.yaml b/static/api-specs/idn/v3/paths/identity-profile-lifecycle-state.yaml index 343121fc8..d0ed78a93 100644 --- a/static/api-specs/idn/v3/paths/identity-profile-lifecycle-state.yaml +++ b/static/api-specs/idn/v3/paths/identity-profile-lifecycle-state.yaml @@ -53,7 +53,7 @@ patch: A token with ORG_ADMIN or API authority is required to call this API. security: - - oauth2: [idn:identity-profile-lifecycle-state:update] + - oauth2: [idn:identity-profile-lifecycle-state:manage] parameters: - in: path name: identity-profile-id @@ -141,7 +141,7 @@ delete: A token with API, or ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:identity-profile-lifecycle-state:delete] + - oauth2: [idn:identity-profile-lifecycle-state:manage] parameters: - in: path name: identity-profile-id diff --git a/static/api-specs/idn/v3/paths/identity-profile-lifecycle-states.yaml b/static/api-specs/idn/v3/paths/identity-profile-lifecycle-states.yaml index 5cbe57e9d..474b8272f 100644 --- a/static/api-specs/idn/v3/paths/identity-profile-lifecycle-states.yaml +++ b/static/api-specs/idn/v3/paths/identity-profile-lifecycle-states.yaml @@ -61,7 +61,7 @@ post: A token with ORG_ADMIN or API authority is required to call this API. security: - - oauth2: [idn:identity-profile-lifecycle-state:create] + - oauth2: [idn:identity-profile-lifecycle-state:manage] parameters: - in: path name: identity-profile-id diff --git a/static/api-specs/idn/v3/paths/identity-profiles-import.yaml b/static/api-specs/idn/v3/paths/identity-profiles-import.yaml index f2a357f9f..0481dec10 100644 --- a/static/api-specs/idn/v3/paths/identity-profiles-import.yaml +++ b/static/api-specs/idn/v3/paths/identity-profiles-import.yaml @@ -32,4 +32,4 @@ post: '500': $ref: '../responses/500.yaml' security: - - oauth2: [idn:identity-profile:create] + - oauth2: [idn:identity-profile:manage] diff --git a/static/api-specs/idn/v3/paths/password-dictionary.yaml b/static/api-specs/idn/v3/paths/password-dictionary.yaml index 108cb47ca..78215e06e 100644 --- a/static/api-specs/idn/v3/paths/password-dictionary.yaml +++ b/static/api-specs/idn/v3/paths/password-dictionary.yaml @@ -8,7 +8,7 @@ get: A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: ['idn:password-dictionary-management:read'] + - oauth2: [idn:password-dictionary-management:read] responses: '200': description: >- @@ -81,7 +81,7 @@ put: A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: ['idn:password-dictionary-management:write'] + - oauth2: [idn:password-dictionary:manage] requestBody: required: true description: >- diff --git a/static/api-specs/idn/v3/paths/provisioning-policies-bulk-update.yaml b/static/api-specs/idn/v3/paths/provisioning-policies-bulk-update.yaml index 1d2a01d9e..3fe069224 100644 --- a/static/api-specs/idn/v3/paths/provisioning-policies-bulk-update.yaml +++ b/static/api-specs/idn/v3/paths/provisioning-policies-bulk-update.yaml @@ -8,7 +8,7 @@ post: A token with API, or ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:provisioning-policy-bulk:update] + - oauth2: [idn:provisioning-policy:manage] parameters: - in: path name: sourceId diff --git a/static/api-specs/idn/v3/paths/provisioning-policies.yaml b/static/api-specs/idn/v3/paths/provisioning-policies.yaml index cfc9b6932..d19da0bed 100644 --- a/static/api-specs/idn/v3/paths/provisioning-policies.yaml +++ b/static/api-specs/idn/v3/paths/provisioning-policies.yaml @@ -8,7 +8,7 @@ get: A token with API, or ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:provisioning-policy-list:read] + - oauth2: [idn:provisioning-policy:read, idn:provisioning-policy:manage] parameters: - in: path name: sourceId @@ -49,7 +49,7 @@ post: A token with ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:provisioning-policy:create] + - oauth2: [idn:provisioning-policy:manage] parameters: - in: path name: sourceId diff --git a/static/api-specs/idn/v3/paths/provisioning-policy.yaml b/static/api-specs/idn/v3/paths/provisioning-policy.yaml index f65174d0a..9e6c70c9a 100644 --- a/static/api-specs/idn/v3/paths/provisioning-policy.yaml +++ b/static/api-specs/idn/v3/paths/provisioning-policy.yaml @@ -8,7 +8,7 @@ get: A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. security: - - oauth2: [idn:provisioning-policy:read] + - oauth2: [idn:provisioning-policy:read, idn:provisioning-policy-source:read, idn:provisioning-policy:manage, idn:provisioning-policy-source-admin-operations:manage] parameters: - in: path name: sourceId @@ -53,7 +53,7 @@ put: A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. security: - - oauth2: [idn:provisioning-policy:update] + - oauth2: [idn:provisioning-policy:manage, idn:provisioning-policy-source-admin-operations:manage] parameters: - in: path name: sourceId @@ -178,7 +178,7 @@ delete: A token with API, or ORG_ADMIN authority is required to call this API. security: - - oauth2: [idn:provisioning-policy:delete] + - oauth2: [idn:provisioning-policy:manage] parameters: - in: path name: sourceId diff --git a/static/api-specs/idn/v3/paths/role-assigned-identities.yaml b/static/api-specs/idn/v3/paths/role-assigned-identities.yaml index 63825927b..401e3df3d 100644 --- a/static/api-specs/idn/v3/paths/role-assigned-identities.yaml +++ b/static/api-specs/idn/v3/paths/role-assigned-identities.yaml @@ -68,5 +68,5 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:read,idn:role-checked:read] + - oauth2: [idn:role-unchecked:read, idn:role-unchecked:manage, idn:role-checked:manage, idn:role-checked:read] diff --git a/static/api-specs/idn/v3/paths/role.yaml b/static/api-specs/idn/v3/paths/role.yaml index aa38b70b4..12385393c 100644 --- a/static/api-specs/idn/v3/paths/role.yaml +++ b/static/api-specs/idn/v3/paths/role.yaml @@ -37,7 +37,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:read,idn:role-checked:read] + - oauth2: [idn:role-unchecked:read, idn:role-unchecked:manage, idn:role-checked:manage, idn:role-checked:read] patch: operationId: patchRole tags: @@ -192,4 +192,4 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:update,idn:role-checked:update] + - oauth2: [idn:role-unchecked:manage, idn:role-checked:manage] diff --git a/static/api-specs/idn/v3/paths/roles.yaml b/static/api-specs/idn/v3/paths/roles.yaml index 0b7ad232d..cdfd61093 100644 --- a/static/api-specs/idn/v3/paths/roles.yaml +++ b/static/api-specs/idn/v3/paths/roles.yaml @@ -95,7 +95,7 @@ get: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:read,idn:role-checked:read] + - oauth2: [idn:role-unchecked:read, idn:role-unchecked:manage, idn:role-checked:manage, idn:role-checked:read] post: operationId: createRole tags: @@ -136,4 +136,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:role:create,idn:role-checked:create] + - oauth2: [idn:role-unchecked:manage, idn:role-checked:manage] diff --git a/static/api-specs/idn/v3/paths/service-desk-integration-configuration.yaml b/static/api-specs/idn/v3/paths/service-desk-integration-configuration.yaml index 520cafb6b..6e92fdade 100644 --- a/static/api-specs/idn/v3/paths/service-desk-integration-configuration.yaml +++ b/static/api-specs/idn/v3/paths/service-desk-integration-configuration.yaml @@ -1,7 +1,7 @@ get: tags: - Service Desk Integration - summary: Get the time check configuration of queued SDIM tickets + summary: Get the time check configuration description: Get the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: getStatusCheckDetails responses: @@ -29,7 +29,7 @@ get: put: tags: - Service Desk Integration - summary: Update the time check configuration of queued SDIM tickets + summary: Update the time check configuration description: Update the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: updateStatusCheckDetails requestBody: @@ -59,4 +59,4 @@ put: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] diff --git a/static/api-specs/idn/v3/paths/service-desk-integration.yaml b/static/api-specs/idn/v3/paths/service-desk-integration.yaml index 2f1a0dd41..1bf6ff999 100644 --- a/static/api-specs/idn/v3/paths/service-desk-integration.yaml +++ b/static/api-specs/idn/v3/paths/service-desk-integration.yaml @@ -1,7 +1,7 @@ get: tags: - Service Desk Integration - summary: Get a Service Desk integration by ID + summary: Get a Service Desk integration description: Get an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: getServiceDeskIntegration parameters: @@ -39,7 +39,7 @@ get: put: tags: - Service Desk Integration - summary: Update a Service Desk integration by ID + summary: Update a Service Desk integration description: Update an existing Service Desk integration by ID with updated value in JSON form as the request body. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: updateServiceDeskIntegration parameters: @@ -79,12 +79,12 @@ put: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] delete: tags: - Service Desk Integration - summary: Delete a Service Desk integration by ID + summary: Delete a Service Desk integration description: Delete an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: deleteServiceDeskIntegration parameters: @@ -113,13 +113,13 @@ delete: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] patch: operationId: patchServiceDeskIntegration tags: - Service Desk Integration - summary: Service Desk Integration Update - PATCH + summary: Service Desk Integration Update PATCH description: Update an existing ServiceDeskIntegration by ID with a PATCH request. parameters: - name: id @@ -164,4 +164,4 @@ patch: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] \ No newline at end of file + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] diff --git a/static/api-specs/idn/v3/paths/service-desk-integrations.yaml b/static/api-specs/idn/v3/paths/service-desk-integrations.yaml index 7f48d52f2..97e819a26 100644 --- a/static/api-specs/idn/v3/paths/service-desk-integrations.yaml +++ b/static/api-specs/idn/v3/paths/service-desk-integrations.yaml @@ -74,7 +74,7 @@ get: post: tags: - Service Desk Integration - summary: Create a new Service Desk integration + summary: Create new Service Desk integration description: Create a new Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. operationId: createServiceDeskIntegration requestBody: @@ -104,4 +104,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:service-desk-admin:write,idn:service-desk-integration:write] + - oauth2: [idn:service-desk-admin:manage,idn:service-desk-integration:manage] diff --git a/static/api-specs/idn/v3/paths/source-accounts-schema.yaml b/static/api-specs/idn/v3/paths/source-accounts-schema.yaml index df7bb72d6..09cceed95 100644 --- a/static/api-specs/idn/v3/paths/source-accounts-schema.yaml +++ b/static/api-specs/idn/v3/paths/source-accounts-schema.yaml @@ -46,7 +46,7 @@ post: To retrieve the file to modify and upload, log into Identity Now. - Click **Admin** -> **Connections** -> **Sources** -> **``** -> **Import Data** -> **Account Schema** -> **Options** -> **Download Schema** + Click **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Account Schema** -> **Options** -> **Download Schema** >**NOTE: This API is designated only for Delimited File sources.** @@ -87,4 +87,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:source-schema:update] + - oauth2: [idn:source-schema:manage] diff --git a/static/api-specs/idn/v3/paths/source-entitlements-schema.yaml b/static/api-specs/idn/v3/paths/source-entitlements-schema.yaml index 9c655c54a..201e32ded 100644 --- a/static/api-specs/idn/v3/paths/source-entitlements-schema.yaml +++ b/static/api-specs/idn/v3/paths/source-entitlements-schema.yaml @@ -53,7 +53,7 @@ post: To retrieve the file to modify and upload, log into Identity Now. - Click **Admin** -> **Connections** -> **Sources** -> **``** -> **Import Data** -> **Import Entitlements** -> **Download** + Click **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Import Entitlements** -> **Download** >**NOTE: This API is designated only for Delimited File sources.** @@ -100,4 +100,4 @@ post: '500': $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:source-schema:update] + - oauth2: [idn:source-schema:manage] diff --git a/static/api-specs/idn/v3/paths/transform.yaml b/static/api-specs/idn/v3/paths/transform.yaml index 931f6df80..75e8ef147 100644 --- a/static/api-specs/idn/v3/paths/transform.yaml +++ b/static/api-specs/idn/v3/paths/transform.yaml @@ -38,7 +38,7 @@ get: "500": $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:read] + - oauth2: [idn:transform:read] put: tags: - Transforms @@ -97,7 +97,7 @@ put: "500": $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:write] + - oauth2: [idn:transform:manage] delete: tags: - Transforms @@ -136,4 +136,4 @@ delete: "500": $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:delete] + - oauth2: [idn:transform:manage] diff --git a/static/api-specs/idn/v3/paths/transforms.yaml b/static/api-specs/idn/v3/paths/transforms.yaml index 80146fdef..fb76956fc 100644 --- a/static/api-specs/idn/v3/paths/transforms.yaml +++ b/static/api-specs/idn/v3/paths/transforms.yaml @@ -70,7 +70,7 @@ get: "500": $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms-list:read] + - oauth2: [idn:transform:read] post: tags: - Transforms @@ -114,4 +114,4 @@ post: "500": $ref: '../../v3/responses/500.yaml' security: - - oauth2: [idn:transforms:write] + - oauth2: [idn:transform:update] diff --git a/static/api-specs/idn/v3/schemas/IdentityAttributeConfig.yaml b/static/api-specs/idn/v3/schemas/IdentityAttributeConfig.yaml index 60927fc0c..3c7801e72 100644 --- a/static/api-specs/idn/v3/schemas/IdentityAttributeConfig.yaml +++ b/static/api-specs/idn/v3/schemas/IdentityAttributeConfig.yaml @@ -5,6 +5,7 @@ properties: enabled: description: The backend will only promote values if the profile/mapping is enabled. type: boolean + default: false example: true attributeTransforms: type: array diff --git a/static/api-specs/idn/v3/schemas/IdentityProfile.yaml b/static/api-specs/idn/v3/schemas/IdentityProfile.yaml index 76a17a59e..2d9c0b9fa 100644 --- a/static/api-specs/idn/v3/schemas/IdentityProfile.yaml +++ b/static/api-specs/idn/v3/schemas/IdentityProfile.yaml @@ -52,6 +52,7 @@ allOf: example: HR Active Directory identityRefreshRequired: type: boolean + default: false description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. example: true identityCount: @@ -66,4 +67,5 @@ allOf: hasTimeBasedAttr: description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. type: boolean + default: false example: true