consumes: - application/json produces: - application/json schemes: - https swagger: "2.0" info: contact: email: help@openziti.org name: OpenZiti url: https://openziti.discourse.group description: OpenZiti Edge Management API license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html title: Ziti Edge Management version: 0.28.0 host: demo.ziti.dev basePath: /edge/management/v1 paths: /: get: operationId: listRoot responses: "200": description: Version information for the controller headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listVersionEnvelope' security: [] summary: Returns version information tags: - Informational /.well-known/est/cacerts: get: description: | This endpoint is used during enrollments to bootstrap trust between enrolling clients and the Ziti Edge API. This endpoint returns a base64 encoded PKCS7 store. The content can be base64 decoded and parsed by any library that supports parsing PKCS7 stores. operationId: listWellKnownCas produces: - application/pkcs7-mime responses: "200": description: A base64 encoded PKCS7 store schema: example: | MIIMUQYJKoZIhvcNAQcCoIIMQjCCDD4CAQExADALBgkqhkiG9w0BBwGgggwkMIIG BjCCA+6gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZcxCzAJBgNVBAYTAlVTMRcw FQYDVQQIDA5Ob3J0aCBDYXJvbGluYTESMBAGA1UEBwwJQ2hhcmxvdHRlMRMwEQYD VQQKDApOZXRGb3VuZHJ5MSkwJwYDVQQLDCBOZXRGb3VuZHJ5IENlcnRpZmljYXRl IEF1dGhvcml0eTEbMBkGA1UEAwwSTmV0Rm91bmRyeSBSb290IENBMB4XDTE4MDUx ODE2NTcyM1oXDTI4MDUxNTE2NTcyM1owgYsxCzAJBgNVBAYTAlVTMRcwFQYDVQQI DA5Ob3J0aCBDYXJvbGluYTETMBEGA1UECgwKTmV0Rm91bmRyeTEpMCcGA1UECwwg TmV0Rm91bmRyeSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxIzAhBgNVBAMMGk5ldEZv dW5kcnkgSW50ZXJtZWRpYXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC CgKCAgEAsb1EPhMUweS9WpjT7L54xAOmZqugJ6fhSrFfLUwNUy172q+ASvZTpT1z KIPcZpGmPB3TX2bHaAR67BbRkUR11JgWE3U8+FsGrYmPZtaKM6fg8Mh0WZ41oMYQ NJyQixOktrgqfybyJoT5PeT5AA7QQmd8mku2X9nkAu6gWPf2nHNc7SeQdijmyQQa VK3oqyaxOzWzsU/XbfMEz/ObkefUxgt5Z6jlK0xcW0Q+QgtawMKLUiuo6obWRPcl 7Hm9Sze8XJS5pbvS5JkUszxoRZuDVHZylrlHIpA/IL+BnvS+M7SP28UWe9skrv/s 6ACpJtuPJ1EYf5fakugOpY7i+hq7YNi//csbc49Qjn2OtttrR7JcTaHUEU1I/tQb QGAtNkI4pJjRVUdDawQFQlWHZD1COixNLErs2HzAI00DhLrY6SKITI/kjN0Xx010 XdMcdfay0PLWm6RwxiRmMQFL4GNIC895NF1q6xV4W4rWgqUNlcvKpy+i1chWpRbU He16ul0qh10fcESrRvAbXn5YrQJLrwbSr+85ubN8lYdNLE0qg2cIXZlUilarZZzW ghtCe+KkUpjfRuAi/CqfSwNK3QXEfeVEK6S49mHeSekOizFIw7fmDhCz9vXwMOnb ryRSLEJks0gIRcSDVChXheAqC98y4kcQdniNWFnqJXoqA+rrSokCAwEAAaNmMGQw HQYDVR0OBBYEFK8UXC/sq6dGVFAqEXHsQDzqzwuUMB8GA1UdIwQYMBaAFEHz6RRu OuXj2mwAzOeUinfWeivpMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQD AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBDAAaOE2Nbb49eOjyTNxIeOB+ZKQjJ1hUE gRrootAA8NYbtKW/vyxTWnNi5XOGXd4DFS9OKZ0mL/7NyLc0mbTwPH2ZT8KTPUTS Cpo6yktZ/7TMjyAtWZiOMg2EH+6m/nlNSXk/v5fb8+JQLdZfpxoA017dHh3tc8l7 KOskCZNwQHgF/YMXrPXUNbsGkXRuJLtpjPw5O9GvPys7p+a1aJH1WCTly9zfB6j+ rMF+UGCPDT30sxitVlohik83j6pKLgEAP/gi8nJbILlTP7ce+gJeHR2tfDvmK91X 6QgCF2STUFBU7/9H1/pPRRykOxQpAd8xqSgqGEyp9Ie4tysZjwoUEnG8IVJ5ykrI Fximvnb4B+LABV9WEo08n8m1R8wEryrISi8fBPn3Pr5nuayOfFLa15CLTkZF40FN 8ika1qNZy8bWRDwTZJQUUb7VCheRWcMwdZdNmhl3J+VZLpQ+ruW7b2ajwacHz5Nw BHKNcmxXb/4vHq/BnlcayHnSqT6036+OZQ+owDegcYmWV6LaM7xLErjHz2EE38M2 YSiW5SU1zluDe+iHb6l3Gd3Fj/X1gkMWFgYh0XPMSUSyimLNYzy4THKzmWlcQNFo LLiIDbLrMt+vk+vBkIsNTTPXRJOFPBhmIF6uIUj+2YhzNotX/pQtqMKms3pPlmHq dH6biwygETCCBhYwggP+oAMCAQICCQDquKpymLJ5WzANBgkqhkiG9w0BAQsFADCB lzELMAkGA1UEBhMCVVMxFzAVBgNVBAgMDk5vcnRoIENhcm9saW5hMRIwEAYDVQQH DAlDaGFybG90dGUxEzARBgNVBAoMCk5ldEZvdW5kcnkxKTAnBgNVBAsMIE5ldEZv dW5kcnkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRswGQYDVQQDDBJOZXRGb3VuZHJ5 IFJvb3QgQ0EwHhcNMTgwNTE4MTY1NDQ3WhcNMzgwNTEzMTY1NDQ3WjCBlzELMAkG A1UEBhMCVVMxFzAVBgNVBAgMDk5vcnRoIENhcm9saW5hMRIwEAYDVQQHDAlDaGFy bG90dGUxEzARBgNVBAoMCk5ldEZvdW5kcnkxKTAnBgNVBAsMIE5ldEZvdW5kcnkg Q2VydGlmaWNhdGUgQXV0aG9yaXR5MRswGQYDVQQDDBJOZXRGb3VuZHJ5IFJvb3Qg Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKq/Xa+749Cr3WJGYD DIEtNKIRnTFc6TeiRSm/O7hG2+1Nrh/dObjZJuDjsopWP8NFA/DwlNyEphYKAeSw HDmu+4nFd6ifoeDE2lYq6bNhLcgN+A3MlN5Phb2rnO32YYZwHXGWov+jtd2gaK0f WsH8CQxn6n2v7qvPMTeYFP8p4jqTZw2bvZWw+LMYTFCy541DFqQLQasMg10mXRAV XO7Oa9y+D1re1zLq4wS6u8ItJoKzfmvZkMvD90C/tQ4u0iJaL7GB2SE9MOPDeGVv pnoSAIkSVmvRDUAj2x9PuukykzoL1OAWzc5Cg+5LxRmLejVE7PvPcHaTtNag2tRD w2vbMeFKN8NvQH1QYcaPWZe4Vl9b6DAuTaH5RN919H/F+ZHyjZybVPwC14lflneI KyNy8JEV/YMIbEADWnuiedzDehk2Opn+0+9Zr2X/xfjCo8iWHFbNaVnQX7wdRaOo 783lEouncqe46FDBLBpyAuDKHQpIT3MK8rkC/1yBNxsH44vMweUZuK0u7PC9KHtm pQfuflYGfxA34kY6WU3jzyQHetoLYjoxTqNEEjuGpwy2o1j7RaCBEFIbYlnlbhpE WFTaQf96z2GQ6m1U3y7JyDflHSu9Fo1JNkG3qXsjDwda/6W7NRJRgdFrhnOwrm7F 6L9X4P1HnzU/VJL66LwPmiHVjQIDAQABo2MwYTAdBgNVHQ4EFgQUQfPpFG465ePa bADM55SKd9Z6K+kwHwYDVR0jBBgwFoAUQfPpFG465ePabADM55SKd9Z6K+kwDwYD VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIB ACfU74aKWROaxnue8tZb5PFkEbnDRcRrKXRhnptA0vrgB4ydnYxX9hEBZD8o6PBy 3rewvl5meSOBE6zyb4JD80lHdzHSVFIwbzsNOeEjCslv/PA/3Y+J7DCt6gPNMDeY uEssdqeSiMoYz2gnven4flSMKgTAJd3/SpVrn35HzXiU9MkmFVpPEMnTctOjw+Jn cCkG5+D9N14dxtgZ/tUfbH+GUfhyGVxRdPrX5KQqAyapMfEaMXXa8KNs7PG+sDiS WI+Sg9jUGtxgkfKdVNtFW+QMXyy7eT3iXPA+1r2hFAhgfIaGtBJUhxPHMhKtjbAg AX+6+2D3GAbaD1+lcQHhKry3hygQ3OX79FJW6zyPS0tiV/LfovHqX/3x9q5PTVBO wEOS2/LCc4R2M7S+HIPf4eSJ+nH4uCIdJ42WCror/mRsuL7geCksi70GHuCynP4y qQFszu/UtbBEsN8loTnLpOInxaGB1Y8UPm14b2Lo1/3HkoMVh0/UaHJ0TmnZ1r7m fGhfRyAZYRdvT1sB+Eb4b5A2zEZqsTc9IwFOhnI4ZilPoZ5s2xejqrVw3GSvovEh dprrQmvxuh+VQ23y/+/4z9b2xWyDu2zVveB4whqPe2rkgxJrEl4GfLk2DW+dN6j8 3Zl4lPoUZYwzkC6raCaHyFlAoaTbqz0H6rvVJYxJPS6UoQAxAA== type: string security: [] summary: Get CA Cert Store tags: - Well Known /api-sessions: get: description: | Returns a list of active API sessions. The resources can be sorted, filtered, and paginated. This endpoint requires admin access. operationId: listAPISessions parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string produces: - application/json; charset=utf-8 responses: "200": description: A list of active API Sessions headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listApiSessionsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List active API sessions tags: - API Session /api-sessions/{id}: delete: description: Deletes and API sesion by id. Requires admin access. operationId: deleteAPISessions responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "403": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] summary: Deletes an API Sessions tags: - API Session get: description: Retrieves a single API Session by id. Requires admin access. operationId: detailAPISessions responses: "200": description: Retrieves a singular API Session by id headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailApiSessionEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single API Session tags: - API Session parameters: - description: The id of the requested resource in: path name: id required: true type: string /auth-policies: get: description: Retrieves a list of Auth Policies operationId: listAuthPolicies parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of Auth Policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listAuthPoliciesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List Auth Policies tags: - Auth Policy post: description: Creates an Auth Policy. Requires admin access. operationId: createAuthPolicy parameters: - description: An Auth Policy to create in: body name: authPolicy required: true schema: $ref: '#/definitions/authPolicyCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Creates an Auth Policy tags: - Auth Policy /auth-policies/{id}: delete: description: | Delete an Auth Policy by id. Requires admin access. operationId: deleteAuthPolicy responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete an Auth Policy tags: - Auth Policy get: description: Retrieves a single Auth Policy by id. Requires admin access. operationId: detailAuthPolicy responses: "200": description: A singular Auth Policy resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailAuthPolicyEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single Auth Policy tags: - Auth Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update only the supplied fields on an Auth Policy by id. Requires admin access. operationId: patchAuthPolicy parameters: - description: An Auth Policy patch object in: body name: authPolicy required: true schema: $ref: '#/definitions/authPolicyPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on an Auth Policy tags: - Auth Policy put: description: Update all fields on an Auth Policy by id. Requires admin access. operationId: updateAuthPolicy parameters: - description: An Auth Policy update object in: body name: authPolicy required: true schema: $ref: '#/definitions/authPolicyUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on an Auth Policy tags: - Auth Policy /authenticate: parameters: - enum: - password - cert - ext-jwt in: query name: method required: true type: string post: description: | Allowed authentication methods include "password", "cert", and "ext-jwt" operationId: authenticate parameters: - in: body name: auth schema: $ref: '#/definitions/authenticate' responses: "200": description: The API session associated with the session used to issue the request examples: default: data: _links: self: href: ./current-api-session configTypes: [] createdAt: "2020-03-09T19:03:49.1883693Z" expiresAt: "2020-03-09T19:34:21.5600897Z" id: 27343114-b44f-406e-9981-f3c4f2f28d54 identity: _links: self: href: ./identities/66352d7b-a6b2-4ce9-85bb-9f18e318704d id: 66352d7b-a6b2-4ce9-85bb-9f18e318704d name: Default Admin urlName: identities tags: - userField1: !!float 123 - userField2: asdf token: 28bb0ed2-0577-4632-ae70-d17106b92871 updatedAt: "2020-03-09T19:04:21.5600897Z" meta: {} headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/currentApiSessionDetailEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The authentication request could not be processed as the credentials are invalid examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: INVALID_AUTH message: The authentication request failed requestId: 5952ed10-3091-474f-a691-47ebab6990dc meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: [] summary: Authenticate via a method supplied via a query string parameter tags: - Authentication /authenticate/mfa: post: description: Completes MFA authentication by submitting a MFA time based one time token or backup code. operationId: authenticateMfa parameters: - description: An MFA validation request in: body name: mfaAuth required: true schema: $ref: '#/definitions/mfaCode' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Complete MFA authentication tags: - Authentication - MFA /authenticators: get: description: | Returns a list of authenticators associated to identities. The resources can be sorted, filtered, and paginated. This endpoint requires admin access. operationId: listAuthenticators parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of authenticators headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listAuthenticatorsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List authenticators tags: - Authenticator post: description: | Creates an authenticator for a specific identity. Requires admin access. operationId: createAuthenticator parameters: - description: A Authenticator create object in: body name: authenticator required: true schema: $ref: '#/definitions/authenticatorCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Creates an authenticator tags: - Authenticator /authenticators/{id}: delete: description: | Delete an authenticator by id. Deleting all authenticators for an identity will make it impossible to log in. Requires admin access. operationId: deleteAuthenticator responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete an Authenticator tags: - Authenticator get: description: Retrieves a single authenticator by id. Requires admin access. operationId: detailAuthenticator responses: "200": description: A singular authenticator resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailAuthenticatorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single authenticator tags: - Authenticator parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on an authenticator by id. Requires admin access. operationId: patchAuthenticator parameters: - description: An authenticator patch object in: body name: authenticator required: true schema: $ref: '#/definitions/authenticatorPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on an authenticator tags: - Authenticator put: description: Update all fields on an authenticator by id. Requires admin access. operationId: updateAuthenticator parameters: - description: An authenticator put object in: body name: authenticator required: true schema: $ref: '#/definitions/authenticatorUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on an authenticator tags: - Authenticator /authenticators/{id}/re-enroll: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: "Allows an authenticator to be reverted to an enrollment and allows re-enrollment to occur. On success the \ncreated enrollment record response is provided and the source authenticator record will be deleted. The \nenrollment created depends on the authenticator. UPDB authenticators result in UPDB enrollments, CERT\nauthenticators result in OTT enrollments, CERT + CA authenticators result in OTTCA enrollments.\n" operationId: reEnrollAuthenticator parameters: - description: A reEnrollment request in: body name: reEnroll required: true schema: $ref: '#/definitions/reEnroll' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Reverts an authenticator to an enrollment tags: - Authenticator /authenticators/{id}/request-extend: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: "Allows a certificate authenticator to be flagged for early extension and optionally private key rolling. \nConnecting clients will receive flags in their API Session indicating that an early extension is request and\na hint on whether private keys should be rolled. Clients that do not support extension or cannot roll keys\nmay ignore one or both flags.\n\nIf this request is made against a non-certificate based authenticator, it will return a 403-forbidden error.\n" operationId: requestExtendAuthenticator parameters: - description: A request to flag a certificate authenticator for early extension/key rolling. in: body name: requestExtendAuthenticator required: true schema: $ref: '#/definitions/requestExtendAuthenticator' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "403": description: The request could not be completed and will never complete due to unchangeable state or conflicts. headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Indicate a certificate authenticator should be extended and optionally key rolled on next authentication. tags: - Authenticator /cas: get: description: Retrieves a list of CA resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listCas parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of Certificate Authorities (CAs) headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listCasEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List CAs tags: - Certificate Authority post: description: Creates a CA in an unverified state. Requires admin access. operationId: createCa parameters: - description: A CA to create in: body name: ca required: true schema: $ref: '#/definitions/caCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Creates a CA tags: - Certificate Authority /cas/{id}: delete: description: | Delete a CA by id. Deleting a CA will delete its associated certificate authenticators. This can make it impossible for identities to authenticate if they no longer have any valid authenticators. Requires admin access. operationId: deleteCa responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a CA tags: - Certificate Authority get: description: Retrieves a single CA by id. Requires admin access. operationId: detailCa responses: "200": description: A singular Certificate Authority (CA) resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailCaEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single CA tags: - Certificate Authority parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update only the supplied fields on a CA by id. Requires admin access. operationId: patchCa parameters: - description: A CA patch object in: body name: ca required: true schema: $ref: '#/definitions/caPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a CA tags: - Certificate Authority put: description: Update all fields on a CA by id. Requires admin access. operationId: updateCa parameters: - description: A CA update object in: body name: ca required: true schema: $ref: '#/definitions/caUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a CA tags: - Certificate Authority /cas/{id}/jwt: get: description: | For CA auto enrollment, the enrollment JWT is static and provided on each CA resource. This endpoint provides the jwt as a text response. operationId: getCaJwt produces: - application/jwt responses: "200": description: The result is the JWT text to validate the CA examples: application/jwt: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImNhIiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6MTI 4MC8ifQ.Ot6lhNBSOw8ygHytdI5l7WDf9EWadOj44UPvJ0c-8mJ54fClWM3uMZrAHSSfV6KmOSZOeBBJe4VlNyoD-_MOECP0BzYSnSQP3E zJb0VlM-fFmGcKNGW157icyZNISfO43JL_Lw2QPBzTgikqSIj9eZnocC3BeAmZCHsVznnLfHWqDldcmuxnu-5MNOSrWV1x9iVcgLFlLHXK 2PLA4qIiZmlQTrQjpHJmUaoJ07mnj8hMKzxB3wBG8kpazjEo7HDRCO06aBH4eqFgf_l0iT8Dzcb31jquWMGUoSXPhf4lVJh_FiNcR1wVx- UiHLbG5h23Aqf1UJF-F38rc1FElKz0Zg schema: type: string "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieve the enrollment JWT for a CA tags: - Certificate Authority parameters: - description: The id of the requested resource in: path name: id required: true type: string /cas/{id}/verify: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: consumes: - text/plain description: | Allows a CA to become verified by submitting a certificate in PEM format that has been signed by the target CA. The common name on the certificate must match the verificationToken property of the CA. Unverfieid CAs can not be used for enrollment/authentication. Requires admin access. operationId: verifyCa parameters: - description: A PEM formatted certificate signed by the target CA with the common name matching the CA's validationToken in: body name: certificate required: true schema: type: string responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Verify a CA tags: - Certificate Authority /config-types: get: description: | Retrieves a list of config-type resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listConfigTypes parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of config-types headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listConfigTypesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List config-types tags: - Config post: operationId: createConfigType parameters: - description: A config-type to create in: body name: configType required: true schema: $ref: '#/definitions/configTypeCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a config-type. Requires admin access. tags: - Config /config-types/{id}: delete: description: Delete a config-type by id. Removing a configuration type that are in use will result in a 409 conflict HTTP status code and error. All configurations of a type must be removed first. operationId: deleteConfigType responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a config-type tags: - Config get: description: Retrieves a single config-type by id. Requires admin access. operationId: detailConfigType responses: "200": description: A singular config-type resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailConfigTypeEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single config-type tags: - Config parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a config-type. Requires admin access. operationId: patchConfigType parameters: - description: A config-type patch object in: body name: configType required: true schema: $ref: '#/definitions/configTypePatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a config-type tags: - Config put: description: Update all fields on a config-type by id. Requires admin access. operationId: updateConfigType parameters: - description: A config-type update object in: body name: configType required: true schema: $ref: '#/definitions/configTypeUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a config-type tags: - Config /config-types/{id}/configs: get: description: Lists the configs associated to a config-type. Requires admin access. operationId: listConfigsForConfigType responses: "200": description: A list of configs headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listConfigsEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Lists the configs of a specific config-type tags: - Config parameters: - description: The id of the requested resource in: path name: id required: true type: string /configs: get: description: | Retrieves a list of config resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listConfigs parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of configs headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listConfigsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List configs tags: - Config post: description: Create a config resource. Requires admin access. operationId: createConfig parameters: - description: A config to create in: body name: config required: true schema: $ref: '#/definitions/configCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a config resource tags: - Config /configs/{id}: delete: description: Delete a config by id. Requires admin access. operationId: deleteConfig responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a config tags: - Config get: description: Retrieves a single config by id. Requires admin access. operationId: detailConfig responses: "200": description: A singular config resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailConfigEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single config tags: - Config parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a config. Requires admin access. operationId: patchConfig parameters: - description: A config patch object in: body name: config required: true schema: $ref: '#/definitions/configPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a config tags: - Config put: description: Update all fields on a config by id. Requires admin access. operationId: updateConfig parameters: - description: A config update object in: body name: config required: true schema: $ref: '#/definitions/configUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a config tags: - Config /configs/{id}/services: get: description: | Retrieves a list of service resources that reference a given config; supports filtering, sorting, and pagination. Requires admin access. operationId: listConfigServices parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of services headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicesEnvelope' "400": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List services referenced by a config tags: - Config parameters: - description: The id of the requested resource in: path name: id required: true type: string /controller-settings: get: description: | Retrieves a list controller settings including the base `global` settings object and any overriding controller specific settings. operationId: listControllerSettings parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of controller setting objects headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listControllerSettingEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List controller settings tags: - Settings post: description: Create a new controller specific settings object. Requires admin access. operationId: createControllerSetting parameters: - description: A controller settings object to create in: body name: controllerSetting required: true schema: $ref: '#/definitions/controllerSettingCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a controller specific setting tags: - Settings /controller-settings/{id}: get: description: Retrieves a single controller setting object by id. Requires admin access. operationId: detailControllerSetting responses: "200": description: A singular controller setting object headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailControllerSettingEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single controller setting object. tags: - Settings parameters: - description: The id of the requested resource in: path name: id required: true type: string /controller-settings/{id}/effective: delete: description: Delete a controller setting object by id. Requires admin access. operationId: deleteControllerSetting responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a controller setting object tags: - Settings get: description: Retrieves a single controller's effective setting object by id. Requires admin access. operationId: detailControllerSettingEffective responses: "200": description: A singular controller's effective setting object headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailControllerSettingEffectiveEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single controller's effective calculated settings from the instance and global configuration. tags: - Settings parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a controller setting object. Requires admin access. operationId: patchControllerSetting parameters: - description: A controller setting object patch object in: body name: controllerSetting required: true schema: $ref: '#/definitions/controllerSettingPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a controller setting object tags: - Settings put: description: Update all fields on a controller setting object by id. Requires admin access. operationId: updateControllerSetting parameters: - description: A controller setting update object in: body name: controllerSetting required: true schema: $ref: '#/definitions/controllerSettingUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a controller setting object tags: - Settings /controllers: get: description: Retrieves a list of controllers operationId: listControllers parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of controllers headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listControllersEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List controllers tags: - Controllers /current-api-session: delete: description: Terminates the current API session responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Logout tags: - Current API Session get: description: Retrieves the API session that was used to issue the current request operationId: getCurrentAPISession responses: "200": description: The API session associated with the session used to issue the request examples: default: data: _links: self: href: ./current-api-session configTypes: [] createdAt: "2020-03-09T19:03:49.1883693Z" expiresAt: "2020-03-09T19:34:21.5600897Z" id: 27343114-b44f-406e-9981-f3c4f2f28d54 identity: _links: self: href: ./identities/66352d7b-a6b2-4ce9-85bb-9f18e318704d id: 66352d7b-a6b2-4ce9-85bb-9f18e318704d name: Default Admin urlName: identities tags: - userField1: !!float 123 - userField2: asdf token: 28bb0ed2-0577-4632-ae70-d17106b92871 updatedAt: "2020-03-09T19:04:21.5600897Z" meta: {} headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/currentApiSessionDetailEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Return the current API session tags: - Current API Session /current-api-session/totp-token: post: description: | Creates a TOTP token that proves TOTP validation occurred at a specific time. Used in posture response for posture checks. operationId: createTotpToken parameters: - description: An MFA TOTP validation request in: body name: mfaValidation required: true schema: $ref: '#/definitions/mfaCode' responses: "200": description: A TOTP token create response, contains a token used to satisfy posture checks headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/totpTokenEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create an MFA TOTP token that proves TOTP code checking has passed as a specific time for posture checks. tags: - Current API Session - MFA /current-identity: get: description: Returns the identity associated with the API sessions used to issue the current request operationId: getCurrentIdentity responses: "200": description: The identity associated with the API Session used to issue the request examples: default: data: _links: edge-router-policies: href: ./identities/66352d7b-a6b2-4ce9-85bb-9f18e318704d/edge-routers self: href: ./identities/66352d7b-a6b2-4ce9-85bb-9f18e318704d service-policies: href: ./identities/66352d7b-a6b2-4ce9-85bb-9f18e318704d/identities authenticators: updb: username: admin createdAt: "2020-01-13T16:38:13.6854788Z" enrollment: {} id: 66352d7b-a6b2-4ce9-85bb-9f18e318704d isAdmin: true isDefaultAdmin: true name: Default Admin roleAttributes: [] tags: {} type: _links: self: href: ./identity-types/User id: User name: User urlName: identity-types updatedAt: "2020-01-13T16:38:13.6854788Z" meta: {} headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/currentIdentityDetailEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Return the current identity tags: - Current Identity /current-identity/authenticators: get: description: Retrieves a list of authenticators assigned to the current API session's identity; supports filtering, sorting, and pagination. operationId: listCurrentIdentityAuthenticators parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of authenticators headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listAuthenticatorsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List authenticators for the current identity tags: - Current API Session /current-identity/authenticators/{id}: get: description: Retrieves a single authenticator by id. Will only show authenticators assigned to the API session's identity. operationId: detailCurrentIdentityAuthenticator responses: "200": description: A singular authenticator resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailAuthenticatorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieve an authenticator for the current identity tags: - Current API Session parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: | Update the supplied fields on an authenticator by id. Will only update authenticators assigned to the API session's identity. operationId: patchCurrentIdentityAuthenticator parameters: - description: An authenticator patch object in: body name: authenticator required: true schema: $ref: '#/definitions/authenticatorPatchWithCurrent' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on an authenticator of this identity tags: - Current API Session put: description: | Update all fields on an authenticator by id. Will only update authenticators assigned to the API session's identity. operationId: updateCurrentIdentityAuthenticator parameters: - description: An authenticator put object in: body name: authenticator required: true schema: $ref: '#/definitions/authenticatorUpdateWithCurrent' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on an authenticator of this identity tags: - Current API Session /current-identity/authenticators/{id}/extend: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: |- This endpoint only functions for certificates issued by the controller. 3rd party certificates are not handled. Allows an identity to extend its certificate's expiration date by using its current and valid client certificate to submit a CSR. This CSR may be passed in using a new private key, thus allowing private key rotation. The response from this endpoint is a new client certificate which the client must be verified via the /authenticators/{id}/extend-verify endpoint. After verification is completion any new connections must be made with new certificate. Prior to verification the old client certificate remains active. operationId: extendCurrentIdentityAuthenticator parameters: - in: body name: extend required: true schema: $ref: '#/definitions/identityExtendEnrollmentRequest' responses: "200": description: A response containg the identity's new certificate headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/identityExtendEnrollmentEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Allows the current identity to recieve a new certificate associated with a certificate based authenticator tags: - Current API Session - Enroll - Extend Enrollment /current-identity/authenticators/{id}/extend-verify: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: |- After submitting a CSR for a new client certificate the resulting public certificate must be re-submitted to this endpoint to verify receipt. After receipt, the new client certificate must be used for new authentication requests. operationId: extendVerifyCurrentIdentityAuthenticator parameters: - in: body name: extend required: true schema: $ref: '#/definitions/identityExtendValidateEnrollmentRequest' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Allows the current identity to validate reciept of a new client certificate tags: - Current API Session - Enroll - Extend Enrollment /current-identity/mfa: delete: description: | Disable MFA for the current identity. Requires a current valid time based one time password if MFA enrollment has been completed. If not, code should be an empty string. If one time passwords are not available and admin account can be used to remove MFA from the identity via `DELETE /identities//mfa`. operationId: deleteMfa parameters: - in: header name: mfa-validation-code type: string responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Disable MFA for the current identity tags: - Current Identity - MFA get: description: | Returns details about the current MFA enrollment. If enrollment has not been completed it will return the current MFA configuration details necessary to complete a `POST /current-identity/mfa/verify`. operationId: detailMfa responses: "200": description: The details of an MFA enrollment headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailMfaEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Returns the current status of MFA enrollment tags: - Current Identity - MFA post: description: | Allows authenticator based MFA enrollment. If enrollment has already been completed, it must be disabled before attempting to re-enroll. Subsequent enrollment request is completed via `POST /current-identity/mfa/verify` operationId: enrollMfa responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The identity is already enrolled in MFA examples: application/json: error: args: null cause: null causeMessage: "" code: ALREADY_MFA_ENROLLED message: The identity is already enrolled in MFA requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Initiate MFA enrollment tags: - Current Identity - MFA /current-identity/mfa/qr-code: get: description: | Shows an QR code image for unverified MFA enrollments. 404s if the MFA enrollment has been completed or not started. operationId: detailMfaQrCode produces: - image/png - application/json responses: "200": description: OK "404": description: No MFA enrollment or MFA enrollment is completed security: - ztSession: [] - oauth2: - openid summary: Show a QR code for unverified MFA enrollments tags: - Current Identity - MFA /current-identity/mfa/recovery-codes: get: description: | Allows the viewing of recovery codes of an MFA enrollment. Requires a current valid time based one time password to interact with. Available after a completed MFA enrollment. operationId: detailMfaRecoveryCodes parameters: - description: An MFA validation request in: body name: mfaValidation schema: $ref: '#/definitions/mfaCode' - in: header name: mfa-validation-code type: string responses: "200": description: The recovery codes of an MFA enrollment headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailMfaRecoveryCodesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: For a completed MFA enrollment view the current recovery codes tags: - Current Identity - MFA post: description: | Allows regeneration of recovery codes of an MFA enrollment. Requires a current valid time based one time password to interact with. Available after a completed MFA enrollment. This replaces all existing recovery codes. operationId: createMfaRecoveryCodes parameters: - description: An MFA validation request in: body name: mfaValidation required: true schema: $ref: '#/definitions/mfaCode' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: For a completed MFA enrollment regenerate the recovery codes tags: - Current Identity - MFA /current-identity/mfa/verify: post: description: | Completes MFA enrollment by accepting a time based one time password as verification. Called after MFA enrollment has been initiated via `POST /current-identity/mfa`. operationId: verifyMfa parameters: - description: An MFA validation request in: body name: mfaValidation required: true schema: $ref: '#/definitions/mfaCode' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Complete MFA enrollment by verifying a time based one time token tags: - Current Identity - MFA /database/check-data-integrity: post: description: Starts a data integrity scan on the datastore. Requires admin access. Only once instance may run at a time, including runs of fixDataIntegrity. operationId: checkDataIntegrity responses: "202": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Starts a data integrity scan on the datastore tags: - Database /database/data-integrity-results: get: description: Returns any results found from in-progress integrity checks. Requires admin access. operationId: dataIntegrityResults responses: "200": description: A list of data integrity issues found headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/dataIntegrityCheckResultEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Returns any results found from in-progress integrity checks tags: - Database /database/fix-data-integrity: post: description: Runs a data integrity scan on the datastore, attempts to fix any issues it can, and returns any found issues. Requires admin access. Only once instance may run at a time, including runs of checkDataIntegrity. operationId: fixDataIntegrity responses: "202": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Runs a data integrity scan on the datastore, attempts to fix any issues it can and returns any found issues tags: - Database /database/snapshot: post: description: Create a new database snapshot. Requires admin access. operationId: createDatabaseSnapshot responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a new database snapshot tags: - Database /edge-router-policies: get: description: | Retrieves a list of edge router policy resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listEdgeRouterPolicies parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of edge router policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRouterPoliciesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List edge router policies tags: - Edge Router Policy post: description: Create an edge router policy resource. Requires admin access. operationId: createEdgeRouterPolicy parameters: - description: An edge router policy to create in: body name: policy required: true schema: $ref: '#/definitions/edgeRouterPolicyCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create an edge router policy resource tags: - Edge Router Policy /edge-router-policies/{id}: delete: description: Delete an edge router policy by id. Requires admin access. operationId: deleteEdgeRouterPolicy responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete an edge router policy tags: - Edge Router Policy get: description: Retrieves a single edge router policy by id. Requires admin access. operationId: detailEdgeRouterPolicy responses: "200": description: A single edge router policy headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailEdgeRouterPolicyEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single edge router policy tags: - Edge Router Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on an edge router policy. Requires admin access. operationId: patchEdgeRouterPolicy parameters: - description: An edge router policy patch object in: body name: policy required: true schema: $ref: '#/definitions/edgeRouterPolicyPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on an edge router policy tags: - Edge Router Policy put: description: Update all fields on an edge router policy by id. Requires admin access. operationId: updateEdgeRouterPolicy parameters: - description: An edge router policy update object in: body name: policy required: true schema: $ref: '#/definitions/edgeRouterPolicyUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on an edge router policy tags: - Edge Router Policy /edge-router-policies/{id}/edge-routers: get: description: | Retrieves a list of edge routers an edge router policy resources affects; supports filtering, sorting, and pagination. Requires admin access. operationId: listEdgeRouterPolicyEdgeRouters responses: "200": description: A list of edge routers headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRoutersEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List edge routers a policy affects tags: - Edge Router Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string /edge-router-policies/{id}/identities: get: description: | Retrieves a list of identities an edge router policy resources affects; supports filtering, sorting, and pagination. Requires admin access. operationId: listEdgeRouterPolicyIdentities responses: "200": description: A list of identities headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listIdentitiesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List identities an edge router policy affects tags: - Edge Router Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string /edge-router-role-attributes: get: description: | Retrieves a list of role attributes in use by edge routers; supports filtering, sorting, and pagination. Requires admin access. operationId: listEdgeRouterRoleAttributes parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of role attributes headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listRoleAttributesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List role attributes in use by edge routers tags: - Role Attributes /edge-routers: get: description: | Retrieves a list of edge router resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listEdgeRouters parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string - collectionFormat: multi in: query items: type: string name: roleFilter type: array - in: query name: roleSemantic type: string responses: "200": description: A list of edge routers headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRoutersEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List edge routers tags: - Edge Router post: description: Create a edge router resource. Requires admin access. operationId: createEdgeRouter parameters: - description: A edge router to create in: body name: edgeRouter required: true schema: $ref: '#/definitions/edgeRouterCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create an edge router tags: - Edge Router /edge-routers/{id}: delete: description: Delete an edge router by id. Requires admin access. operationId: deleteEdgeRouter responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete an edge router tags: - Edge Router get: description: Retrieves a single edge router by id. Requires admin access. operationId: detailEdgeRouter responses: "200": description: A singular edge router resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailedEdgeRouterEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single edge router tags: - Edge Router parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on an edge router. Requires admin access. operationId: patchEdgeRouter parameters: - description: An edge router patch object in: body name: edgeRouter required: true schema: $ref: '#/definitions/edgeRouterPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on an edge router tags: - Edge Router put: description: Update all fields on an edge router by id. Requires admin access. operationId: updateEdgeRouter parameters: - description: An edge router update object in: body name: edgeRouter required: true schema: $ref: '#/definitions/edgeRouterUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on an edge router tags: - Edge Router /edge-routers/{id}/edge-router-policies: get: description: Retrieves a list of edge router policies that apply to the specified edge router. operationId: listEdgeRouterEdgeRouterPolicies responses: "200": description: A list of edge router policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRouterPoliciesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List the edge router policies that affect an edge router tags: - Edge Router parameters: - description: The id of the requested resource in: path name: id required: true type: string /edge-routers/{id}/identities: get: description: | Retrieves a list of identities that may access services via the given edge router. Supports filtering, sorting, and pagination. Requires admin access. operationId: listEdgeRouterIdentities responses: "200": description: A list of identities headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listIdentitiesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List associated identities tags: - Edge Router parameters: - description: The id of the requested resource in: path name: id required: true type: string /edge-routers/{id}/re-enroll: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: | Removes current certificate based authentication mechanisms and reverts the edge router into a state where enrollment must be performed. The router retains all other properties and associations. If the router is currently connected, it will be disconnected and any attemps to reconnect will fail until the enrollment process is completed with the newly generated JWT. If the edge router has an existing outstanding enrollment JWT it will be replaced. The previous JWT will no longer be usable to complete the enrollment process. operationId: reEnrollEdgeRouter responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Re-enroll an edge router tags: - Edge Router /edge-routers/{id}/service-edge-router-policies: get: description: Retrieves a list of service policies policies that apply to the specified edge router. operationId: listEdgeRouterServiceEdgeRouterPolicies responses: "200": description: A list of service policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicePoliciesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List the service policies that affect an edge router tags: - Edge Router parameters: - description: The id of the requested resource in: path name: id required: true type: string /edge-routers/{id}/services: get: description: | Retrieves a list of services that may be accessed via the given edge router. Supports filtering, sorting, and pagination. Requires admin access. operationId: listEdgeRouterServices responses: "200": description: A list of services headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List associated services tags: - Edge Router parameters: - description: The id of the requested resource in: path name: id required: true type: string /enrollments: get: description: | Retrieves a list of outstanding enrollments; supports filtering, sorting, and pagination. Requires admin access. operationId: listEnrollments parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of enrollments headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEnrollmentsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List outstanding enrollments tags: - Enrollment post: description: Creates a new OTT, OTTCA, or UPDB enrollment for a specific identity. If an enrollment of the same type is already outstanding the request will fail with a 409 conflict. If desired, an existing enrollment can be refreshed by `enrollments/:id/refresh` or deleted. operationId: createEnrollment parameters: - description: An enrollment to create in: body name: enrollment required: true schema: $ref: '#/definitions/enrollmentCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The request could not be completed due to a conflict of configuration or state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create an outstanding enrollment for an identity tags: - Enrollment /enrollments/{id}: delete: description: Delete an outstanding enrollment by id. Requires admin access. operationId: deleteEnrollment responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete an outstanding enrollment tags: - Enrollment get: description: Retrieves a single outstanding enrollment by id. Requires admin access. operationId: detailEnrollment responses: "200": description: A singular enrollment resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailEnrollmentEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves an outstanding enrollment tags: - Enrollment parameters: - description: The id of the requested resource in: path name: id required: true type: string /enrollments/{id}/refresh: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: For expired or unexpired enrollments, reset the expiration window. A new JWT will be generated and must be used for the enrollment. operationId: refreshEnrollment parameters: - description: An enrollment refresh request in: body name: refresh required: true schema: $ref: '#/definitions/enrollmentRefresh' responses: "200": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Refreshes an enrollment record's expiration window tags: - Enrollment /enumerated-capabilities: get: operationId: listEnumeratedCapabilities responses: "200": description: A typed and enumerated list of capabilities headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEnumeratedCapabilitiesEnvelope' security: [] summary: Returns all capabilities this version of the controller is aware of, enabled or not. tags: - Informational /external-jwt-signers: get: description: Retrieves a list of external JWT signers for authentication operationId: listExternalJwtSigners parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of External JWT Signers headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listExternalJwtSignersEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List External JWT Signers tags: - External JWT Signer post: description: Creates an External JWT Signer. Requires admin access. operationId: createExternalJwtSigner parameters: - description: An External JWT Signer to create in: body name: externalJwtSigner required: true schema: $ref: '#/definitions/externalJwtSignerCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Creates an External JWT Signer tags: - External JWT Signer /external-jwt-signers/{id}: delete: description: | Delete an External JWT Signer by id. Requires admin access. operationId: deleteExternalJwtSigner responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete an External JWT Signer tags: - External JWT Signer get: description: Retrieves a single External JWT Signer by id. Requires admin access. operationId: detailExternalJwtSigner responses: "200": description: A singular External JWT Signer resource headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailExternalJwtSignerEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single External JWT Signer tags: - External JWT Signer parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update only the supplied fields on an External JWT Signer by id. Requires admin access. operationId: patchExternalJwtSigner parameters: - description: An External JWT Signer patch object in: body name: externalJwtSigner required: true schema: $ref: '#/definitions/externalJwtSignerPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on an External JWT Signer tags: - External JWT Signer put: description: Update all fields on an External JWT Signer by id. Requires admin access. operationId: updateExternalJwtSigner parameters: - description: An External JWT Signer update object in: body name: externalJwtSigner required: true schema: $ref: '#/definitions/externalJwtSignerUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on an External JWT Signer tags: - External JWT Signer /identities: get: description: | Retrieves a list of identity resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listIdentities parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string - collectionFormat: multi in: query items: type: string name: roleFilter type: array - in: query name: roleSemantic type: string responses: "200": description: A list of identities headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listIdentitiesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List identities tags: - Identity post: description: Create an identity resource. Requires admin access. operationId: createIdentity parameters: - description: An identity to create in: body name: identity required: true schema: $ref: '#/definitions/identityCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create an identity resource tags: - Identity /identities/{id}: delete: description: Delete an identity by id. Requires admin access. operationId: deleteIdentity responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete an identity tags: - Identity get: description: Retrieves a single identity by id. Requires admin access. operationId: detailIdentity responses: "200": description: A single identity headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailIdentityEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single identity tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on an identity. Requires admin access. operationId: patchIdentity parameters: - description: An identity patch object in: body name: identity required: true schema: $ref: '#/definitions/identityPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on an identity tags: - Identity put: description: Update all fields on an identity by id. Requires admin access. operationId: updateIdentity parameters: - description: An identity update object in: body name: identity required: true schema: $ref: '#/definitions/identityUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on an identity tags: - Identity /identities/{id}/authenticators: get: description: | Returns a list of authenticators associated to the identity specified operationId: getIdentityAuthenticators responses: "200": description: A list of authenticators headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listAuthenticatorsEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieve the current authenticators of a specific identity tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/disable: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: | Reject an identity's API session requests for N minutes or indefinitely if 0. operationId: disableIdentity parameters: - description: Disable parameters in: body name: disable required: true schema: $ref: '#/definitions/disableParams' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Set an identity as disabled tags: - Identity /identities/{id}/edge-router-policies: get: description: Retrieves a list of edge router policies that apply to the specified identity. operationId: listIdentitysEdgeRouterPolicies responses: "200": description: A list of edge router policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRouterPoliciesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List the edge router policies that affect an identity tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/edge-routers: get: description: | Retrieves a list of edge-routers that the given identity may use to access services. Supports filtering, sorting, and pagination. Requires admin access. operationId: listIdentityEdgeRouters responses: "200": description: A list of edge routers headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRoutersEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List accessible edge-routers tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/enable: parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: | Allows an admin to remove disabled statuses from an identity. operationId: enableIdentity responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Clears all disabled state from an identity tags: - Identity /identities/{id}/enrollments: get: description: | Returns a list of enrollments associated to the identity specified operationId: getIdentityEnrollments responses: "200": description: A list of enrollments headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEnrollmentsEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieve the current enrollments of a specific identity tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/failed-service-requests: get: description: | Returns a list of service session requests that failed due to posture checks. The entries will contain every policy that was verified against and every failed check in each policy. Each check will include the historical posture data and posture check configuration. operationId: getIdentityFailedServiceRequests responses: "200": description: Returns a list of service request failures headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/failedServiceRequestEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieve a list of the most recent service failure requests due to posture checks tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/mfa: delete: description: | Allows an admin to remove MFA enrollment from a specific identity. Requires admin. operationId: removeIdentityMfa responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Remove MFA from an identitity tags: - Identity - MFA parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/policy-advice/{serviceId}: get: description: | Analyzes policies to see if the given identity should be able to dial or bind the given service. | Will check services policies to see if the identity can access the service. Will check edge router policies | to check if the identity and service have access to common edge routers so that a connnection can be made. | Will also check if at least one edge router is on-line. Requires admin access. operationId: getIdentityPolicyAdvice responses: "200": description: Returns the document that represents the policy advice headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/getIdentityPolicyAdviceEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Analyze policies relating the given identity and service tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string - description: The id of a service in: path name: serviceId required: true type: string /identities/{id}/posture-data: get: description: | Returns a nested map data represeting the posture data of the identity. This data should be considered volatile. operationId: getIdentityPostureData responses: "200": description: Returns the document that represents posture data headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/postureDataEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieve the curent posture data for a specific identity. tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/service-configs: delete: description: Remove service configs from a specific identity operationId: disassociateIdentitysServiceConfigs parameters: - description: An array of service and config id pairs to remove in: body name: serviceConfigIdPairs schema: $ref: '#/definitions/serviceConfigsAssignList' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Remove associated service configs from a specific identity tags: - Identity get: description: Retrieves a list of service configs associated to a specific identity operationId: listIdentitysServiceConfigs responses: "200": description: A list of service configs headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServiceConfigsEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List the service configs associated a specific identity tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string post: description: Associate service configs to a specific identity operationId: associateIdentitysServiceConfigs parameters: - description: A service config patch object in: body name: serviceConfigs required: true schema: $ref: '#/definitions/serviceConfigsAssignList' responses: "200": description: Base empty response headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Associate service configs for a specific identity tags: - Identity /identities/{id}/service-policies: get: description: Retrieves a list of service policies that apply to the specified identity. operationId: listIdentityServicePolicies responses: "200": description: A list of service policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicePoliciesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List the service policies that affect an identity tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/services: get: description: | Retrieves a list of services that the given identity has access to. Supports filtering, sorting, and pagination. Requires admin access. operationId: listIdentityServices parameters: - in: query name: filter type: string - enum: - dial - bind in: query name: policyType type: string responses: "200": description: A list of services headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List accessible services tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /identities/{id}/trace: parameters: - description: The id of the requested resource in: path name: id required: true type: string put: description: | Allows an admin to enable/disable data flow tracing for an identity operationId: updateIdentityTracing parameters: - description: A traceSpec object in: body name: traceSpec required: true schema: $ref: '#/definitions/traceSpec' responses: "200": description: Returns the document that represents the trace state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/traceDetailEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Enable/disable data flow tracing for an identity tags: - Identity - Tracing /identity-role-attributes: get: description: | Retrieves a list of role attributes in use by identities; supports filtering, sorting, and pagination. Requires admin access. operationId: listIdentityRoleAttributes parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of role attributes headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listRoleAttributesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List role attributes in use by identities tags: - Role Attributes /identity-types: get: description: | Retrieves a list of identity types; supports filtering, sorting, and pagination. Requires admin access. operationId: listIdentityTypes parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of identity types headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listIdentityTypesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List available identity types tags: - Identity /identity-types/{id}: get: description: Retrieves a single identity type by id. Requires admin access. operationId: detailIdentityType responses: "200": description: A single identity type headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailIdentityTypeEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a identity type tags: - Identity parameters: - description: The id of the requested resource in: path name: id required: true type: string /network-jwts: get: description: Returns a list of JWTs for trusting a network operationId: listNetworkJWTs responses: "200": description: A list of network JWTs headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listNetworkJWTsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' summary: Returns a list of JWTs suitable for bootstrapping network trust. tags: - Enrollment /posture-check-role-attributes: get: description: | Retrieves a list of role attributes in use by posture checks; supports filtering, sorting, and pagination. Requires admin access. operationId: listPostureCheckRoleAttributes parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of role attributes headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listRoleAttributesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List role attributes in use by posture checks tags: - Role Attributes /posture-check-types: get: description: | Retrieves a list of posture check types operationId: listPostureCheckTypes parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string produces: - application/json; charset=utf-8 responses: "200": description: A list of posture check types headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listPostureCheckTypesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List a subset of posture check types tags: - Posture Checks /posture-check-types/{id}: get: description: Retrieves a single posture check type by id operationId: detailPostureCheckType responses: "200": description: Retrieves a singular posture check type by id headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailPostureCheckTypeEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single posture check type tags: - Posture Checks parameters: - description: The id of the requested resource in: path name: id required: true type: string /posture-checks: get: description: | Retrieves a list of posture checks operationId: listPostureChecks parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string - collectionFormat: multi in: query items: type: string name: roleFilter type: array - in: query name: roleSemantic type: string produces: - application/json; charset=utf-8 responses: "200": description: A list of posture checks headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listPostureCheckEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List a subset of posture checks tags: - Posture Checks post: description: Creates a Posture Checks operationId: createPostureCheck parameters: - description: A Posture Check to create in: body name: postureCheck required: true schema: $ref: '#/definitions/postureCheckCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Creates a Posture Checks tags: - Posture Checks /posture-checks/{id}: delete: description: Deletes and Posture Checks by id operationId: deletePostureCheck responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "403": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Deletes an Posture Checks tags: - Posture Checks get: description: Retrieves a single Posture Checks by id operationId: detailPostureCheck responses: "200": description: Retrieves a singular posture check by id headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailPostureCheckEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single Posture Checks tags: - Posture Checks parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update only the supplied fields on a Posture Checks by id operationId: patchPostureCheck parameters: - description: A Posture Check patch object in: body name: postureCheck required: true schema: $ref: '#/definitions/postureCheckPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a Posture Checks tags: - Posture Checks put: description: Update all fields on a Posture Checks by id operationId: updatePostureCheck parameters: - description: A Posture Check update object in: body name: postureCheck required: true schema: $ref: '#/definitions/postureCheckUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a Posture Checks tags: - Posture Checks /routers: get: description: | Retrieves a list of router resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listRouters parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of specifications headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listRoutersEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List routers tags: - Router post: description: Create a router resource. Requires admin access. operationId: createRouter parameters: - description: A router to create in: body name: router required: true schema: $ref: '#/definitions/routerCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a router resource tags: - Router /routers/{id}: delete: description: Delete a router by id. Requires admin access. operationId: deleteRouter responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a router tags: - Router get: description: Retrieves a single router by id. Requires admin access. operationId: detailRouter responses: "200": description: A single router headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailRouterEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single router tags: - Router parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a router. Requires admin access. operationId: patchRouter parameters: - description: A router patch object in: body name: router required: true schema: $ref: '#/definitions/routerPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a router tags: - Router put: description: Update all fields on a router by id. Requires admin access. operationId: updateRouter parameters: - description: A router update object in: body name: router required: true schema: $ref: '#/definitions/routerUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a router tags: - Router /service-edge-router-policies: get: description: | Retrieves a list of service edge router policy resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listServiceEdgeRouterPolicies parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of service edge router policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServiceEdgeRouterPoliciesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List service edge router policies tags: - Service Edge Router Policy post: description: Create a service edge router policy resource. Requires admin access. operationId: createServiceEdgeRouterPolicy parameters: - description: A service edge router policy to create in: body name: policy required: true schema: $ref: '#/definitions/serviceEdgeRouterPolicyCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a service edge router policy resource tags: - Service Edge Router Policy /service-edge-router-policies/{id}: delete: description: Delete a service edge policy by id. Requires admin access. operationId: deleteServiceEdgeRouterPolicy responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a service edge policy tags: - Service Edge Router Policy get: description: Retrieves a single service edge policy by id. Requires admin access. operationId: detailServiceEdgeRouterPolicy responses: "200": description: A single service edge router policy headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailServiceEdgePolicyEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single service edge policy tags: - Service Edge Router Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a service edge policy. Requires admin access. operationId: patchServiceEdgeRouterPolicy parameters: - description: A service edge router policy patch object in: body name: policy required: true schema: $ref: '#/definitions/serviceEdgeRouterPolicyPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a service edge policy tags: - Service Edge Router Policy put: description: Update all fields on a service edge policy by id. Requires admin access. operationId: updateServiceEdgeRouterPolicy parameters: - description: A service edge router policy update object in: body name: policy required: true schema: $ref: '#/definitions/serviceEdgeRouterPolicyUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a service edge policy tags: - Service Edge Router Policy /service-edge-router-policies/{id}/edge-routers: get: description: List the edge routers that a service edge router policy applies to operationId: listServiceEdgeRouterPolicyEdgeRouters responses: "200": description: A list of edge routers headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRoutersEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List the edge routers that a service edge router policy applies to tags: - Service Edge Router Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string /service-edge-router-policies/{id}/services: get: description: List the services that a service edge router policy applies to operationId: listServiceEdgeRouterPolicyServices responses: "200": description: A list of services headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicesEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List the services that a service edge router policy applies to tags: - Service Edge Router Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string /service-policies: get: description: | Retrieves a list of service policy resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listServicePolicies parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of service policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicePoliciesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List service policies tags: - Service Policy post: description: Create a service policy resource. Requires admin access. operationId: createServicePolicy parameters: - description: A service policy to create in: body name: policy required: true schema: $ref: '#/definitions/servicePolicyCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a service policy resource tags: - Service Policy /service-policies/{id}: delete: description: Delete a service policy by id. Requires admin access. operationId: deleteServicePolicy responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a service policy tags: - Service Policy get: description: Retrieves a single service policy by id. Requires admin access. operationId: detailServicePolicy responses: "200": description: A single service policy headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailServicePolicyEnvelop' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single service policy tags: - Service Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a service policy. Requires admin access. operationId: patchServicePolicy parameters: - description: A service policy patch object in: body name: policy required: true schema: $ref: '#/definitions/servicePolicyPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a service policy tags: - Service Policy put: description: Update all fields on a service policy by id. Requires admin access. operationId: updateServicePolicy parameters: - description: A service policy update object in: body name: policy required: true schema: $ref: '#/definitions/servicePolicyUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a service policy tags: - Service Policy /service-policies/{id}/identities: get: description: | Retrieves a list of identity resources that are affected by a service policy; supports filtering, sorting, and pagination. Requires admin access. operationId: listServicePolicyIdentities parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of identities headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listIdentitiesEnvelope' "400": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List identities a service policy affects tags: - Service Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string /service-policies/{id}/posture-checks: get: description: | Retrieves a list of posture check resources that are affected by a service policy; supports filtering, sorting, and pagination. Requires admin access. operationId: listServicePolicyPostureChecks parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of posture checks headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listPostureCheckEnvelope' "400": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List posture check a service policy includes tags: - Service Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string /service-policies/{id}/services: get: description: | Retrieves a list of service resources that are affected by a service policy; supports filtering, sorting, and pagination. Requires admin access. operationId: listServicePolicyServices parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of services headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicesEnvelope' "400": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List services a service policy affects tags: - Service Policy parameters: - description: The id of the requested resource in: path name: id required: true type: string /service-role-attributes: get: description: | Retrieves a list of role attributes in use by services; supports filtering, sorting, and pagination. Requires admin access. operationId: listServiceRoleAttributes parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of role attributes headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listRoleAttributesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List role attributes in use by services tags: - Role Attributes /services: get: description: | Retrieves a list of config resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listServices parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string - collectionFormat: multi in: query items: type: string name: configTypes type: array - collectionFormat: multi in: query items: type: string name: roleFilter type: array - in: query name: roleSemantic type: string responses: "200": description: A list of services headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List services tags: - Service post: description: Create a services resource. Requires admin access. operationId: createService parameters: - description: A service to create in: body name: service required: true schema: $ref: '#/definitions/serviceCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a services resource tags: - Service /services/{id}: delete: description: Delete a service by id. Requires admin access. operationId: deleteService responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a service tags: - Service get: description: Retrieves a single service by id. Requires admin access. operationId: detailService responses: "200": description: A single service headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailServiceEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single service tags: - Service parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a service. Requires admin access. operationId: patchService parameters: - description: A service patch object in: body name: service required: true schema: $ref: '#/definitions/servicePatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a service tags: - Service put: description: Update all fields on a service by id. Requires admin access. operationId: updateService parameters: - description: A service update object in: body name: service required: true schema: $ref: '#/definitions/serviceUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a service tags: - Service /services/{id}/configs: get: description: | Retrieves a list of config resources associated to a specific service; supports filtering, sorting, and pagination. Requires admin access. operationId: listServiceConfig parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of configs headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listConfigsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List configs associated to a specific service tags: - Service parameters: - description: The id of the requested resource in: path name: id required: true type: string /services/{id}/edge-routers: get: description: | Retrieves a list of edge-routers that may be used to access the given service. Supports filtering, sorting, and pagination. Requires admin access. operationId: listServiceEdgeRouters parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of edge routers headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listEdgeRoutersEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List accessible edge-routers tags: - Service parameters: - description: The id of the requested resource in: path name: id required: true type: string /services/{id}/identities: get: description: | Retrieves a list of identities that have access to this service. Supports filtering, sorting, and pagination. Requires admin access. operationId: listServiceIdentities parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string - enum: - dial - bind in: query name: policyType type: string responses: "200": description: A list of identities headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listIdentitiesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List identities with access tags: - Service parameters: - description: The id of the requested resource in: path name: id required: true type: string /services/{id}/service-edge-router-policies: get: description: | Retrieves a list of service edge router policy resources that affect a specific service; supports filtering, sorting, and pagination. Requires admin access. operationId: listServiceServiceEdgeRouterPolicies parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of service edge router policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServiceEdgeRouterPoliciesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List service edge router policies that affect a specific service tags: - Service parameters: - description: The id of the requested resource in: path name: id required: true type: string /services/{id}/service-policies: get: description: | Retrieves a list of service policy resources that affect specific service; supports filtering, sorting, and pagination. Requires admin access. operationId: listServiceServicePolicies parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of service policies headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listServicePoliciesEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List service policies that affect a specific service tags: - Service parameters: - description: The id of the requested resource in: path name: id required: true type: string /services/{id}/terminators: get: description: | Retrieves a list of terminator resources that are assigned specific service; supports filtering, sorting, and pagination. operationId: listServiceTerminators parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of terminators headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listTerminatorsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List of terminators assigned to a service tags: - Service parameters: - description: The id of the requested resource in: path name: id required: true type: string /sessions: get: description: | Retrieves a list of active sessions resources; supports filtering, sorting, and pagination. Requires admin access. Sessions are tied to an API session and are moved when an API session times out or logs out. Active sessions (i.e. Ziti SDK connected to an edge router) will keep the session and API session marked as active. operationId: listSessions parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of sessions headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listSessionsManagementEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List sessions tags: - Session /sessions/{id}: delete: description: Delete a session by id. Requires admin access. operationId: deleteSession responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a session tags: - Session get: description: Retrieves a single session by id. Requires admin access. operationId: detailSession responses: "200": description: A single session headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailSessionManagementEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single session tags: - Session parameters: - description: The id of the requested resource in: path name: id required: true type: string /sessions/{id}/route-path: get: description: Retrieves a single session's route path by id. Requires admin access. operationId: detailSessionRoutePath responses: "200": description: A single session's route path headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailSessionRoutePathEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single session's router path tags: - Session parameters: - description: The id of the requested resource in: path name: id required: true type: string /specs: get: description: Returns a list of spec files embedded within the controller for consumption/documentation/code geneartion operationId: listSpecs responses: "200": description: A list of specifications headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listSpecsEnvelope' security: [] summary: Returns a list of API specs tags: - Informational /specs/{id}: get: description: Returns single spec resource embedded within the controller for consumption/documentation/code geneartion operationId: detailSpec responses: "200": description: A single specification headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailSpecEnvelope' security: [] summary: Return a single spec resource tags: - Informational parameters: - description: The id of the requested resource in: path name: id required: true type: string /specs/{id}/spec: get: description: Return the body of the specification (i.e. Swagger, OpenAPI 2.0, 3.0, etc). operationId: detailSpecBody produces: - text/yaml - application/json responses: "200": description: Returns the document that represents the specification headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailSpecBodyEnvelope' security: [] summary: Returns the spec's file tags: - Informational parameters: - description: The id of the requested resource in: path name: id required: true type: string /summary: get: description: This endpoint is usefull for UIs that wish to display UI elements with counts. operationId: listSummary responses: "200": description: Entity counts scopped to the current identitie's access headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listSummaryCountsEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Returns a list of accessible resource counts tags: - Informational /terminators: get: description: | Retrieves a list of terminator resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listTerminators parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of terminators headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listTerminatorsEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List terminators tags: - Terminator post: description: Create a terminator resource. Requires admin access. operationId: createTerminator parameters: - description: A terminator to create in: body name: terminator required: true schema: $ref: '#/definitions/terminatorCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a terminator resource tags: - Terminator /terminators/{id}: delete: description: Delete a terminator by id. Requires admin access. operationId: deleteTerminator responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a terminator tags: - Terminator get: description: Retrieves a single terminator by id. Requires admin access. operationId: detailTerminator responses: "200": description: A single terminator headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailTerminatorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single terminator tags: - Terminator parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a terminator. Requires admin access. operationId: patchTerminator parameters: - description: A terminator patch object in: body name: terminator required: true schema: $ref: '#/definitions/terminatorPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a terminator tags: - Terminator put: description: Update all fields on a terminator by id. Requires admin access. operationId: updateTerminator parameters: - description: A terminator update object in: body name: terminator required: true schema: $ref: '#/definitions/terminatorUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a terminator tags: - Terminator /transit-routers: get: description: | Retrieves a list of router resources; supports filtering, sorting, and pagination. Requires admin access. operationId: listTransitRouters parameters: - in: query name: limit type: integer - in: query name: offset type: integer - in: query name: filter type: string responses: "200": description: A list of specifications headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listRoutersEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: List routers tags: - Router post: description: Create a router resource. Requires admin access. operationId: createTransitRouter parameters: - description: A router to create in: body name: router required: true schema: $ref: '#/definitions/routerCreate' responses: "201": description: The create request was successful and the resource has been added at the following location headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/createEnvelope' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Create a router resource tags: - Router /transit-routers/{id}: delete: description: Delete a router by id. Requires admin access. operationId: deleteTransitRouter responses: "200": description: The delete request was successful and the resource has been removed headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "409": description: The resource requested to be removed/altered cannot be as it is referenced by another object. examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 causeMessage: referenced by /some-resource/05f4f710-c155-4a74-86d5-77558eb9cb42 code: CONFLICT_CANNOT_MODIFY_REFERENCED message: The resource cannot be deleted/modified. Remove all referencing resources first. requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Delete a router tags: - Router get: description: Retrieves a single router by id. Requires admin access. operationId: detailTransitRouter responses: "200": description: A single router headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/detailRouterEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Retrieves a single router tags: - Router parameters: - description: The id of the requested resource in: path name: id required: true type: string patch: description: Update the supplied fields on a router. Requires admin access. operationId: patchTransitRouter parameters: - description: A router patch object in: body name: router required: true schema: $ref: '#/definitions/routerPatch' responses: "200": description: The patch request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update the supplied fields on a router tags: - Router put: description: Update all fields on a router by id. Requires admin access. operationId: updateTransitRouter parameters: - description: A router update object in: body name: router required: true schema: $ref: '#/definitions/routerUpdate' responses: "200": description: The update request was successful and the resource has been altered headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/empty' "400": description: The supplied request contains invalid fields or could not be parsed (json and non-json bodies). The error's code, message, and cause fields can be inspected for further information examples: application/json: error: args: urlVars: {} cause: details: context: (root) field: (root) property: fooField3 field: (root) message: '(root): fooField3 is required' type: required value: fooField: abc fooField2: def causeMessage: schema validation failed code: COULD_NOT_VALIDATE message: The supplied request contains an invalid document requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "401": description: The supplied session does not have the correct access rights to request this resource examples: application/json: error: args: urlVars: {} cause: "" causeMessage: "" code: UNAUTHORIZED message: The request could not be completed. The session is not authorized or the credentials are invalid requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "404": description: The requested resource does not exist examples: application/json: error: args: urlVars: id: 71a3000f-7dda-491a-9b90-a19f4ee6c406 cause: null causeMessage: "" code: NOT_FOUND message: The resource requested was not found or is no longer available requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "429": description: The resource requested is rate limited and the rate limit has been exceeded examples: application/json: error: args: urlVars: {} causeMessage: you have hit a rate limit in the requested operation code: RATE_LIMITED message: The resource is rate limited and the rate limit has been exceeded. Please try again later requestId: 270908d6-f2ef-4577-b973-67bec18ae376 meta: apiEnrollmentVersion: 0.0.1 apiVersion: 0.0.1 headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' "503": description: The request could not be completed due to the server being busy or in a temporarily bad state headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/apiErrorEnvelope' security: - ztSession: [] - oauth2: - openid summary: Update all fields on a router tags: - Router /version: get: operationId: listVersion responses: "200": description: Version information for the controller headers: WWW-Authenticate: description: Denotes different type of security token related information items: type: string type: array schema: $ref: '#/definitions/listVersionEnvelope' security: [] summary: Returns version information tags: - Informational definitions: apiAddress: properties: url: type: string version: type: string type: object apiAddressArray: items: $ref: '#/definitions/apiAddress' type: array apiAddressList: additionalProperties: $ref: '#/definitions/apiAddressArray' type: object apiError: properties: args: $ref: '#/definitions/apiErrorArgs' cause: $ref: '#/definitions/apiErrorCause' causeMessage: type: string code: type: string data: additionalProperties: true type: object message: type: string requestId: type: string type: object apiErrorArgs: properties: urlVars: additionalProperties: type: string type: object type: object apiErrorCause: allOf: - $ref: '#/definitions/apiFieldError' - $ref: '#/definitions/apiError' apiErrorEnvelope: properties: error: $ref: '#/definitions/apiError' meta: $ref: '#/definitions/meta' required: - meta - error type: object apiFieldError: properties: field: type: string reason: type: string value: description: can be any value - string, number, boolean, array or object type: object apiSessionDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: authQueries: $ref: '#/definitions/authQueryList' authenticatorId: type: string cachedLastActivityAt: format: date-time type: string configTypes: items: type: string type: array identity: $ref: '#/definitions/entityRef' identityId: type: string improperClientCertChain: type: boolean ipAddress: type: string isCertExtendRequested: type: boolean isCertExtendable: type: boolean isCertKeyRollRequested: type: boolean isMfaComplete: type: boolean isMfaRequired: type: boolean lastActivityAt: format: date-time type: string token: type: string required: - token - identity - identityId - configTypes - ipAddress - authQueries - cachedUpdatedAt - isMfaRequired - isMfaComplete - authenticatorId - isCertExtendable type: object description: An API Session object type: object apiSessionList: items: $ref: '#/definitions/apiSessionDetail' type: array apiSessionPostureData: properties: endpointState: $ref: '#/definitions/postureDataEndpointState' mfa: $ref: '#/definitions/postureDataMfa' sdkInfo: $ref: '#/definitions/sdkInfo' required: - mfa type: object apiVersion: properties: apiBaseUrls: items: type: string type: array path: type: string version: type: string required: - path type: object attributes: description: A set of strings used to loosely couple this resource to policies items: type: string type: array x-nullable: true x-omitempty: true authPolicyCreate: description: A Auth Policy resource properties: name: type: string primary: $ref: '#/definitions/authPolicyPrimary' secondary: $ref: '#/definitions/authPolicySecondary' tags: $ref: '#/definitions/tags' required: - name - primary - secondary type: object authPolicyDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: name: type: string primary: $ref: '#/definitions/authPolicyPrimary' secondary: $ref: '#/definitions/authPolicySecondary' required: - name - primary - secondary type: object description: A Auth Policy resource type: object authPolicyList: description: An array of Auth Policies resources items: $ref: '#/definitions/authPolicyDetail' type: array authPolicyPatch: description: A Auth Policy resource properties: name: type: string x-nullable: true primary: $ref: '#/definitions/authPolicyPrimaryPatch' secondary: $ref: '#/definitions/authPolicySecondaryPatch' tags: $ref: '#/definitions/tags' type: object authPolicyPrimary: properties: cert: $ref: '#/definitions/authPolicyPrimaryCert' extJwt: $ref: '#/definitions/authPolicyPrimaryExtJwt' updb: $ref: '#/definitions/authPolicyPrimaryUpdb' required: - updb - cert - extJwt type: object authPolicyPrimaryCert: properties: allowExpiredCerts: type: boolean allowed: type: boolean required: - allowed - allowExpiredCerts type: object authPolicyPrimaryCertPatch: properties: allowExpiredCerts: type: boolean x-nullable: true allowed: type: boolean x-nullable: true type: object x-nullable: true authPolicyPrimaryExtJwt: properties: allowed: type: boolean allowedSigners: items: type: string type: array required: - allowed - allowedSigners type: object authPolicyPrimaryExtJwtPatch: properties: allowed: type: boolean x-nullable: true allowedSigners: items: type: string type: array x-nullable: true type: object x-nullable: true authPolicyPrimaryPatch: properties: cert: $ref: '#/definitions/authPolicyPrimaryCertPatch' extJwt: $ref: '#/definitions/authPolicyPrimaryExtJwtPatch' updb: $ref: '#/definitions/authPolicyPrimaryUpdbPatch' type: object authPolicyPrimaryUpdb: properties: allowed: type: boolean lockoutDurationMinutes: type: integer maxAttempts: type: integer minPasswordLength: type: integer requireMixedCase: type: boolean requireNumberChar: type: boolean requireSpecialChar: type: boolean required: - allowed - minPasswordLength - requireSpecialChar - requireNumberChar - requireMixedCase - maxAttempts - lockoutDurationMinutes type: object authPolicyPrimaryUpdbPatch: properties: allowed: type: boolean x-nullable: true lockoutDurationMinutes: type: integer x-nullable: true maxAttempts: type: integer x-nullable: true minPasswordLength: type: integer x-nullable: true requireMixedCase: type: boolean x-nullable: true requireNumberChar: type: boolean x-nullable: true requireSpecialChar: type: boolean x-nullable: true type: object x-nullable: true authPolicySecondary: properties: requireExtJwtSigner: type: string x-nullable: true x-omit-empty: false requireTotp: type: boolean required: - requireTotp type: object authPolicySecondaryPatch: properties: requireExtJwtSigner: type: string x-nullable: true requireTotp: type: boolean x-nullable: true type: object x-nullable: true authPolicyUpdate: $ref: '#/definitions/authPolicyCreate' authQueryDetail: properties: clientId: type: string format: $ref: '#/definitions/mfaFormats' httpMethod: type: string httpUrl: type: string id: type: string isTotpEnrolled: type: boolean maxLength: type: integer minLength: type: integer provider: $ref: '#/definitions/mfaProviders' scopes: items: type: string type: array typeId: $ref: '#/definitions/authQueryType' required: - provider type: object authQueryList: items: $ref: '#/definitions/authQueryDetail' type: array authQueryType: enum: - MFA - TOTP - EXT-JWT type: string authenticate: description: A generic authenticate object meant for use with the /authenticate path. Required fields depend on authentication method. properties: configTypes: $ref: '#/definitions/configTypes' envInfo: $ref: '#/definitions/envInfo' password: $ref: '#/definitions/password' sdkInfo: $ref: '#/definitions/sdkInfo' username: $ref: '#/definitions/username' type: object authenticatorCreate: description: Creates an authenticator for a specific identity which can be used for API authentication properties: certPem: description: The client certificate the identity will login with. Used only for method='cert' type: string identityId: description: The id of an existing identity that will be assigned this authenticator type: string method: description: The type of authenticator to create; which will dictate which properties on this object are required. type: string password: description: The password the identity will login with. Used only for method='updb' type: string tags: $ref: '#/definitions/tags' username: description: The username that the identity will login with. Used only for method='updb' type: string required: - method - identityId type: object authenticatorDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: certPem: type: string extendRequestedAt: format: date-time type: string x-nullable: true fingerprint: type: string identity: $ref: '#/definitions/entityRef' identityId: type: string isExtendRequested: type: boolean isIssuedByNetwork: type: boolean isKeyRollRequested: type: boolean lastAuthResolvedToRoot: type: boolean lastExtendRolledKeys: type: boolean method: type: string username: type: string required: - method - identityId - identity type: object description: A singular authenticator resource type: object authenticatorList: description: An array of authenticator resources items: $ref: '#/definitions/authenticatorDetail' type: array authenticatorPatch: description: All of the fields on an authenticator that may be updated properties: password: $ref: '#/definitions/passwordNullable' tags: $ref: '#/definitions/tags' username: $ref: '#/definitions/usernameNullable' type: object authenticatorPatchWithCurrent: allOf: - $ref: '#/definitions/authenticatorPatch' - properties: currentPassword: $ref: '#/definitions/password' required: - currentPassword type: object description: All of the fields on an authenticator that may be updated type: object authenticatorUpdate: description: All of the fields on an authenticator that will be updated properties: password: $ref: '#/definitions/password' tags: $ref: '#/definitions/tags' username: $ref: '#/definitions/username' required: - username - password type: object authenticatorUpdateWithCurrent: allOf: - $ref: '#/definitions/authenticatorUpdate' - properties: currentPassword: $ref: '#/definitions/password' required: - currentPassword type: object description: All of the fields on an authenticator that will be updated type: object baseEntity: description: Fields shared by all Edge API entities properties: _links: $ref: '#/definitions/links' createdAt: format: date-time type: string id: type: string tags: $ref: '#/definitions/tags' updatedAt: format: date-time type: string required: - id - createdAt - updatedAt - _links type: object caCreate: description: A create Certificate Authority (CA) object properties: certPem: example: | -----BEGIN CERTIFICATE----- MIICUjCCAdmgAwIBAgIJANooo7NB+dZZMAoGCCqGSM49BAMCMF4xCzAJBgNVBAYT AlVTMQswCQYDVQQIDAJOQzETMBEGA1UECgwKTmV0Rm91bmRyeTEtMCsGA1UEAwwk TmV0Rm91bmRyeSBaaXRpIEV4dGVybmFsIEFQSSBSb290IENBMB4XDTE4MTExNTEy NTcwOVoXDTM4MTExMDEyNTcwOVowXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5D MRMwEQYDVQQKDApOZXRGb3VuZHJ5MS0wKwYDVQQDDCROZXRGb3VuZHJ5IFppdGkg RXh0ZXJuYWwgQVBJIFJvb3QgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARwq61Z Iaqbaw0PDt3frJZaHjkxfZhwYrykI1GlbRNd/jix03lVG9qvpN5Og9fQfFFcFmD/ 3vCE9S6O0npm0mADQxcBcxbMRAH5dtBuCuiJW6qAAbPgiM32vqSxBiFt0KejYzBh MB0GA1UdDgQWBBRx1OVGuc/jdltDc8YBtkw8Tbr4fjAfBgNVHSMEGDAWgBRx1OVG uc/jdltDc8YBtkw8Tbr4fjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB hjAKBggqhkjOPQQDAgNnADBkAjBDRxNZUaIVpkQKnAgJukl3ysd3/i7Z6hDyIEms kllz/+ZvmdBp9iedV5o5BvJUggACMCv+UBFlJH7pmsOCo/F45Kk178YsCC7gaMxE 1ZG1zveyMvsYsH04C9FndE6w2MLvlA== -----END CERTIFICATE----- type: string externalIdClaim: $ref: '#/definitions/externalIdClaim' identityNameFormat: type: string identityRoles: $ref: '#/definitions/roles' isAuthEnabled: example: true type: boolean isAutoCaEnrollmentEnabled: example: true type: boolean isOttCaEnrollmentEnabled: example: true type: boolean name: example: Test 3rd Party External CA type: string tags: $ref: '#/definitions/tags' required: - name - certPem - isAutoCaEnrollmentEnabled - isOttCaEnrollmentEnabled - isAuthEnabled - identityRoles type: object caDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: certPem: type: string externalIdClaim: $ref: '#/definitions/externalIdClaim' fingerprint: type: string identityNameFormat: type: string identityRoles: $ref: '#/definitions/roles' isAuthEnabled: example: true type: boolean isAutoCaEnrollmentEnabled: example: true type: boolean isOttCaEnrollmentEnabled: example: true type: boolean isVerified: example: false type: boolean name: type: string verificationToken: format: uuid type: string required: - name - fingerprint - certPem - isVerified - isAutoCaEnrollmentEnabled - isOttCaEnrollmentEnabled - isAuthEnabled - identityRoles - identityNameFormat type: object description: A Certificate Authority (CA) resource type: object caList: description: An array of Certificate Authority (CA) resources items: $ref: '#/definitions/caDetail' type: array caPatch: properties: externalIdClaim: $ref: '#/definitions/externalIdClaimPatch' identityNameFormat: type: string x-nullable: true identityRoles: $ref: '#/definitions/roles' isAuthEnabled: example: true type: boolean x-nullable: true isAutoCaEnrollmentEnabled: example: true type: boolean x-nullable: true isOttCaEnrollmentEnabled: example: true type: boolean x-nullable: true name: example: My CA type: string x-nullable: true tags: $ref: '#/definitions/tags' type: object caUpdate: properties: externalIdClaim: $ref: '#/definitions/externalIdClaim' identityNameFormat: type: string identityRoles: $ref: '#/definitions/roles' isAuthEnabled: example: true type: boolean isAutoCaEnrollmentEnabled: example: true type: boolean isOttCaEnrollmentEnabled: example: true type: boolean name: example: My CA type: string tags: $ref: '#/definitions/tags' required: - name - isAutoCaEnrollmentEnabled - isOttCaEnrollmentEnabled - isAuthEnabled - identityRoles - identityNameFormat type: object capabilities: enum: - OIDC_AUTH - HA_CONTROLLER type: string commonEdgeRouterProperties: properties: appData: $ref: '#/definitions/tags' cost: maximum: !!float 65535 minimum: !!float 0 type: integer x-nullable: true disabled: type: boolean hostname: type: string isOnline: type: boolean name: type: string noTraversal: type: boolean x-nullable: true supportedProtocols: additionalProperties: type: string type: object syncStatus: type: string required: - hostname - name - supportedProtocols - syncStatus - isOnline - cost - noTraversal - disabled type: object configCreate: description: A config create object example: configTypeId: cea49285-6c07-42cf-9f52-09a9b115c783 data: hostname: example.com port: !!float 80 name: test-config properties: configTypeId: description: The id of a config-type that the data section will match type: string data: additionalProperties: true description: Data payload is defined by the schema of the config-type defined in the type parameter type: object x-nullable: false name: example: default.ziti-tunneler-server.v1 type: string tags: $ref: '#/definitions/tags' required: - name - configTypeId - data type: object configDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: configType: $ref: '#/definitions/entityRef' configTypeId: type: string data: description: The data section of a config is based on the schema of its type type: object name: type: string required: - name - configTypeId - configType - data type: object description: A config resource type: object configList: description: An array of config resources items: $ref: '#/definitions/configDetail' type: array configPatch: description: A config patch object example: data: hostname: example.com port: !!float 80 name: example-config-name properties: data: additionalProperties: true description: Data payload is defined by the schema of the config-type defined in the type parameter type: object name: example: default.ziti-tunneler-server.v1 type: string tags: $ref: '#/definitions/tags' type: object configTypeCreate: description: A config-type create object properties: name: example: ziti-tunneler-server.v1 type: string schema: additionalProperties: true description: A JSON schema to enforce configuration against type: object tags: $ref: '#/definitions/tags' required: - name type: object configTypeDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: name: example: ziti-tunneler-server.v1 type: string schema: additionalProperties: true description: A JSON schema to enforce configuration against type: object required: - name - schema type: object description: A config-type resource type: object configTypeList: description: An array of config-type resources items: $ref: '#/definitions/configTypeDetail' type: array configTypePatch: description: A config-type patch object properties: name: example: ziti-tunneler-server.v1 type: string schema: additionalProperties: true description: A JSON schema to enforce configuration against type: object tags: $ref: '#/definitions/tags' type: object configTypeUpdate: description: A config-type update object properties: name: example: ziti-tunneler-server.v1 type: string schema: additionalProperties: true description: A JSON schema to enforce configuration against type: object tags: $ref: '#/definitions/tags' required: - name type: object configTypes: description: Specific configuration types that should be returned items: type: string type: array configUpdate: description: A config update object example: data: hostname: example.com port: !!float 80 name: example-config-name properties: data: additionalProperties: true description: Data payload is defined by the schema of the config-type defined in the type parameter type: object x-nullable: false name: example: default.ziti-tunneler-server.v1 type: string tags: $ref: '#/definitions/tags' required: - name - data type: object controllerDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: apiAddresses: $ref: '#/definitions/apiAddressList' certPem: type: string ctrlAddress: type: string x-nullable: true fingerprint: type: string isOnline: type: boolean isPreferredLeader: type: boolean lastJoinedAt: format: date-time type: string name: type: string required: - name - certPem - fingerprint - isOnline - lastJoinedAt type: object description: A controller resource type: object controllerSettingCreate: allOf: - $ref: '#/definitions/controllerSettings' - properties: controllerId: type: string tags: $ref: '#/definitions/tags' required: - controllerId type: object type: object controllerSettingDetail: allOf: - $ref: '#/definitions/baseEntity' - $ref: '#/definitions/controllerSettings' type: object controllerSettingEffective: allOf: - $ref: '#/definitions/baseEntity' - properties: effective: $ref: '#/definitions/controllerSettings' instance: $ref: '#/definitions/controllerSettings' type: object type: object controllerSettingPatch: allOf: - $ref: '#/definitions/controllerSettings' - properties: tags: $ref: '#/definitions/tags' type: object type: object controllerSettingUpdate: allOf: - $ref: '#/definitions/controllerSettings' - properties: tags: $ref: '#/definitions/tags' type: object type: object controllerSettings: properties: oidc: properties: postLogoutUris: items: type: string type: array redirectUris: items: type: string type: array type: object type: object controllerSettingsList: items: null type: array controllersList: description: An array of controller resources items: $ref: '#/definitions/controllerDetail' type: array createEnvelope: properties: data: $ref: '#/definitions/createLocation' meta: $ref: '#/definitions/meta' type: object createLocation: properties: _links: $ref: '#/definitions/links' id: type: string type: object currentApiSessionDetail: allOf: - $ref: '#/definitions/apiSessionDetail' - properties: expirationSeconds: type: integer expiresAt: format: date-time type: string required: - expiresAt - expirationSeconds type: object description: An API Session object for the current API session type: object currentApiSessionDetailEnvelope: properties: data: $ref: '#/definitions/currentApiSessionDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object currentIdentityDetailEnvelope: properties: data: $ref: '#/definitions/identityDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object dataIntegrityCheckDetail: properties: description: type: string fixed: type: boolean required: - description - fixed type: object dataIntegrityCheckDetailList: items: $ref: '#/definitions/dataIntegrityCheckDetail' type: array dataIntegrityCheckDetails: properties: endTime: format: date-time type: string error: type: string fixingErrors: type: boolean inProgress: type: boolean results: $ref: '#/definitions/dataIntegrityCheckDetailList' startTime: format: date-time type: string tooManyErrors: type: boolean required: - inProgress - fixingErrors - tooManyErrors - startTime - endTime - error - results type: object dataIntegrityCheckResultEnvelope: properties: data: $ref: '#/definitions/dataIntegrityCheckDetails' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailApiSessionEnvelope: properties: data: $ref: '#/definitions/apiSessionDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailAuthPolicyEnvelope: properties: data: $ref: '#/definitions/authPolicyDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailAuthenticatorEnvelope: properties: data: $ref: '#/definitions/authenticatorDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailCaEnvelope: properties: data: $ref: '#/definitions/caDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailConfigEnvelope: properties: data: $ref: '#/definitions/configDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailConfigTypeEnvelope: properties: data: $ref: '#/definitions/configTypeDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailControllerSettingEffectiveEnvelope: properties: data: $ref: '#/definitions/controllerSettingEffective' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailControllerSettingEnvelope: properties: data: $ref: '#/definitions/controllerSettingDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailEdgeRouterPolicyEnvelope: properties: data: $ref: '#/definitions/edgeRouterPolicyDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailEnrollmentEnvelope: properties: data: $ref: '#/definitions/enrollmentDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailExternalJwtSignerEnvelope: properties: data: $ref: '#/definitions/externalJwtSignerDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailIdentityEnvelope: properties: data: $ref: '#/definitions/identityDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailIdentityTypeEnvelope: properties: data: $ref: '#/definitions/identityTypeDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailMfa: allOf: - $ref: '#/definitions/baseEntity' - properties: isVerified: type: boolean provisioningUrl: description: Not provided if MFA verification has been completed type: string recoveryCodes: description: Not provided if MFA verification has been completed items: type: string type: array required: - isVerified type: object detailMfaEnvelope: properties: data: $ref: '#/definitions/detailMfa' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailMfaRecoveryCodes: allOf: - $ref: '#/definitions/baseEntity' - properties: recoveryCodes: items: type: string type: array required: - recoveryCodes type: object detailMfaRecoveryCodesEnvelope: properties: data: $ref: '#/definitions/detailMfaRecoveryCodes' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailPostureCheckEnvelope: properties: data: $ref: '#/definitions/postureCheckDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailPostureCheckTypeEnvelope: properties: data: $ref: '#/definitions/postureCheckTypeDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailRouterEnvelope: properties: data: $ref: '#/definitions/routerDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailServiceEdgePolicyEnvelope: properties: data: $ref: '#/definitions/serviceEdgeRouterPolicyDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailServiceEnvelope: properties: data: $ref: '#/definitions/serviceDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailServicePolicyEnvelop: properties: data: $ref: '#/definitions/servicePolicyDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailSessionManagementEnvelope: properties: data: $ref: '#/definitions/sessionManagementDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailSessionRoutePathEnvelope: properties: data: $ref: '#/definitions/sessionRoutePathDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailSpecBodyEnvelope: properties: data: $ref: '#/definitions/specBodyDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailSpecEnvelope: properties: data: $ref: '#/definitions/specDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailTerminatorEnvelope: properties: data: $ref: '#/definitions/terminatorDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object detailedEdgeRouterEnvelope: properties: data: $ref: '#/definitions/edgeRouterDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object dialBind: enum: - Dial - Bind - Invalid type: string dialBindArray: items: $ref: '#/definitions/dialBind' type: array disableParams: properties: durationMinutes: type: integer required: - durationMinutes type: object edgeRouterCreate: description: An edge router create object properties: appData: $ref: '#/definitions/tags' cost: maximum: !!float 65535 minimum: !!float 0 type: integer x-nullable: true ctrlChanListeners: additionalProperties: items: type: string type: array type: object x-nullable: true x-omitempty: false disabled: type: boolean x-nullable: true isTunnelerEnabled: type: boolean name: type: string noTraversal: type: boolean x-nullable: true roleAttributes: $ref: '#/definitions/attributes' tags: $ref: '#/definitions/tags' required: - name type: object edgeRouterDetail: allOf: - $ref: '#/definitions/baseEntity' - $ref: '#/definitions/commonEdgeRouterProperties' - properties: certPem: type: string x-nullable: true x-omitempty: false ctrlChanListeners: additionalProperties: items: type: string type: array type: object enrollmentCreatedAt: format: date-time type: string x-nullable: true enrollmentExpiresAt: format: date-time type: string x-nullable: true enrollmentJwt: type: string x-nullable: true enrollmentToken: type: string x-nullable: true fingerprint: type: string interfaces: items: $ref: '#/definitions/interface' type: array isTunnelerEnabled: type: boolean isVerified: type: boolean roleAttributes: $ref: '#/definitions/attributes' unverifiedCertPem: type: string x-nullable: true x-omitempty: false unverifiedFingerprint: type: string x-nullable: true x-omitempty: false versionInfo: $ref: '#/definitions/versionInfo' required: - isVerified - roleAttributes - os - version - arch - buildDate - revision - isTunnelerEnabled type: object description: A detail edge router resource example: _links: edge-router-policies: href: ./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d/edge-routers self: href: ./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d cost: !!float 0 createdAt: "2020-03-16T17:13:31.5807454Z" enrollmentCreatedAt: "2020-03-16T17:13:31.5777637Z" enrollmentExpiresAt: "2020-03-16T17:18:31.5777637Z" enrollmentJwt: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImVyb3R0IiwiZXhwIjoxNTg0Mzc5MTExLCJpc3MiOiJodHRwczovL 2xvY2FsaG9zdDoxMjgwIiwianRpIjoiMzBhMWYwZWEtZDM5Yi00YWFlLWI4NTItMzA0Y2YxYzMwZDFmIiwic3ViIjoiYjA3NjZiOGQtYmQxYS00ZDI 4LTg0MTUtNjM5YjI5ZDNjODNkIn0.UsyQhCPORQ5tQnYWY7S88LNvV9iFS5Hy-P4aJaClZzEICobKgnQoyQblJcdMvk3cGKwyFqAnQtt0tDZkb8tHz Vqyv6bilHcAFuMRrdwXRqdXquabSN5geu2qBUnyzL7Mf2X85if8sbMida6snB4oLZsVRF3CRn4ODBJdeiVJ_Z4rgD-zW2IwtXPApT7ALyiiw2cN4EH 8pqQ7tpZKqztE0PGEbBQFPGKUFnm7oXyvSUo17EsFJUv5gUlBzfKKGolh5io4ptp22HZrqsqSnqDSOnYEZHonr5Yljuwiktrlh-JKiK6GGns5OAJMP dO9lgM4yHSpF2ILbqhWMV93Y3zMOg enrollmentToken: 30a1f0ea-d39b-4aae-b852-304cf1c30d1f fingerprint: null hostname: "" id: b0766b8d-bd1a-4d28-8415-639b29d3c83d isOnline: false isTunnelerEnabled: false isVerified: false name: TestRouter-e33c837f-3222-4b40-bcd6-b3458fd5156e noTraversal: false roleAttributes: - eastCoast - sales - test supportedProtocols: {} tags: {} updatedAt: "2020-03-16T17:13:31.5807454Z" type: object edgeRouterList: description: A list of edge router resources items: $ref: '#/definitions/edgeRouterDetail' type: array edgeRouterPatch: description: An edge router patch object properties: appData: $ref: '#/definitions/tags' cost: maximum: !!float 65535 minimum: !!float 0 type: integer x-nullable: true ctrlChanListeners: additionalProperties: items: type: string type: array type: object x-nullable: true x-omitempty: false disabled: type: boolean x-nullable: true isTunnelerEnabled: type: boolean name: type: string x-nullable: true noTraversal: type: boolean x-nullable: true roleAttributes: $ref: '#/definitions/attributes' tags: $ref: '#/definitions/tags' type: object edgeRouterPolicyCreate: properties: edgeRouterRoles: $ref: '#/definitions/roles' identityRoles: $ref: '#/definitions/roles' name: type: string semantic: $ref: '#/definitions/semantic' tags: $ref: '#/definitions/tags' required: - name - semantic edgeRouterPolicyDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: edgeRouterRoles: $ref: '#/definitions/roles' edgeRouterRolesDisplay: $ref: '#/definitions/namedRoles' identityRoles: $ref: '#/definitions/roles' identityRolesDisplay: $ref: '#/definitions/namedRoles' isSystem: type: boolean name: type: string semantic: $ref: '#/definitions/semantic' required: - name - semantic - edgeRouterRoles - edgeRouterRolesDisplay - identityRoles - identityRolesDisplay - isSystem type: object type: object edgeRouterPolicyList: items: $ref: '#/definitions/edgeRouterPolicyDetail' type: array edgeRouterPolicyPatch: properties: edgeRouterRoles: $ref: '#/definitions/roles' identityRoles: $ref: '#/definitions/roles' name: type: string semantic: $ref: '#/definitions/semantic' tags: $ref: '#/definitions/tags' edgeRouterPolicyUpdate: properties: edgeRouterRoles: $ref: '#/definitions/roles' identityRoles: $ref: '#/definitions/roles' name: type: string semantic: $ref: '#/definitions/semantic' tags: $ref: '#/definitions/tags' required: - name - semantic edgeRouterUpdate: description: An edge router update object properties: appData: $ref: '#/definitions/tags' cost: maximum: !!float 65535 minimum: !!float 0 type: integer x-nullable: true ctrlChanListeners: additionalProperties: items: type: string type: array type: object x-nullable: true x-omitempty: false disabled: type: boolean x-nullable: true isTunnelerEnabled: type: boolean name: type: string noTraversal: type: boolean x-nullable: true roleAttributes: $ref: '#/definitions/attributes' tags: $ref: '#/definitions/tags' required: - name type: object empty: properties: data: example: {} type: object meta: $ref: '#/definitions/meta' required: - meta - data type: object enrollmentCreate: properties: caId: type: string x-nullable: true expiresAt: format: date-time type: string identityId: type: string method: enum: - ott - ottca - updb type: string username: type: string x-nullable: true required: - method - expiresAt - identityId type: object enrollmentDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: caId: type: string x-nullable: true edgeRouter: $ref: '#/definitions/entityRef' edgeRouterId: type: string expiresAt: format: date-time type: string identity: $ref: '#/definitions/entityRef' identityId: type: string jwt: type: string method: type: string token: type: string transitRouter: $ref: '#/definitions/entityRef' transitRouterId: type: string username: type: string required: - token - method - expiresAt - details type: object description: | An enrollment object. Enrollments are tied to identities and potentially a CA. Depending on the method, different fields are utilized. For example ottca enrollments use the `ca` field and updb enrollments use the username field, but not vice versa. example: _links: self: href: ./enrollments/624fa53f-7629-4a7a-9e38-c1f4ce322c1d ca: null createdAt: "0001-01-01T00:00:00Z" expiresAt: "2020-03-11T20:20:24.0055543Z" id: 624fa53f-7629-4a7a-9e38-c1f4ce322c1d identity: _links: self: href: ./identities/f047ac96-dc3a-408a-a6f2-0ba487c08ef9 id: f047ac96-dc3a-408a-a6f2-0ba487c08ef9 name: updb--0f245140-7f2e-4326-badf-6aba55e52475 urlName: identities method: updb tags: null token: 1e727c8f-07e4-4a1d-a8b0-da0c7a01c6e1 updatedAt: "0001-01-01T00:00:00Z" username: example-username type: object enrollmentList: description: An array of enrollment resources items: $ref: '#/definitions/enrollmentDetail' type: array enrollmentRefresh: properties: expiresAt: format: date-time type: string required: - expiresAt type: object entityRef: description: A reference to another resource and links to interact with it properties: _links: $ref: '#/definitions/links' entity: type: string id: type: string name: type: string type: object envInfo: description: Environment information an authenticating client may provide properties: arch: maxLength: !!float 255 type: string domain: maxLength: !!float 253 type: string hostname: maxLength: !!float 253 type: string os: maxLength: !!float 255 type: string osRelease: maxLength: !!float 255 type: string osVersion: maxLength: !!float 255 type: string type: object externalIdClaim: properties: index: type: integer x-nullable: true location: enum: - COMMON_NAME - SAN_URI - SAN_EMAIL type: string x-nullable: true matcher: enum: - ALL - PREFIX - SUFFIX - SCHEME type: string x-nullable: true matcherCriteria: type: string x-nullable: true parser: enum: - NONE - SPLIT type: string x-nullable: true parserCriteria: type: string x-nullable: true required: - location - matcher - matcherCriteria - parser - parserCriteria - index type: object externalIdClaimPatch: properties: index: type: integer x-nullable: true location: enum: - COMMON_NAME - SAN_URI - SAN_EMAIL type: string x-nullable: true matcher: enum: - ALL - PREFIX - SUFFIX - SCHEME type: string x-nullable: true matcherCriteria: type: string x-nullable: true parser: enum: - NONE - SPLIT type: string x-nullable: true parserCriteria: type: string x-nullable: true type: object externalJwtSignerCreate: description: A create Certificate Authority (CA) object properties: audience: type: string x-nullable: true certPem: type: string x-nullable: true claimsProperty: type: string x-nullable: true clientId: type: string x-nullable: true enabled: type: boolean enrollAttributeClaimsSelector: type: string enrollAuthPolicyId: type: string enrollNameClaimsSelector: type: string enrollToCertEnabled: type: boolean enrollToTokenEnabled: type: boolean externalAuthUrl: format: url type: string x-nullable: true issuer: type: string jwksEndpoint: format: uri type: string x-nullable: true kid: type: string x-nullable: true name: example: MyApps Signer type: string scopes: items: type: string type: array x-nullable: true tags: $ref: '#/definitions/tags' targetToken: $ref: '#/definitions/targetToken' useExternalId: type: boolean x-nullable: true required: - name - enabled - issuer - audience type: object externalJwtSignerDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: audience: type: string certPem: type: string x-nullable: true claimsProperty: type: string clientId: type: string commonName: type: string enabled: type: boolean enrollAttributeClaimsSelector: type: string enrollAuthPolicyId: type: string enrollNameClaimsSelector: type: string enrollToCertEnabled: type: boolean enrollToTokenEnabled: type: boolean externalAuthUrl: format: url type: string fingerprint: type: string issuer: type: string jwksEndpoint: format: uri type: string x-nullable: true kid: type: string name: example: MyApps Signer type: string notAfter: format: date-time type: string notBefore: format: date-time type: string scopes: items: type: string type: array targetToken: $ref: '#/definitions/targetToken' useExternalId: type: boolean required: - name - certPem - jwksEndpoint - enabled - fingerprint - commonName - notAfter - notBefore - externalAuthUrl - claimsProperty - useExternalId - kid - issuer - audience - clientId - scopes - targetToken type: object description: A External JWT Signer resource type: object externalJwtSignerList: description: An array of External JWT Signers resources items: $ref: '#/definitions/externalJwtSignerDetail' type: array externalJwtSignerPatch: properties: audience: type: string x-nullable: true certPem: type: string x-nullable: true claimsProperty: type: string x-nullable: true clientId: type: string x-nullable: true enabled: type: boolean x-nullable: true enrollAttributeClaimsSelector: type: string x-nullable: true enrollAuthPolicyId: type: string x-nullable: true enrollNameClaimsSelector: type: string x-nullable: true enrollToCertEnabled: type: boolean x-nullable: true enrollToTokenEnabled: type: boolean x-nullable: true externalAuthUrl: format: url type: string x-nullable: true issuer: type: string x-nullable: true jwksEndpoint: format: uri type: string x-nullable: true kid: type: string x-nullable: true name: example: MyApps Signer type: string x-nullable: true scopes: items: type: string type: array tags: $ref: '#/definitions/tags' targetToken: $ref: '#/definitions/targetToken' useExternalId: type: boolean x-nullable: true type: object externalJwtSignerUpdate: properties: audience: type: string x-nullable: true certPem: type: string x-nullable: true claimsProperty: type: string x-nullable: true clientId: type: string x-nullable: true enabled: type: boolean enrollAttributeClaimsSelector: type: string x-nullable: true enrollAuthPolicyId: type: string x-nullable: true enrollNameClaimsSelector: type: string x-nullable: true enrollToCertEnabled: type: boolean x-nullable: true enrollToTokenEnabled: type: boolean x-nullable: true externalAuthUrl: format: url type: string x-nullable: true issuer: type: string jwksEndpoint: format: uri type: string x-nullable: true kid: type: string x-nullable: true name: example: MyApps Signer type: string scopes: items: type: string type: array x-nullable: true tags: $ref: '#/definitions/tags' targetToken: $ref: '#/definitions/targetToken' useExternalId: type: boolean x-nullable: true required: - name - enabled - issuer - audience type: object failedServiceRequest: properties: apiSessionId: type: string policyFailures: items: $ref: '#/definitions/policyFailure' type: array serviceId: type: string serviceName: type: string sessionType: $ref: '#/definitions/dialBind' when: format: date-time type: string type: object failedServiceRequestEnvelope: properties: data: $ref: '#/definitions/failedServiceRequestList' meta: $ref: '#/definitions/meta' required: - meta - data type: object failedServiceRequestList: items: $ref: '#/definitions/failedServiceRequest' type: array getIdentityPolicyAdviceEnvelope: properties: data: $ref: '#/definitions/policyAdvice' meta: $ref: '#/definitions/meta' required: - meta - data type: object identityAuthenticators: properties: cert: properties: fingerprint: type: string id: type: string type: object updb: properties: id: type: string username: type: string type: object type: object identityCreate: description: An identity to create properties: appData: $ref: '#/definitions/tags' authPolicyId: type: string x-nullable: true defaultHostingCost: $ref: '#/definitions/terminatorCost' defaultHostingPrecedence: $ref: '#/definitions/terminatorPrecedence' enrollment: properties: ott: type: boolean ottca: type: string updb: type: string type: object externalId: type: string x-nullable: true isAdmin: type: boolean name: type: string permissions: $ref: '#/definitions/permissions' roleAttributes: $ref: '#/definitions/attributes' serviceHostingCosts: $ref: '#/definitions/terminatorCostMap' serviceHostingPrecedences: $ref: '#/definitions/terminatorPrecedenceMap' tags: $ref: '#/definitions/tags' type: $ref: '#/definitions/identityType' required: - name - type - isAdmin type: object identityDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: appData: $ref: '#/definitions/tags' authPolicy: $ref: '#/definitions/entityRef' authPolicyId: type: string authenticators: $ref: '#/definitions/identityAuthenticators' defaultHostingCost: $ref: '#/definitions/terminatorCost' defaultHostingPrecedence: $ref: '#/definitions/terminatorPrecedence' disabled: type: boolean disabledAt: format: date-time type: string x-nullable: true disabledUntil: format: date-time type: string x-nullable: true edgeRouterConnectionStatus: enum: - online - offline - unknown type: string enrollment: $ref: '#/definitions/identityEnrollments' envInfo: $ref: '#/definitions/envInfo' externalId: type: string x-nullable: true hasApiSession: type: boolean hasEdgeRouterConnection: type: boolean interfaces: items: $ref: '#/definitions/interface' type: array isAdmin: type: boolean isDefaultAdmin: type: boolean isMfaEnabled: type: boolean name: type: string permissions: $ref: '#/definitions/permissions' roleAttributes: $ref: '#/definitions/attributes' sdkInfo: $ref: '#/definitions/sdkInfo' serviceHostingCosts: $ref: '#/definitions/terminatorCostMap' serviceHostingPrecedences: $ref: '#/definitions/terminatorPrecedenceMap' type: $ref: '#/definitions/entityRef' typeId: type: string required: - name - type - typeId - isDefaultAdmin - isAdmin - authenticators - enrollment - envInfo - sdkInfo - roleAttributes - hasEdgeRouterConnection - edgeRouterConnectionStatus - hasApiSession - isMfaEnabled - serviceHostingPrecedences - serviceHostingCosts - defaultHostingCost - authPolicyId - authPolicy - externalId - disabled - permissions type: object description: Detail of a specific identity type: object identityEnrollments: properties: ott: properties: expiresAt: format: date-time type: string id: type: string jwt: type: string token: type: string type: object ottca: properties: ca: $ref: '#/definitions/entityRef' caId: type: string expiresAt: format: date-time type: string id: type: string jwt: type: string token: type: string type: object updb: properties: expiresAt: format: date-time type: string id: type: string jwt: type: string token: type: string type: object type: object identityExtendCerts: properties: ca: description: A PEM encoded set of CA certificates type: string clientCert: description: A PEM encoded client certificate type: string type: object identityExtendEnrollmentEnvelope: properties: data: $ref: '#/definitions/identityExtendCerts' meta: $ref: '#/definitions/meta' type: object identityExtendEnrollmentRequest: properties: clientCertCsr: type: string required: - clientCertCsr type: object identityExtendValidateEnrollmentRequest: properties: clientCert: description: A PEM encoded client certificate previously returned after an extension request type: string required: - clientCert type: object identityList: description: A list of identities items: $ref: '#/definitions/identityDetail' type: array identityPatch: properties: appData: $ref: '#/definitions/tags' authPolicyId: type: string x-nullable: true defaultHostingCost: $ref: '#/definitions/terminatorCost' defaultHostingPrecedence: $ref: '#/definitions/terminatorPrecedence' externalId: type: string x-nullable: true isAdmin: type: boolean x-nullable: true name: type: string x-nullable: true permissions: $ref: '#/definitions/permissions' roleAttributes: $ref: '#/definitions/attributes' serviceHostingCosts: $ref: '#/definitions/terminatorCostMap' serviceHostingPrecedences: $ref: '#/definitions/terminatorPrecedenceMap' tags: $ref: '#/definitions/tags' type: $ref: '#/definitions/identityType' type: object identityType: enum: - User - Device - Service - Router - Default type: string identityTypeDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: name: type: string type: object type: object identityTypeList: items: $ref: '#/definitions/identityTypeDetail' type: array identityUpdate: properties: appData: $ref: '#/definitions/tags' authPolicyId: type: string x-nullable: true defaultHostingCost: $ref: '#/definitions/terminatorCost' defaultHostingPrecedence: $ref: '#/definitions/terminatorPrecedence' externalId: type: string x-nullable: true isAdmin: type: boolean name: type: string permissions: $ref: '#/definitions/permissions' roleAttributes: $ref: '#/definitions/attributes' serviceHostingCosts: $ref: '#/definitions/terminatorCostMap' serviceHostingPrecedences: $ref: '#/definitions/terminatorPrecedenceMap' tags: $ref: '#/definitions/tags' type: $ref: '#/definitions/identityType' required: - type - name - isAdmin type: object interface: description: A resource describing a network interface properties: addresses: items: type: string type: array hardwareAddress: type: string index: minimum: !!float 0 type: integer isBroadcast: type: boolean isLoopback: type: boolean isMulticast: type: boolean isRunning: type: boolean isUp: type: boolean mtu: minimum: !!float 0 type: integer name: type: string required: - name - hardwareAddress - mtu - index - isUp - isRunning - isLoopback - isBroadcast - isMulticast type: object link: description: A link to another resource properties: comment: type: string href: format: uri type: string method: type: string required: - href type: object links: additionalProperties: $ref: '#/definitions/link' description: A map of named links type: object x-omitempty: false listApiSessionsEnvelope: properties: data: $ref: '#/definitions/apiSessionList' meta: $ref: '#/definitions/meta' required: - meta - data listAuthPoliciesEnvelope: properties: data: $ref: '#/definitions/authPolicyList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listAuthenticatorsEnvelope: properties: data: $ref: '#/definitions/authenticatorList' meta: $ref: '#/definitions/meta' type: object listCasEnvelope: properties: data: $ref: '#/definitions/caList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listConfigTypesEnvelope: properties: data: $ref: '#/definitions/configTypeList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listConfigsEnvelope: properties: data: $ref: '#/definitions/configList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listControllerSettingEnvelope: properties: data: $ref: '#/definitions/controllerSettingsList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listControllersEnvelope: properties: data: $ref: '#/definitions/controllersList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listEdgeRouterPoliciesEnvelope: properties: data: $ref: '#/definitions/edgeRouterPolicyList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listEdgeRoutersEnvelope: properties: data: $ref: '#/definitions/edgeRouterList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listEnrollmentsEnvelope: properties: data: $ref: '#/definitions/enrollmentList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listEnumeratedCapabilitiesEnvelope: properties: data: items: $ref: '#/definitions/capabilities' type: array meta: $ref: '#/definitions/meta' required: - meta - data type: object listExternalJwtSignersEnvelope: properties: data: $ref: '#/definitions/externalJwtSignerList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listIdentitiesEnvelope: properties: data: $ref: '#/definitions/identityList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listIdentityTypesEnvelope: properties: data: $ref: '#/definitions/identityTypeList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listNetworkJWTsEnvelope: properties: data: $ref: '#/definitions/networkJWTList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listPostureCheckEnvelope: properties: data: items: $ref: '#/definitions/postureCheckDetail' type: array meta: $ref: '#/definitions/meta' required: - meta - data type: object listPostureCheckTypesEnvelope: properties: data: $ref: '#/definitions/postureCheckTypeList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listRoleAttributesEnvelope: properties: data: $ref: '#/definitions/roleAttributesList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listRoutersEnvelope: properties: data: $ref: '#/definitions/routerList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listServiceConfigsEnvelope: properties: data: $ref: '#/definitions/serviceConfigList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listServiceEdgeRouterPoliciesEnvelope: properties: data: $ref: '#/definitions/serviceEdgeRouterPolicyList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listServicePoliciesEnvelope: properties: data: $ref: '#/definitions/servicePolicyList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listServicesEnvelope: properties: data: $ref: '#/definitions/serviceList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listSessionsManagementEnvelope: properties: data: $ref: '#/definitions/sessionManagementList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listSpecsEnvelope: properties: data: $ref: '#/definitions/specList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listSummaryCounts: additionalProperties: type: integer type: object listSummaryCountsEnvelope: properties: data: $ref: '#/definitions/listSummaryCounts' meta: $ref: '#/definitions/meta' required: - meta - data type: object listTerminatorsEnvelope: properties: data: $ref: '#/definitions/terminatorList' meta: $ref: '#/definitions/meta' required: - meta - data type: object listVersionEnvelope: properties: data: $ref: '#/definitions/version' meta: $ref: '#/definitions/meta' required: - meta - data type: object meta: properties: apiEnrollmentVersion: type: string apiVersion: type: string filterableFields: items: type: string type: array x-omitempty: true pagination: $ref: '#/definitions/pagination' type: object mfaCode: properties: code: type: string required: - code type: object mfaFormats: enum: - numeric - alpha - alphaNumeric type: string mfaProviders: enum: - ziti - url type: string namedRole: properties: name: type: string role: type: string type: object namedRoles: items: $ref: '#/definitions/namedRole' type: array x-omitempty: false networkJWT: allOf: - properties: name: type: string token: type: string required: - name - token type: object description: A network JWT type: object networkJWTList: description: An array of network JWTs items: $ref: '#/definitions/networkJWT' type: array operatingSystem: properties: type: $ref: '#/definitions/osType' versions: items: type: string type: array required: - type - versions type: object osType: enum: - Windows - WindowsServer - Android - iOS - Linux - macOS type: string pagination: properties: limit: format: int64 type: number offset: format: int64 type: number totalCount: format: int64 type: number required: - limit - offset - totalCount type: object password: maxLength: !!float 100 minLength: !!float 5 type: string passwordNullable: maxLength: !!float 100 minLength: !!float 5 type: string x-nullable: true permissions: description: A set of strings used to define which types of resources this resource can acccess items: enum: - admin_readonly - auth-policy - auth-policy.read - auth-policy.create - auth-policy.update - auth-policy.delete - ca - ca.read - ca.create - ca.update - ca.delete - config - config.read - config.create - config.update - config.delete - config-type - config-type.read - config-type.create - config-type.update - config-type.delete - edge-router-policy - edge-router-policy.read - edge-router-policy.create - edge-router-policy.update - edge-router-policy.delete - enrollment - enrollment.read - enrollment.create - enrollment.update - enrollment.delete - external-jwt-signer - external-jwt-signer.read - external-jwt-signer.create - external-jwt-signer.update - external-jwt-signer.delete - identity - identity.read - identity.create - identity.update - identity.delete - ops - ops.read - ops.update - ops.delete - posture-check - posture-check.read - posture-check.create - posture-check.update - posture-check.delete - router - router.read - router.create - router.update - router.delete - service - service.read - service.create - service.update - service.delete - service-edge-router-policy - service-edge-router-policy.read - service-edge-router-policy.create - service-edge-router-policy.update - service-edge-router-policy.delete - service-policy - service-policy.read - service-policy.create - service-policy.update - service-policy.delete - terminator - terminator.read - terminator.create - terminator.update - terminator.delete type: string type: array x-nullable: true x-omitempty: true policyAdvice: properties: commonRouters: items: $ref: '#/definitions/routerEntityRef' type: array identity: $ref: '#/definitions/entityRef' identityId: type: string identityRouterCount: format: int32 type: number isBindAllowed: type: boolean isDialAllowed: type: boolean service: $ref: '#/definitions/entityRef' serviceId: type: string serviceRouterCount: format: int32 type: number type: object policyFailure: properties: checks: items: $ref: '#/definitions/postureCheckFailure' type: array policyId: type: string policyName: type: string type: object postureCheckCreate: discriminator: typeId properties: name: type: string roleAttributes: $ref: '#/definitions/attributes' tags: $ref: '#/definitions/tags' typeId: $ref: '#/definitions/postureCheckType' required: - name - typeId type: object postureCheckDetail: discriminator: typeId properties: _links: $ref: '#/definitions/links' createdAt: format: date-time type: string id: type: string name: type: string roleAttributes: $ref: '#/definitions/attributes' tags: $ref: '#/definitions/tags' typeId: type: string updatedAt: format: date-time type: string version: type: integer required: - name - typeId - version - roleAttributes - id - createdAt - updatedAt - _links - tags type: object postureCheckDomainCreate: allOf: - $ref: '#/definitions/postureCheckCreate' - properties: domains: items: type: string minItems: !!float 1 type: array required: - domains type: object x-class: DOMAIN postureCheckDomainDetail: allOf: - $ref: '#/definitions/postureCheckDetail' - properties: domains: items: type: string minItems: !!float 1 type: array required: - domains type: object x-class: DOMAIN postureCheckDomainPatch: allOf: - $ref: '#/definitions/postureCheckPatch' - properties: domains: items: type: string minItems: !!float 1 type: array type: object x-class: DOMAIN postureCheckDomainUpdate: allOf: - $ref: '#/definitions/postureCheckUpdate' - properties: domains: items: type: string minItems: !!float 1 type: array required: - domains type: object x-class: DOMAIN postureCheckFailure: discriminator: postureCheckType properties: postureCheckId: type: string postureCheckName: type: string postureCheckType: type: string required: - postureCheckId - postureCheckName - postureCheckType type: object postureCheckFailureDomain: allOf: - $ref: '#/definitions/postureCheckFailure' - properties: actualValue: type: string expectedValue: items: type: string type: array required: - actualValue - expectedValue type: object x-class: DOMAIN postureCheckFailureMacAddress: allOf: - $ref: '#/definitions/postureCheckFailure' - properties: actualValue: items: type: string type: array expectedValue: items: type: string type: array required: - actualValue - expectedValue type: object x-class: MAC postureCheckFailureMfa: allOf: - $ref: '#/definitions/postureCheckFailure' - properties: actualValue: $ref: '#/definitions/postureChecksFailureMfaValues' criteria: $ref: '#/definitions/postureChecksFailureMfaCriteria' expectedValue: $ref: '#/definitions/postureChecksFailureMfaValues' required: - actualValue - expectedValue - criteria type: object x-class: MFA postureCheckFailureOperatingSystem: allOf: - $ref: '#/definitions/postureCheckFailure' - properties: actualValue: $ref: '#/definitions/postureCheckFailureOperatingSystemActual' expectedValue: items: $ref: '#/definitions/operatingSystem' minItems: !!float 1 type: array required: - actualValue - expectedValue type: object x-class: OS postureCheckFailureOperatingSystemActual: properties: type: type: string version: type: string required: - type - version type: object postureCheckFailureProcess: allOf: - $ref: '#/definitions/postureCheckFailure' - properties: actualValue: $ref: '#/definitions/postureCheckFailureProcessActual' expectedValue: $ref: '#/definitions/process' required: - actualValue - expectedValue type: object x-class: PROCESS postureCheckFailureProcessActual: properties: hash: type: string isRunning: type: boolean osType: $ref: '#/definitions/osType' path: type: string signerFingerprints: items: type: string type: array required: - isRunning - hash - signerFingerprints type: object postureCheckFailureProcessMulti: allOf: - $ref: '#/definitions/postureCheckFailure' - properties: actualValue: items: $ref: '#/definitions/postureCheckFailureProcessActual' type: array expectedValue: items: $ref: '#/definitions/processMulti' type: array semantic: $ref: '#/definitions/semantic' required: - actualValue - expectedValue - semantic type: object x-class: PROCESS_MULTI postureCheckMacAddressCreate: allOf: - $ref: '#/definitions/postureCheckCreate' - properties: macAddresses: items: type: string minItems: !!float 1 type: array required: - macAddresses type: object x-class: MAC postureCheckMacAddressDetail: allOf: - $ref: '#/definitions/postureCheckDetail' - properties: macAddresses: items: type: string minItems: !!float 1 type: array required: - macAddresses type: object x-class: MAC postureCheckMacAddressPatch: allOf: - $ref: '#/definitions/postureCheckPatch' - properties: macAddresses: items: type: string minItems: !!float 1 type: array type: object x-class: MAC postureCheckMacAddressUpdate: allOf: - $ref: '#/definitions/postureCheckUpdate' - properties: macAddresses: items: type: string minItems: !!float 1 type: array required: - macAddresses type: object x-class: MAC postureCheckMfaCreate: allOf: - $ref: '#/definitions/postureCheckCreate' - $ref: '#/definitions/postureCheckMfaProperties' x-class: MFA postureCheckMfaDetail: allOf: - $ref: '#/definitions/postureCheckDetail' - $ref: '#/definitions/postureCheckMfaProperties' x-class: MFA postureCheckMfaPatch: allOf: - $ref: '#/definitions/postureCheckPatch' - $ref: '#/definitions/postureCheckMfaPropertiesPatch' x-class: MFA postureCheckMfaProperties: properties: ignoreLegacyEndpoints: type: boolean promptOnUnlock: type: boolean promptOnWake: type: boolean timeoutSeconds: type: integer type: object postureCheckMfaPropertiesPatch: properties: ignoreLegacyEndpoints: type: boolean x-nullable: true promptOnUnlock: type: boolean x-nullable: true promptOnWake: type: boolean x-nullable: true timeoutSeconds: type: integer x-nullable: true type: object postureCheckMfaUpdate: allOf: - $ref: '#/definitions/postureCheckUpdate' - $ref: '#/definitions/postureCheckMfaProperties' x-class: MFA postureCheckOperatingSystemCreate: allOf: - $ref: '#/definitions/postureCheckCreate' - properties: operatingSystems: items: $ref: '#/definitions/operatingSystem' minItems: !!float 1 type: array required: - operatingSystems type: object x-class: OS postureCheckOperatingSystemDetail: allOf: - $ref: '#/definitions/postureCheckDetail' - properties: operatingSystems: items: $ref: '#/definitions/operatingSystem' type: array required: - operatingSystems type: object x-class: OS postureCheckOperatingSystemPatch: allOf: - $ref: '#/definitions/postureCheckPatch' - properties: operatingSystems: items: $ref: '#/definitions/operatingSystem' minItems: !!float 1 type: array type: object x-class: OS postureCheckOperatingSystemUpdate: allOf: - $ref: '#/definitions/postureCheckUpdate' - properties: operatingSystems: items: $ref: '#/definitions/operatingSystem' minItems: !!float 1 type: array required: - operatingSystems type: object x-class: OS postureCheckPatch: discriminator: typeId properties: name: type: string roleAttributes: $ref: '#/definitions/attributes' tags: $ref: '#/definitions/tags' typeId: $ref: '#/definitions/postureCheckType' required: - typeId type: object postureCheckProcessCreate: allOf: - $ref: '#/definitions/postureCheckCreate' - properties: process: $ref: '#/definitions/process' required: - process type: object x-class: PROCESS postureCheckProcessDetail: allOf: - $ref: '#/definitions/postureCheckDetail' - properties: process: $ref: '#/definitions/process' required: - process type: object x-class: PROCESS postureCheckProcessMultiCreate: allOf: - $ref: '#/definitions/postureCheckCreate' - properties: processes: items: $ref: '#/definitions/processMulti' minItems: !!float 1 type: array semantic: $ref: '#/definitions/semantic' required: - semantic - processes type: object x-class: PROCESS_MULTI postureCheckProcessMultiDetail: allOf: - $ref: '#/definitions/postureCheckDetail' - properties: processes: items: $ref: '#/definitions/processMulti' minItems: !!float 1 type: array semantic: $ref: '#/definitions/semantic' required: - semantic - processes type: object x-class: PROCESS_MULTI postureCheckProcessMultiPatch: allOf: - $ref: '#/definitions/postureCheckPatch' - properties: processes: items: $ref: '#/definitions/processMulti' minItems: !!float 1 type: array semantic: $ref: '#/definitions/semantic' type: object x-class: PROCESS_MULTI postureCheckProcessMultiUpdate: allOf: - $ref: '#/definitions/postureCheckUpdate' - properties: processes: items: $ref: '#/definitions/processMulti' minItems: !!float 1 type: array semantic: $ref: '#/definitions/semantic' required: - semantic - processes type: object x-class: PROCESS_MULTI postureCheckProcessPatch: allOf: - $ref: '#/definitions/postureCheckPatch' - properties: process: $ref: '#/definitions/process' type: object x-class: PROCESS postureCheckProcessUpdate: allOf: - $ref: '#/definitions/postureCheckUpdate' - properties: process: $ref: '#/definitions/process' required: - process type: object x-class: PROCESS postureCheckType: enum: - OS - PROCESS - DOMAIN - MAC - MFA - PROCESS_MULTI type: string postureCheckTypeDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: name: type: string operatingSystems: items: $ref: '#/definitions/operatingSystem' type: array version: type: string required: - name - operatingSystems - version type: object postureCheckTypeList: items: $ref: '#/definitions/postureCheckTypeDetail' type: array postureCheckUpdate: discriminator: typeId properties: name: type: string roleAttributes: $ref: '#/definitions/attributes' tags: $ref: '#/definitions/tags' typeId: $ref: '#/definitions/postureCheckType' required: - name type: object postureChecksFailureMfaCriteria: properties: passedMfaAt: format: date-time type: string timeoutRemainingSeconds: type: integer timeoutSeconds: type: integer unlockedAt: format: date-time type: string wokenAt: format: date-time type: string required: - passedMfaAt - wokenAt - unlockedAt - timeoutSeconds - timeoutRemainingSeconds type: object postureChecksFailureMfaValues: properties: passedMfa: type: boolean x-omitempty: false passedOnUnlock: type: boolean x-omitempty: false passedOnWake: type: boolean x-omitempty: false timedOut: type: boolean x-omitempty: false type: object postureData: properties: apiSessionPostureData: additionalProperties: $ref: '#/definitions/apiSessionPostureData' type: object domain: $ref: '#/definitions/postureDataDomain' mac: $ref: '#/definitions/postureDataMac' os: $ref: '#/definitions/postureDataOs' processes: items: $ref: '#/definitions/postureDataProcess' type: array required: - mac - domain - os - processes - apiSessionPostureData type: object postureDataBase: properties: lastUpdatedAt: format: date-time type: string postureCheckId: type: string timedOut: type: boolean required: - postureCheckId - timedOut - lastUpdatedAt type: object postureDataDomain: allOf: - $ref: '#/definitions/postureDataBase' - properties: domain: type: string required: - domain type: object type: object postureDataEndpointState: properties: unlockedAt: format: date-time type: string wokenAt: format: date-time type: string required: - wokenAt - unlockedAt type: object postureDataEnvelope: properties: data: $ref: '#/definitions/postureData' meta: $ref: '#/definitions/meta' required: - meta - data type: object postureDataMac: allOf: - $ref: '#/definitions/postureDataBase' - properties: addresses: items: type: string type: array required: - addresses type: object type: object postureDataMfa: properties: apiSessionId: type: string passedAt: format: date-time type: string x-omitempty: false passedMfa: type: boolean x-omitempty: false passedOnUnlock: type: boolean x-omitempty: false passedOnWake: type: boolean x-omitempty: false required: - apiSessionId - passedMfa - passedOnWake - passedOnUnlock - passedAt type: object postureDataOs: allOf: - $ref: '#/definitions/postureDataBase' - properties: build: type: string type: type: string version: type: string required: - type - version - build type: object type: object postureDataProcess: allOf: - $ref: '#/definitions/postureDataBase' - properties: binaryHash: type: string isRunning: type: boolean signerFingerprints: items: type: string type: array type: object type: object postureQueries: properties: isPassing: type: boolean policyId: type: string policyType: $ref: '#/definitions/dialBind' postureQueries: items: $ref: '#/definitions/postureQuery' type: array required: - policyId - isPassing - postureQueries type: object postureQuery: allOf: - $ref: '#/definitions/baseEntity' - properties: isPassing: type: boolean process: $ref: '#/definitions/postureQueryProcess' processes: items: $ref: '#/definitions/postureQueryProcess' type: array promptGracePeriodSeconds: type: integer promptOnUnlock: type: boolean promptOnWake: type: boolean queryType: $ref: '#/definitions/postureCheckType' timeout: type: integer timeoutAt: format: date-time type: string x-nullable: true timeoutRemaining: type: integer required: - queryType - isPassing - timeout - timeoutRemaining type: object type: object postureQueryProcess: properties: osType: $ref: '#/definitions/osType' path: type: string type: object process: properties: hashes: items: type: string type: array osType: $ref: '#/definitions/osType' path: type: string signerFingerprint: type: string required: - osType - path type: object processMulti: properties: hashes: items: type: string type: array osType: $ref: '#/definitions/osType' path: type: string signerFingerprints: items: type: string type: array required: - osType - path type: object reEnroll: properties: expiresAt: format: date-time type: string required: - expiresAt type: object requestExtendAuthenticator: properties: rollKeys: type: boolean type: object roleAttributesList: description: An array of role attributes items: type: string type: array roles: items: type: string type: array x-omitempty: false routerCreate: properties: cost: maximum: !!float 65535 minimum: !!float 0 type: integer x-nullable: true ctrlChanListeners: additionalProperties: items: type: string type: array type: object x-nullable: true x-omitempty: false disabled: type: boolean x-nullable: true name: type: string noTraversal: type: boolean x-nullable: true tags: $ref: '#/definitions/tags' required: - name type: object routerDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: cost: maximum: !!float 65535 minimum: !!float 0 type: integer ctrlChanListeners: additionalProperties: items: type: string type: array type: object disabled: type: boolean enrollmentCreatedAt: format: date-time type: string x-nullable: true enrollmentExpiresAt: format: date-time type: string x-nullable: true enrollmentJwt: type: string x-nullable: true enrollmentToken: type: string x-nullable: true fingerprint: type: string interfaces: items: $ref: '#/definitions/interface' type: array isOnline: type: boolean isVerified: type: boolean name: type: string noTraversal: type: boolean unverifiedCertPem: type: string x-nullable: true x-omitempty: false unverifiedFingerprint: type: string x-nullable: true x-omitempty: false required: - name - isVerified - isOnline - fingerprint - cost - noTraversal - disabled type: object type: object routerEntityRef: allOf: - $ref: '#/definitions/entityRef' - properties: isOnline: type: boolean required: - isOnline type: object type: object routerList: items: $ref: '#/definitions/routerDetail' type: array routerPatch: properties: cost: maximum: !!float 65535 minimum: !!float 0 type: integer x-nullable: true ctrlChanListeners: additionalProperties: items: type: string type: array type: object x-nullable: true x-omitempty: false disabled: type: boolean x-nullable: true name: type: string noTraversal: type: boolean x-nullable: true tags: $ref: '#/definitions/tags' type: object routerUpdate: properties: cost: maximum: !!float 65535 minimum: !!float 0 type: integer x-nullable: true ctrlChanListeners: additionalProperties: items: type: string type: array type: object x-nullable: true x-omitempty: false disabled: type: boolean x-nullable: true name: type: string noTraversal: type: boolean x-nullable: true tags: $ref: '#/definitions/tags' required: - name type: object sdkInfo: description: SDK information an authenticating client may provide properties: appId: maxLength: !!float 255 type: string appVersion: maxLength: !!float 255 type: string branch: maxLength: !!float 255 type: string revision: maxLength: !!float 255 type: string type: maxLength: !!float 255 type: string version: maxLength: !!float 255 type: string type: object semantic: enum: - AllOf - AnyOf type: string serviceConfigAssign: properties: configId: type: string serviceId: type: string required: - serviceId - configId type: object serviceConfigDetail: example: config: _links: self: href: ./identities/13347602-ba34-4ff7-8082-e533ba945744 id: 13347602-ba34-4ff7-8082-e533ba945744 name: test-config-02fade09-fcc3-426c-854e-18539726bdc6 urlName: configs service: _links: self: href: ./services/913a8c63-17a6-44d7-82b3-9f6eb997cf8e id: 913a8c63-17a6-44d7-82b3-9f6eb997cf8e name: netcat4545-egress-r2 urlName: services properties: config: $ref: '#/definitions/entityRef' configId: type: string service: $ref: '#/definitions/entityRef' serviceId: type: string required: - serviceId - service - configId - config type: object serviceConfigList: items: $ref: '#/definitions/serviceConfigDetail' type: array serviceConfigsAssignList: items: $ref: '#/definitions/serviceConfigAssign' type: array serviceCreate: properties: configs: items: type: string type: array encryptionRequired: description: Describes whether connections must support end-to-end encryption on both sides of the connection. type: boolean maxIdleTimeMillis: type: integer name: type: string roleAttributes: items: type: string type: array tags: $ref: '#/definitions/tags' terminatorStrategy: type: string required: - name - encryptionRequired type: object serviceDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: config: additionalProperties: additionalProperties: type: object type: object description: map of config data for this service keyed by the config type name. Only configs of the types requested will be returned. type: object configs: items: type: string type: array encryptionRequired: description: Describes whether connections must support end-to-end encryption on both sides of the connection. Read-only property, set at create. type: boolean maxIdleTimeMillis: type: integer name: type: string permissions: $ref: '#/definitions/dialBindArray' postureQueries: items: $ref: '#/definitions/postureQueries' type: array roleAttributes: $ref: '#/definitions/attributes' terminatorStrategy: type: string required: - name - maxIdleTimeMillis - terminatorStrategy - roleAttributes - permissions - configs - config - encryptionRequired - postureQueries type: object type: object serviceEdgeRouterPolicyCreate: properties: edgeRouterRoles: $ref: '#/definitions/roles' name: type: string semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' tags: $ref: '#/definitions/tags' required: - name - semantic type: object serviceEdgeRouterPolicyDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: edgeRouterRoles: $ref: '#/definitions/roles' edgeRouterRolesDisplay: $ref: '#/definitions/namedRoles' name: type: string semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' serviceRolesDisplay: $ref: '#/definitions/namedRoles' required: - name - semantic - edgeRouterRoles - edgeRouterRolesDisplay - serviceRoles - serviceRolesDisplay type: object type: object serviceEdgeRouterPolicyList: items: $ref: '#/definitions/serviceEdgeRouterPolicyDetail' type: array serviceEdgeRouterPolicyPatch: properties: edgeRouterRoles: $ref: '#/definitions/roles' name: type: string semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' tags: $ref: '#/definitions/tags' type: object serviceEdgeRouterPolicyUpdate: properties: edgeRouterRoles: $ref: '#/definitions/roles' name: type: string semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' tags: $ref: '#/definitions/tags' required: - name - semantic type: object serviceList: items: $ref: '#/definitions/serviceDetail' type: array servicePatch: properties: configs: items: type: string type: array encryptionRequired: description: Describes whether connections must support end-to-end encryption on both sides of the connection. Read-only property, set at create. type: boolean maxIdleTimeMillis: type: integer name: type: string roleAttributes: items: type: string type: array tags: $ref: '#/definitions/tags' terminatorStrategy: type: string type: object servicePolicyCreate: properties: identityRoles: $ref: '#/definitions/roles' name: type: string postureCheckRoles: $ref: '#/definitions/roles' semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' tags: $ref: '#/definitions/tags' type: $ref: '#/definitions/dialBind' required: - name - type - semantic type: object servicePolicyDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: identityRoles: $ref: '#/definitions/roles' identityRolesDisplay: $ref: '#/definitions/namedRoles' name: type: string postureCheckRoles: $ref: '#/definitions/roles' postureCheckRolesDisplay: $ref: '#/definitions/namedRoles' semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' serviceRolesDisplay: $ref: '#/definitions/namedRoles' type: $ref: '#/definitions/dialBind' required: - name - type - semantic - serviceRoles - serviceRolesDisplay - identityRoles - identityRolesDisplay - postureCheckRoles - postureCheckRolesDisplay type: object type: object servicePolicyList: items: $ref: '#/definitions/servicePolicyDetail' type: array servicePolicyPatch: properties: identityRoles: $ref: '#/definitions/roles' name: type: string postureCheckRoles: $ref: '#/definitions/roles' semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' tags: $ref: '#/definitions/tags' type: $ref: '#/definitions/dialBind' type: object servicePolicyUpdate: properties: identityRoles: $ref: '#/definitions/roles' name: type: string postureCheckRoles: $ref: '#/definitions/roles' semantic: $ref: '#/definitions/semantic' serviceRoles: $ref: '#/definitions/roles' tags: $ref: '#/definitions/tags' type: $ref: '#/definitions/dialBind' required: - name - type - semantic type: object serviceUpdate: properties: configs: items: type: string type: array encryptionRequired: description: Describes whether connections must support end-to-end encryption on both sides of the connection. Read-only property, set at create. type: boolean maxIdleTimeMillis: type: integer name: type: string roleAttributes: items: type: string type: array tags: $ref: '#/definitions/tags' terminatorStrategy: type: string required: - name type: object sessionDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: apiSession: $ref: '#/definitions/entityRef' apiSessionId: type: string edgeRouters: items: $ref: '#/definitions/sessionEdgeRouter' type: array identityId: type: string service: $ref: '#/definitions/entityRef' serviceId: type: string token: type: string type: $ref: '#/definitions/dialBind' required: - type - apiSessionId - apiSession - serviceId - service - token - edgeRouters - identityId type: object type: object sessionEdgeRouter: allOf: - $ref: '#/definitions/commonEdgeRouterProperties' - properties: urls: additionalProperties: type: string type: object required: - urls type: object sessionManagementDetail: allOf: - $ref: '#/definitions/sessionDetail' - properties: servicePolicies: items: $ref: '#/definitions/entityRef' type: array type: object sessionManagementList: items: $ref: '#/definitions/sessionManagementDetail' type: array sessionRoutePathDetail: properties: routePath: items: type: string type: array type: object specBodyDetail: type: string specDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: name: type: string required: - name type: object type: object specList: items: $ref: '#/definitions/specDetail' type: array subTags: additionalProperties: type: object type: object tags: allOf: - $ref: '#/definitions/subTags' description: 'A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean' x-nullable: true targetToken: description: Defines the target token type enum: - ACCESS - ID type: string x-nullable: true terminatorCost: maximum: !!float 65535 minimum: !!float 0 type: integer terminatorCostMap: additionalProperties: $ref: '#/definitions/terminatorCost' type: object terminatorCreate: properties: address: type: string binding: type: string cost: $ref: '#/definitions/terminatorCost' identity: type: string identitySecret: format: byte type: string precedence: $ref: '#/definitions/terminatorPrecedence' router: type: string service: type: string tags: $ref: '#/definitions/tags' required: - service - router - address - binding type: object terminatorDetail: allOf: - $ref: '#/definitions/baseEntity' - properties: address: type: string binding: type: string cost: $ref: '#/definitions/terminatorCost' dynamicCost: $ref: '#/definitions/terminatorCost' identity: type: string precedence: $ref: '#/definitions/terminatorPrecedence' router: $ref: '#/definitions/entityRef' routerId: type: string service: $ref: '#/definitions/entityRef' serviceId: type: string required: - serviceId - service - routerId - router - binding - address - identity - cost - precedence - dynamicCost type: object type: object terminatorList: items: $ref: '#/definitions/terminatorDetail' type: array terminatorPatch: properties: address: type: string binding: type: string cost: $ref: '#/definitions/terminatorCost' precedence: $ref: '#/definitions/terminatorPrecedence' router: type: string service: type: string tags: $ref: '#/definitions/tags' type: object terminatorPrecedence: enum: - default - required - failed type: string terminatorPrecedenceMap: additionalProperties: $ref: '#/definitions/terminatorPrecedence' type: object terminatorUpdate: properties: address: type: string binding: type: string cost: $ref: '#/definitions/terminatorCost' precedence: $ref: '#/definitions/terminatorPrecedence' router: type: string service: type: string tags: $ref: '#/definitions/tags' required: - service - router - address - binding type: object totpToken: properties: issuedAt: format: date-time type: string token: type: string required: - token - issuedAt type: object totpTokenEnvelope: properties: data: $ref: '#/definitions/totpToken' meta: $ref: '#/definitions/meta' required: - meta - data type: object traceDetail: properties: enabled: type: boolean traceId: type: string until: format: date-time type: string type: object traceDetailEnvelope: properties: data: $ref: '#/definitions/traceDetail' meta: $ref: '#/definitions/meta' required: - meta - data type: object traceSpec: properties: channels: items: type: string type: array duration: type: string enabled: type: boolean traceId: type: string type: object username: maxLength: !!float 100 minLength: !!float 4 type: string usernameNullable: maxLength: !!float 100 minLength: !!float 4 type: string x-nullable: true version: properties: apiVersions: additionalProperties: additionalProperties: $ref: '#/definitions/apiVersion' type: object type: object buildDate: example: "2020-02-11 16:09:08" type: string capabilities: items: type: string type: array revision: example: ea556fc18740 type: string runtimeVersion: example: go1.13.5 type: string version: example: v0.9.0 type: string type: object versionInfo: properties: arch: type: string buildDate: type: string os: type: string revision: type: string version: type: string required: - os - version - arch - buildDate - revision type: object securityDefinitions: oauth2: authorizationUrl: /oidc/authorize flow: accessCode scopes: openid: openid tokenUrl: /oidc/token type: oauth2 ztSession: description: An API Key that is provided post authentication in: header name: zt-session type: apiKey