{
"openapi": "3.0.0",
"info": {
"title": "AuthZ Service",
"version": "1.09.02.02",
"license": {}
},
"paths": {
"/sd": {
"get": {
"summary": "Get all service directories.",
"description": "Get all service directories.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns all service directories.\n",
"tags": [
"Service Directory"
],
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/GetServiceComponentsResponse"
}
}
}
}
}
}
},
"/roles/name/{name}/permissions": {
"patch": {
"summary": "Update the permissions for the specified role name.",
"description": "Update the permissions for the specified role name.
\nIf array length of set_list is greater than zero, then values in add_list and remove_list will be ignored.
\nIf array length of add_list and array length of remove_list are both greater than zero, then add_list will be first added followed by remove_list.
\n- Only a **system** and **service** key can be used to update the permissions.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n| **Request Body** |\n|----------------------------------------------|\n\n### add_list (optional)\nlist of permissions to add to role
\n\n### remove_list (optional)\nlist of permissions to remove from role
\n\n### set_list (optional)\nlist of permissions to reset to role, i.e. existing permission will be replaced with the provided list
\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the list of successfully updated roles.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Role"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"in": "path",
"name": "name",
"description": "name of Role",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxxxxxxxxxxxx"
}
}
],
"requestBody": {
"description": "Permission to create.\n\n```\n{\n \"add_list\": \"array optional, list of permissions to add\",\n \"remove_list\": \"array optional, list of permissions to add\",\n \"set_list\": \"array optional, list of permissions to add\",\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RolePatchByIdRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nUpdated role:\n\n```\n[{\n \"id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"name\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"description\": \"xxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"permissions\": \"[xxxxx, xxxxx]\",\n \"tenantId\": \"xxxxxxx\",\n \"communityId\": \"xxxxxxxxxxxxxxxxxxxx\"\n}]\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RolePatchByNameResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
}
},
"/roles/fetch": {
"post": {
"summary": "Fetch Roles using tenant Id or community Id",
"description": "Fetch Roles using tenant Id or community Id
\nRoles will be searched based on either the tenantId or communityId
\n- Only a **system** and **service** key can be used to fetch roles.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the matching roles.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Role"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "The tenant Id or community Id.
\nOnly one of these two values will be used.
\n\n```\n{\n \"tenantId\": \"string optional, tenant's id\",\n \"communityId\": \"string optional, community's id\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RoleFetchByTenantOrCommunityRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nFetched role:\n\n```\n[{\n \"id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"name\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"description\": \"xxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"permissions\": \"[xxxxx, xxxxx]\",\n \"tenantId\": \"xxxxxxx\",\n \"communityId\": \"xxxxxxxxxxxxxxxxxxxx\"\n}]\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RoleFetchByTenantOrCommunityResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
}
},
"/role/": {
"put": {
"summary": "Create role.",
"description": "Create role.
\n- Only a **system** and **service** key can be used to create role.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n### name (required)\nname of role
\n\n### description (optional)\nDescription of role\n\n### createdBy (required)\nUser's uid who is creating permission, when a system-level key is used createdBy is optional otherwise it is required.\n\n### permissions (optional)\nArray of Permission.id, an empty array is acceptable\n\n### tenantId (required)\nTenant's id on which this role is applicable\n\n### communityId (required)\nCommunity's id on which this role is applicable\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the created role.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Role"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "Role to create.\n\n```\n{\n \"name\": \"string required, name of role\",\n \"description\": \"string optional - description\",\n \"createdBy\": \"string conditional, IFF system-level key used - createdBy is optional else required\",\n \"permissions\": \"array optional - list of permission ids\",\n \"tenantId\": \"string required - tenant id\",\n \"communityId\": \"string required - community id\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RoleCreateRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nCreated role:\n\n```\n{\n \"id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"name\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"description\": \"xxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"permissions\": \"[xxxxx, xxxxx]\",\n \"tenantId\": \"xxxxxxx\",\n \"communityId\": \"xxxxxxxxxxxxxxxxxxxx\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RoleCreateResponse"
}
}
}
},
"400": {
"description": "Error while creating role"
},
"401": {
"description": "Unauthorized"
},
"409": {
"description": "Conflict\n\nRole is already exists.\n"
},
"500": {
"description": "createdBy is required."
}
}
}
},
"/role/{id}/permissions": {
"patch": {
"summary": "Update the permissions for the specified role id.",
"description": "Update the permissions for the specified role id..
\nIf array length of set_list is greater than zero, then values in add_list and remove_list will be ignored.
\nIf array length of add_list and array length of remove_list are both greater than zero, then add_list will be first added followed by remove_list.
\n- Only a **system** and **service** key can be used to update the permissions.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n### add_list (optional)\nlist of permissions to add to role
\n\n### remove_list (optional)\nlist of permissions to remove from role
\n\n### set_list (optional)\nlist of permissions to reset to role, i.e. existing permission will be replaced with the provided list
\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the created role.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Role"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"in": "path",
"name": "id",
"description": "id of Role",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxxxxxxxxxxxx"
}
}
],
"requestBody": {
"description": "Permission to create.\n\n```\n{\n \"add_list\": \"array optional, list of permissions to add\",\n \"remove_list\": \"array optional, list of permissions to remove\",\n \"set_list\": \"array optional, list of permissions to reset to\",\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RolePatchByIdRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nUpdated role:\n\n```\n{\n \"id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"name\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"description\": \"xxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"permissions\": \"[xxxxx, xxxxx]\",\n \"tenantId\": \"xxxxxxx\",\n \"communityId\": \"xxxxxxxxxxxxxxxxxxxx\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RolePatchByIdResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
}
},
"/role/{id}": {
"get": {
"summary": "Fetch the specified role id.",
"description": "Fetch for the specified role id..
\n- Only a **system** and **service** key can be used to fetch role by id.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the fetched role.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Role"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"in": "path",
"name": "id",
"description": "id of Role",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxxxxxxxxxxxx"
}
}
],
"responses": {
"200": {
"description": "Success\n\nFetched role:\n\n```\n{\n \"id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"name\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"description\": \"xxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"permissions\": \"[xxxxx, xxxxx]\",\n \"tenantId\": \"xxxxxxx\",\n \"communityId\": \"xxxxxxxxxxxxxxxxxxxx\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/RoleFetchedByIdResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
},
"delete": {
"summary": "Delete the role with the specified role id.",
"description": "Delete the role with the specified role id..
\n- Only a **system** and **service** key can be used to delete role.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n",
"tags": [
"Role"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"in": "path",
"name": "id",
"description": "id of Role",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxxxxxxxxxxxx"
}
}
],
"responses": {
"204": {
"description": "Success\n"
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
}
},
"/publickeys": {
"get": {
"summary": "Get system's public key.",
"description": "Get system's public key.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a public key object\n",
"tags": [
"Public Key"
],
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PublicKeyResponse"
}
}
}
},
"401": {
"description": "Invalid ECDSA signature / ID found."
}
}
}
},
"/permission/create": {
"put": {
"summary": "Create permission.",
"description": "Create permission.
\n- Only a **system** and **service** key can be used to create permission.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n### objectId (required)\nID of object.
\n\n### objectType (required)\nType of object, user or group.\n\n### subjectId (required)\nID of subject.\n\n### subjectType (required)\nType of subject, tenant or community.\n\n### permission (required)\nType of permission, tenant-admin, community-admin or authorized.\n\n### createdBy (conditional)\nUser's uid who is creating permission, when a system-level key is used createdBy is optional otherwise it is required.\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the created permission.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Permission (Deprecated)"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "Permission to create.\n\n```\n{\n \"objectId\": \"string required, id of object\",\n \"objectType\": \"string required - user or group\",\n \"subjectId\": \"string required, id of subject\",\n \"subjectType\": \"string required - tenant or community\",\n \"permission\": \"string required - tenant-admin or community-admin or authorized\",\n \"createdBy\": \"string conditional, IFF system-level key used - createdBy is optional else required\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PermissionCreateRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nCreated permission:\n\n```\n{\n \"_id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectType\": \"xxxx\",\n \"subjectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"subjectType\": \"xxxxx\",\n \"permission\": \"xxxxxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PermissionCreateResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"409": {
"description": "Conflict\n\nPermission is already exists.\n"
}
}
}
},
"/permission/fetch": {
"post": {
"summary": "Fetch permissions.",
"description": "Fetch permissions.
\n- Any valid key can be used to fetch permissions.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n### array (required)\nArray of permissions to fetch.
\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the list of permissions.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Permission (Deprecated)"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "Permissions to fetch.\n\n```\n[\n {\n \"objectId\": \"string required, id of object\",\n \"objectType\": \"string required - user or group\",\n \"subjectId\": \"string required, id of subject or *\",\n \"subjectType\": \"string required - tenant or community or *\"\n }\n]\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PermissionFetchRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nFetched permissions:\n\n```\n[\n {\n \"_id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectType\": \"xxxx\",\n \"subjectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"subjectType\": \"xxxxxx\",\n \"permission\": \"xxxxxxxxxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\"\n }\n]\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PermissionFetchResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/permission/check": {
"post": {
"summary": "Check permissions.",
"description": "Check permissions.
\n- Any valid key can be used to fetch permissions.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n### array (required)\nArray of permissions to check.
\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns permission status.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Permission (Deprecated)"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span'0 seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "Permissions to check.\n\n```\n[\n {\n \"objectId\": \"string required, id of object\",\n \"objectType\": \"string required - user or group\",\n \"subjectId\": \"string required, id of subject or *\",\n \"subjectType\": \"string required - tenant or community or *\",\n \"permission\": \"string required - tenant-admin or community-admin or authorized or *\",\n }\n]\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PermissionCheckRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nPermission status:\n\n```\n{\n status: true\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PermissionCheckResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/permission/find/objects/{permission}/{subjectType}/{subjectId}": {
"get": {
"summary": "Fetch permission objects for a given subject.",
"description": "Fetch permission objects for a given subject.
\n- Any valid key can be used to fetch permissions.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the list of permissions for given subject.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Permission (Deprecated)"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"in": "path",
"name": "permission",
"description": "Permission for subject, tenant-admin or community-admin or authorized.",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxx-xxxxx"
}
},
{
"in": "path",
"name": "subjectType",
"description": "Type of subject, tenant or community.",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxx"
}
},
{
"in": "path",
"name": "subjectId",
"description": "ID of subject.",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxxxxxxxxxxxxxxxxxxxx"
}
},
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"200": {
"description": "Success\n\nPermission objects for subject:\n\n```\n[\n {\n \"_id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectType\": \"xxxx\",\n \"subjectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"subjectType\": \"xxxxxx\",\n \"permission\": \"xxxxxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\"\n }\n]\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PermissionsOfSubjectResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/permission/{permissionId}": {
"delete": {
"summary": "Delete permission.",
"description": "Delete permission.
\n- Only a **system** and **service** key can be used to delete permission.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Parameters** |\n|----------------------------------------------|\n\nNo Parameters\n\n\n| **Returns** |\n|-------------------------------------------|\n\nNo content.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Permission (Deprecated)"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"in": "path",
"name": "permissionId",
"description": "ID of permission",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxxxxxxxxxxxxxxxxxxxx"
}
},
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"204": {
"description": "Success\n\nEmpty response\n"
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
}
},
"/healthz": {
"get": {
"summary": "Get healthz.",
"description": "Get healthz
\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a healthz object\n - ```version = ..```
\n\n - ```git-tag```: When code is compiled from a git-tag, this must carry the tag name. This should match one of the git tags.\n - ```commit-id```: This is the git-commit-id. eg: When code is built from this, the hex code, in the end, is the commit it.\n - ```dob```: Date Of Build. This is epoc-time-in-se\tconds that tell the time when the build was created.\n - \u200bif the code is not built from a git-tag, then the ```version =\ufffc.```\n",
"tags": [
"Healthz"
],
"responses": {
"200": {
"description": "Success\n\n```\n{\n \"status\": \"all services operational\",\n \"publicKey\": \"string\" //same as /publickeys endpoint,\n \"code\": \"200\",\n \"version\": \"\" //as defined above\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HealthzResponse"
}
}
}
}
}
}
},
"/environment": {
"get": {
"description": "Provide details regarding the environments.\n| **Returns** |\n|-------------------------------------------|\n\nReturns an environment object\n",
"tags": [
"Environment"
],
"security": [
{
"license": []
}
],
"responses": {
"200": {
"description": "Success"
}
}
}
},
"/ecdsa_helper/{method}": {
"post": {
"summary": "Encrypt and decrypt the data string by public key and private key.",
"description": "Encrypt and decrypt the data string by public key and private key.\n\n| **Parameters** |\n|----------------------------------------------|\n\n### method (optional)\nThe method parameter is type of enum. Default value is encrypt.
\nThis parameter only accepts following values
\n **encrypt**, **decrypt**\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n\n### dataStr (required)\nThe dataStr key is type of string.\n\n
\n### publicKey (required)\nThe publicKey is type of string.\n\n
\n### privateKey (required)\nThe privateKey is type of string.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the encrypted/decrypted string.
\nThis API throw an error if something goes wrong. A common source of error is public or private key is not valid.\n",
"tags": [
"ECDSA Helper"
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/EcdsaEncryptDecryptRequest"
}
}
}
},
"parameters": [
{
"in": "path",
"name": "method",
"schema": {
"type": "string",
"enum": [
"encrypt",
"decrypt"
],
"default": "encrypt"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/EcdsaEncryptDecryptResponse"
}
}
}
}
}
}
},
"/authorizations": {
"delete": {
"summary": "Delete all authorizations matching filter based on objectType+objectId or subjectType+subjectId",
"description": "Delete all authorizations matching filter based on objectType+objectId or subjectType+subjectId.
\n- Only a **system** and **service** key can be used to delete all authorizations.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n### objectType (required)\ntype of object (valid values user)
\n\n### objectId (required)\nuid of the User who is being given the authorization\n\n### subjectType (required)\ntype of subject (valid values tenant | community )
\n\n### subjectId (required)\ntid | cid of the tenant or community id\n\n| **Returns** |\n|-------------------------------------------|\n\nNone.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "Delete all authorizations matching filter based on objectType+objectId or subjectType+subjectId\n\n```\n{\n \"objectType\": \"string required - object type\",\n \"objectId\": \"string required, uid of the User who is being given the authorization\",\n \"subjectType\": \"string required - type of subject (valid values tenant | community )\",\n \"subjectId\": \"string required - tid | cid of the tenant or community id\",\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AuthorizationsDeleteRequest"
}
}
}
},
"responses": {
"204": {
"description": "None"
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
}
},
"/authorization/": {
"put": {
"summary": "Create authorization.",
"description": "Create authorization.
\n- Only a **system** and **service** key can be used to create authorization.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n### createdBy (optional)\nUser's uid who is creating permission, when a system-level key is used createdBy is optional otherwise it is required.\n\n### objectType (required)\ntype of object (valid values user, licensekey)
\n\n### objectId (required)\nsha512(license) | uid of the User who is being given the authorization\n\n### subjectType (required)\ntype of subject (valid values tenant | community )
\n\n### subjectId (required)\ntid | cid of the tenant or community id\n\n### roleId (required)\nroleId of the role\n\n### eventDetails (optional)\nAdditional details that are needed for the event\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the created authorization.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "Create Authorization\n\n```\n{\n \"createdBy\": \"string conditional, IFF system-level key used - createdBy is optional else required\",\n \"objectType\": \"string required - object type (valid values: user, licensekey)\",\n \"objectId\": \"string required - sha512(license) | uid of the User who is being given the authorization\",\n \"subjectType\": \"string required - type of subject (valid values tenant | community )\",\n \"subjectId\": \"string required - tid | cid of the tenant or community id\",\n \"roleId\": \"string required - roleId of the role\",\n \"eventDetails\": \"object optional - Additional details that are needed for the event\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AuthorizationCreateRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nCreated authorization:\n\n```\n{\n \"id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectType\": \"xxxx\",\n \"objectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"subjectType\": \"[xxxxx, xxxxx]\",\n \"subjectId\": \"xxxxxxx\",\n \"roleId\": \"xxxxxxxxxxxxxxxxxxxx\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AuthorizationCreateResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"409": {
"description": "Conflict\n\nRole is already exists.\n"
}
}
}
},
"/authorization/fetch": {
"post": {
"summary": "Fetch authorization.",
"description": "Fetch authorization.
\n- Only a **system** and **service** key can be used to fetch authorization.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n| **Request Body** |\n|----------------------------------------------|\n\n### objectType (required)\ntype of object (valid values user, licensekey)
\n\n### objectId (required)\nsha512(license) | uid of the User who is being given the authorization\n\n### subjectType (required)\ntype of subject (valid values tenant | community )
\n\n### subjectId (required)\ntid | cid of the tenant or community id\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the created authorization.
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"description": "Fetch Authorization\n\n```\n{\n \"objectType\": \"string required - object type (valid values: user, licensekey)\",\n \"objectId\": \"string required - sha512(license) | uid of the User who is being given the authorization\",\n \"subjectType\": \"string required - type of subject (valid values tenant | community )\",\n \"subjectId\": \"string required - tid | cid of the tenant or community id\",\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AuthorizationFetchRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success\n\nFetched authorization:\n\n```\n[{\n \"id\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"objectType\": \"xxxx\",\n \"objectId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"subjectType\": \"xxxxx\",\n \"subjectId\": \"xxxxxxx\",\n \"roleId\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"role\": {\n \"name\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"createdBy\": \"xxxxxxxxxxxxxxxxxxxx\",\n \"permissions\": [\n \"xxxxx\", \"xxxxx\"\n ],\n \"tenantId\": \"xxxxxxxxxxxxxx\",\n \"communityId\": \"xxxxxxxxxxxxxxxx\"\n }\n}]\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AuthorizationFetchResponse"
}
}
}
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"409": {
"description": "Conflict\n\nRole is already exists.\n"
}
}
}
},
"/authorization/{authorizationId}": {
"delete": {
"summary": "Delete authorization by id",
"description": "Delete authorization by id.
\n- Only a **system** and **service** key can be used to delete authorization by id.\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now\n\n### publickey (required)\nPublic key\n\n| **Request Body** |\n|----------------------------------------------|\n\n### eventDetails (optional)\nAdditional details that are needed for the event\n\n| **Returns** |\n|-------------------------------------------|\n\nNone
\nThis API throw an error if something goes wrong.\n",
"tags": [
"Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"license": []
}
],
"parameters": [
{
"name": "licensekey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "publickey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"in": "path",
"name": "authorizationId",
"description": "id of Authorization",
"required": true,
"schema": {
"type": "string",
"example": "xxxxxxxxxxxxxxxx"
}
}
],
"requestBody": {
"description": "Create Authorization\n\n```\n{\n \"eventDetails\": \"object optional - Additional details that are needed for the event\"\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AuthorizationDeleteRequest"
}
}
}
},
"responses": {
"204": {
"description": "Success\n\nDelete authorization:\n"
},
"400": {
"description": "Invalid request"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "Not found"
}
}
}
}
},
"components": {
"schemas": {
"PublicKeyResponse": {
"type": "object",
"properties": {
"publicKey": {
"type": "string"
}
},
"example": {
"publicKey": ""
}
},
"HealthzResponse": {
"type": "object",
"properties": {
"status": {
"type": "string"
},
"publicKey": {
"type": "string"
},
"code": {
"type": "string"
},
"version": {
"type": "string"
}
},
"example": {
"status": "all services operational",
"publicKey": "//same as /publickeys endpoint",
"code": "200",
"version": "xxxx.xxxx.xxxx"
}
},
"EcdsaEncryptDecryptRequest": {
"type": "object",
"properties": {
"dataStr": {
"type": "string"
},
"publicKey": {
"type": "string"
},
"privateKey": {
"type": "string"
}
},
"example": {
"dataStr": "Hey, This is example data string.",
"publicKey": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx=",
"privateKey": "xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
}
},
"EcdsaEncryptDecryptResponse": {
"type": "object",
"properties": {
"data": {
"type": "string"
}
},
"example": {
"data": "xxxxxxxxxxxxxxxxxxxx"
}
},
"RoleCreateRequest": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
},
"RoleCreateResponse": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
},
"RolePatchByIdRequest": {
"type": "object",
"properties": {
"add_list": {
"type": "array",
"items": {
"type": "string"
}
},
"remove_list": {
"type": "array",
"items": {
"type": "string"
}
},
"set_list": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"RolePatchByIdResponse": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
},
"RoleFetchedByIdResponse": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
},
"RolePatchByNameRequest": {
"type": "object",
"properties": {
"add_list": {
"type": "array",
"items": {
"type": "string"
}
},
"remove_list": {
"type": "array",
"items": {
"type": "string"
}
},
"set_list": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"RolePatchByNameResponse": {
"type": "array",
"items": {
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
}
},
"RoleFetchByTenantOrCommunityRequest": {
"type": "object",
"properties": {
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
},
"RoleFetchByTenantOrCommunityResponse": {
"type": "array",
"items": {
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
}
},
"PermissionCreateRequest": {
"type": "object",
"properties": {
"objectId": {
"type": "string"
},
"objectType": {
"type": "string"
},
"subjectId": {
"type": "string"
},
"subjectType": {
"type": "string"
},
"permission": {
"type": "string"
},
"createdBy": {
"type": "string"
}
},
"example": {
"objectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectType": "xxxxx",
"subjectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"subjectType": "xxxxxx",
"permission": "xxxxxx-xxxxx",
"createdBy": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
},
"PermissionCreateResponse": {
"type": "object",
"properties": {
"_id": {
"type": "string"
},
"objectId": {
"type": "string"
},
"objectType": {
"type": "string"
},
"subjectId": {
"type": "string"
},
"subjectType": {
"type": "string"
},
"permission": {
"type": "string"
},
"createdBy": {
"type": "string"
}
},
"example": {
"_id": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectType": "xxxxx",
"subjectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"subjectType": "xxxxxx",
"permission": "xxxxxx-xxxxx",
"createdBy": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
},
"PermissionFetchRequest": {
"type": "array",
"items": {
"objectId": "string",
"objectType": "string",
"subjectId": "string",
"subjectType": "string"
},
"example": [
{
"objectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectType": "xxxxx",
"subjectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"subjectType": "xxxxxx"
}
]
},
"PermissionFetchResponse": {
"type": "array",
"items": {
"_id": "string",
"objectId": "string",
"objectType": "string",
"subjectId": "string",
"subjectType": "string",
"permission": "string",
"createdBy": "string"
},
"example": [
{
"_id": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectType": "xxxxx",
"subjectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"subjectType": "xxxxxx",
"permission": "xxxxxx-xxxxx",
"createdBy": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
]
},
"PermissionCheckRequest": {
"type": "array",
"items": {
"objectId": "string",
"objectType": "string",
"subjectId": "string",
"subjectType": "string",
"permission": "string"
},
"example": [
{
"objectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectType": "xxxxx",
"subjectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"subjectType": "xxxxxx",
"permission": "xxxxxx-xxxxx"
}
]
},
"PermissionCheckResponse": {
"type": "object",
"properties": {
"stataus": {
"type": "boolean"
}
},
"example": {
"status": true
}
},
"PermissionsOfSubjectResponse": {
"type": "array",
"items": {
"_id": "string",
"objectId": "string",
"objectType": "string",
"subjectId": "string",
"subjectType": "string",
"permission": "string",
"createdBy": "string"
},
"example": [
{
"_id": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"objectType": "xxxxx",
"subjectId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"subjectType": "xxxxxx",
"permission": "xxxxxx-xxxxx",
"createdBy": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
]
},
"GetServiceComponentsResponse": {
"type": "object",
"properties": {
"name1": {
"type": "string"
},
"name2": {
"type": "string"
},
"name3": {
"type": "string"
}
},
"example": {
"name1": "https://xxx.xxxxxx.xxx/xxxxx",
"name2": "https://xxx.xxxxxx.xxx/xxxxx",
"name3": "https://xxx.xxxxxx.xxx/xxxxx"
}
},
"AuthorizationCreateRequest": {
"type": "object",
"properties": {
"createdBy": {
"type": "string"
},
"objectType": {
"type": "string"
},
"objectId": {
"type": "string"
},
"subjectType": {
"type": "string"
},
"subjectId": {
"type": "string"
},
"roleId": {
"type": "string"
},
"eventDetails": {
"type": "object"
}
}
},
"AuthorizationDeleteRequest": {
"type": "object",
"properties": {
"eventDetails": {
"type": "object"
}
}
},
"AuthorizationCreateResponse": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"objectType": {
"type": "string"
},
"objectId": {
"type": "string"
},
"subjectType": {
"type": "string"
},
"subjectId": {
"type": "string"
},
"roleId": {
"type": "string"
}
}
},
"AuthorizationFetchRequest": {
"type": "object",
"properties": {
"objectType": {
"type": "string"
},
"objectId": {
"type": "string"
},
"subjectType": {
"type": "string"
},
"subjectId": {
"type": "string"
}
}
},
"AuthorizationFetchResponse": {
"type": "array",
"properties": {
"items": {
"properties": {
"id": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"objectType": {
"type": "string"
},
"objectId": {
"type": "string"
},
"subjectType": {
"type": "string"
},
"subjectId": {
"type": "string"
},
"roleId": {
"type": "string"
},
"role": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"createdBy": {
"type": "string"
},
"permissions": {
"type": "array",
"items": {
"type": "string"
}
},
"tenantId": {
"type": "string"
},
"communityId": {
"type": "string"
}
}
}
}
}
}
},
"AuthorizationsDeleteRequest": {
"type": "object",
"properties": {
"objectType": {
"type": "string"
},
"objectId": {
"type": "string"
},
"subjectType": {
"type": "string"
},
"subjectId": {
"type": "string"
}
}
}
},
"securitySchemes": {
"keyId": {
"type": "apiKey",
"name": "keyId",
"in": "header",
"description": "ECDSA Public Key"
},
"keySecret": {
"type": "apiKey",
"name": "keySecret",
"in": "header",
"description": "ECDSA Private Key"
},
"license": {
"type": "apiKey",
"name": "license",
"in": "header",
"description": "License key from License Microservice"
}
}
},
"tags": [
{
"name": "Public Key"
},
{
"name": "Healthz"
},
{
"name": "Environment"
},
{
"name": "ECDSA Helper"
}
],
"servers": [
{
"url": "https://pilot-root.1kosmos.net/authz/"
}
]
}