{
"openapi": "3.0.0",
"info": {
"title": "License Management Microservice",
"version": "1.08.11.02",
"description": "",
"license": {}
},
"paths": {
"/servicekey": {
"put": {
"summary": "Create Service Key",
"description": "Creates a new service key object.
\n- Only a **system** and a **service** key can be used to create a new key.
\n- Only a **system** key can be used to create other system keys.
\n- **system** and **service** key can create all other types.
\n- No other key can be used to create a new key.\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Request Body** |\n|----------------------------------------------|\n\n### tag (required)\nA tag is alpha-numeric (a-z, A-Z, 0-9) unique identifier with some special character '-', '_', '|' and ':'.\n\n
\n### keyId (optional)\nThe keyId is valid and unique key. The keyId is auto-generated as a uuid if keyId is not provided.\n\n
\n### keySecret (required if keyId is provided)\nThe keySecret is valid and unique key. The keySecret is auto-generated as a uuid if keySecret is not provided.\n\n
\n### disabled (optional)\nThe disabled key only accept these values (true, false).\nDefault disabled value is false\n\n
\n### expiry (optional)\nSet the expiry date for the service key.
\nAn expiry key is a valid future date.
\nDefault expiry value is current date plus 2 years.\n\n
\n### authLevel (optional)\nThis key defines the authentications level of the service key. The authLevel value must be a valid auth level. The authLevel key only accept these values (\"system\", \"service\", \"service_ext\", \"app_ext\", \"app\", \"basic\")
\nDefault authLevel value is \"basic\"!\n\n
\n### type (optional)\nThis key defines the authentication type of the service key. The type key only accept these values ('hawk', 'ecdsa', 'user')
\nDefault type value is Hawk.\nWhen using type = user, keyId should be user's URN. keySecret can be any value as it's internally over-written.\n\n
\n### modules (optional object)\nDefault modules value is empty object({}).\n\n* ### Modules Child Parameters\n mod_dl (optional)\n The mod_dl key is type of boolean and optional.\n\n mod_identity (optional)\n The mod_identity key is type of boolean and optional.\n\n mod_pp (optional)\n The mod_pp key is type of boolean and optional.\n\n mod_face (optional)\n The mod_face key is type of boolean and optional.\n\n mod_pin (optional)\n The mod_pin key is type of boolean and optional.\n\n mod_nationalid (optional)\n The mod_nationalid key is type of boolean and optional.\n\n mod_core (optional)\n The mod_core key is type of boolean and optional.\n\n mod_misc (optional)\n The mod_misc key is type of boolean and optional.\n\n bypass_poi (optional)\n The bypass_poi key is type of boolean and optional.\n\n mod_ssn (optional)\n The mod_ssn key is type of boolean and optional.\n\n mod_dvcid (optional)\n The mod_dvcid key is type of string and optional.\n\n mod_auid_license (optional)\n The mod_auid_license key is type of string and optional.\n\n mod_email (optional)\n The mod_email key is type of boolean and optional.\n\n mod_phone (optional)\n The mod_phone key is type of string and optional.\n\n
\n### description (optional)\nThis field use to add licensekey info\n\n| **Returns** |\n|----------------------------------------------|\n\nReturns the service key object if the service key object is created successfully.
\nThis API throws an error if something goes wrong. A common source of error is tag, keyId and keySecret are already exists.\n",
"tags": [
"Service Key"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CreateServiceKeyRequest"
}
}
}
},
"responses": {
"200": {
"description": "Service key created successfully",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ServiceKeyResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
}
}
},
"patch": {
"summary": "Update Service Key details",
"description": "Updates the specified service key with specified parameters, only provided parameters will be updated.
\n- Only a **system** key can be used to update another **system** key.
\n- **system** key can update all other types of key.
\n- **service** key can update all other types of **non-system** key.
\n- Only following attributes can be changed using this API.
\n **disabled**, **expiry**, **modules**\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### keyId (required)\nThe keyId of service key.\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n\n### disabled (optional)\nDisabled or Enabled service key. The disabled key only accept these values (true, false).
\nThe value will be left unchanged if the disabled key is not provided.\n\n
\n### expiry (optional)\nSet the expiry date for the service key.
\nAn expiry key is a valid future date.
\nThe value will be left unchanged if the expiry key is not provided.\n\n
\n### description (optional)\nThis field use to add licensekey info\n\n
\n### modules (optional object)\nThe value will be left unchanged if the modules object is not provided.\n\n* ### Modules Child Parameters\n mod_dl (optional)\n The mod_dl key is type of boolean and optional.\n\n mod_identity (optional)\n The mod_identity key is type of boolean and optional.\n\n mod_pp (optional)\n The mod_pp key is type of boolean and optional.\n\n mod_face (optional)\n The mod_face key is type of boolean and optional.\n\n\n mod_pin (optional)\n The mod_pin key is type of boolean and optional.\n\n\n mod_nationalid (optional)\n The mod_nationalid key is type of boolean and optional.\n\n mod_core (optional)\n The mod_core key is type of boolean and optional.\n\n mod_misc (optional)\n The mod_misc key is type of boolean and optional.\n\n bypass_poi (optional)\n The bypass_poi key is type of boolean and optional.\n\n mod_ssn (optional)\n The mod_ssn key is type of boolean and optional.\n\n mod_dvcid (optional)\n The mod_dvcid key is type of string and optional.\n\n mod_auid_license (optional)\n The mod_auid_license key is type of string and optional.\n\n mod_email (optional)\n The mod_email key is type of boolean and optional.\n\n mod_phone (optional)\n The mod_phone key is type of string and optional.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the service key object if the service key is updated successfully.
\nThis API throws an error if something goes wrong. A common source of error is a keyId is not exists.\n",
"tags": [
"Service Key"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "query",
"name": "keyId",
"schema": {
"type": "string",
"example": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UpdateServiceKeyRequest"
}
}
}
},
"responses": {
"200": {
"description": "Service key updated successfully",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ServiceKeyResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "No service key found"
}
}
},
"get": {
"summary": "Get Service Key details by Id or tag",
"description": "Retrieves the details of an existing service key.
\n- If the signing key is a **system** key, any keys can be requested.
\n- If the signing key is a **service** key, all but **system** keys can be requested.\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### keyId (required)\nThe keyId or tag of service key.\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a service key object if a valid keyId was provided.\n",
"tags": [
"Service Key"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "query",
"name": "keyId",
"schema": {
"type": "string",
"example": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"200": {
"description": "Service key fetch successfully",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ServiceKeyResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "No service key found"
}
}
},
"delete": {
"summary": "Delete Service Key",
"description": "Permanently deletes a service key. It cannot be undone.\n- Only a **system** key can be used to remove other **system** keys.
\n- **system** key can be used to remove all other keys.
\n- **service** key can delete other **non-system** keys.
\n- A key can not delete itself.\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### keyId (required)\nThe keyId of service key.\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a 204 status code if a valid keyId was provided.\n",
"tags": [
"Service Key"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "query",
"name": "keyId",
"schema": {
"type": "string",
"example": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"204": {
"description": "No Content"
},
"401": {
"description": "Unauthorized"
},
"404": {
"description": "No service key found"
}
}
}
},
"/servicekey/current": {
"get": {
"summary": "Get Current User Service Key details",
"description": "Retrieves the service key details of the current user.
\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a service key object if a current user is authenticated.\n",
"tags": [
"Service Key"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ServiceKeyResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/servicekey/fetch": {
"post": {
"summary": "Get All Service Keys",
"description": "Returns a list of service keys.
\n- When API is called using a **system** key, API will return all keys.
\n- When API is called using a **service** key, API will return all but **system** keys.
\n- **[change]** no otherkey is permitted to request ALL service keys.\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### pIndex (optional)\nThe pIndex key is a cursor for the pagination.\n\n### pSize (optional)\nA limit on the number of objects to be returned. The range between 1 to 25 and the default is 10.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a list of service keys with pagination.\n",
"tags": [
"Service Key"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "query",
"name": "pIndex",
"schema": {
"type": "integer",
"example": 0
}
},
{
"in": "query",
"name": "pSize",
"schema": {
"type": "integer",
"example": 10
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/FetchServiceKeysResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/publickeys": {
"get": {
"summary": "Get system's public key.",
"description": "Get system's public key.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a public key object\n",
"tags": [
"Public Key"
],
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/PublicKeyResponse"
}
}
}
},
"401": {
"description": "Invalid hawk signature / ID found."
}
}
}
},
"/community/servicekey": {
"put": {
"summary": "Add Key to community",
"description": "Add key to community.
\n- **system** and **service** keys can add any key to any community.
\n- **service_ext** key can only add a new key to community IFF
\n \u2013\u00a0It must be added to the community
\n \u2013\u00a0licenseAuth.isAuthorized = true
\n \u2013\u00a0licenseAuth.expiry is must be future date time.
\n- The key identified by **keyTag** must be **valid** key, not **disabled** and not **expired**
\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Request Body** |\n|----------------------------------------------|\n\n### keyTag (required)\nA keyTag is alpha-numeric (a-z, A-Z, 0-9) unique identifier with some special character '-', '_', '|' and ':'.\n\n
\n### communityId (required)\nThe communityId key is type of ObjectId.\n\n
\n### communityName (optional)\nThe communityName key is type of string.
\nMaximum 256 characters are allowed.\n\n
\n### isAuthorized (optional)\nThe isAuthorized key is type of boolean. Default value is true.\n\n
\n### expiry (optional)\nThe expiry is a valid future date.
\nDefault value is current date plus 2 years.\n\n| **Returns** |\n|----------------------------------------------|\n\nReturns the licenseAuth object if the licenseAuth object is created successfully.
\nThis API throws an error if something goes wrong. A common source of error is keyTag and communityId are already exist.\n",
"tags": [
"Key Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CreateLicenseAuthRequest"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CreateAndUpdateLicenseAuthResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/community/{communityId}/servicekey/{tag}": {
"patch": {
"summary": "Update Key from Community",
"description": "Update Key to Community.
\n- **system** key can modify any key from any community.
\n- **service** key can modify any **non-system** key from any community.
\n- **service_ext** key can only modify **non-system**, **non-service** keys from a community IFF
\n \u2013\u00a0It must be added to the community
\n \u2013\u00a0licenseAuth.isAuthorized = true
\n \u2013\u00a0licenseAuth.expiry is must be future date time.
\n- The key identified by **keyTag** must be **valid** key, not **disabled** and not **expired**
\n- Only these attributes can be updated
\n **isAuthorized**, **expiry**\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### communityId (required)\nThe communityId of licenseAuth.\n\n### tag (required)\nThe keyTag of licenseAuth.\n\n| **Request Body** |\n|----------------------------------------------|\n\n### isAuthorized (optional)\nThe isAuthorized key is type of boolean. The value will be left unchanged if the isAuthorized key is not provided.\n\n
\n### expiry (optional)\nThe expiry is a valid future date.
\nThe value will be left unchanged if the expiry key is not provided.\n\n| **Returns** |\n|----------------------------------------------|\n\nReturns the updated licenseAuth object if the licenseAuth object is updated successfully.
\nThis API throws an error if something goes wrong. A common source of error is a communityId or keyTag are not exists.\n",
"tags": [
"Key Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "path",
"name": "communityId",
"schema": {
"type": "string",
"example": "xxxxxxxxxx"
}
},
{
"in": "path",
"name": "tag",
"schema": {
"type": "string",
"example": "xxxxx"
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UpdateServiceKeyToCommunityRequest"
}
}
}
},
"responses": {
"200": {
"description": "Key updated to community successfully.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CreateAndUpdateLicenseAuthResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
}
}
},
"delete": {
"summary": "Delete Key from community",
"description": "Permanently deletes a community key. It cannot be undone.\n- **system** key can delete any key from any community.
\n- **service** key can delete any **non-system** key from any community.
\n- **service_ext** key can only delete **non-system**, **non-service** keys from a community IFF
\n \u2013\u00a0It must be added to the community
\n \u2013\u00a0licenseAuth.isAuthorized = true
\n \u2013\u00a0licenseAuth.expiry is must be future date time.
\n- The key identified by **keyTag** MUST be **valid** key, not **disabled** and not **expired**
\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### communityId (required)\nThe communityId of licenseAuth.\n\n### tag (required)\nThe keyTag of licenseAuth.\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a 204 status code if a valid keyTag and communityId was provided.\n",
"tags": [
"Key Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "path",
"name": "communityId",
"schema": {
"type": "string",
"example": "xxxxxxxxxx"
}
},
{
"in": "path",
"name": "tag",
"schema": {
"type": "string",
"example": "xxxxxx"
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"204": {
"description": "No Content"
},
"401": {
"description": "Unauthorized"
},
"403": {
"description": "Access denied"
}
}
}
},
"/community/{communityId}/licensecheck": {
"get": {
"summary": "License check",
"description": "Check license.\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### communityId (required)\nThe communityId of licenseAuth.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the licenseAuth object if authenticated key is added to the community and the authenticated service key is not disabled.
\nThis API throws an error if something goes wrong. A common source of error is if the key is not added to the community or the service key is disabled.\n",
"tags": [
"Key Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "path",
"name": "communityId",
"schema": {
"type": "string",
"example": "xxxxxxxx"
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CheckLicenseResponse"
}
}
}
},
"400": {
"description": "Invalid License"
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/community/{communityId}/servicekey/fetch": {
"post": {
"summary": "Get All Community Keys",
"description": "Returns a list of community keys.
\n-\u00a0**system**, **service** key can fetch all keys.
\n-\u00a0other keys can only fetch IFF calling key
\n \u2013\u00a0It must be added to the community
\n \u2013\u00a0licenseAuth.isAuthorized = true
\n \u2013\u00a0licenseAuth.expiry is must be future date time.
\n\n\n| **Headers** |\n|----------------------------------------------|\n\n### licensekey (required)\nLicense key encrypted with ECDSA\n\n### requestid (required)\nJSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds\n\n### publickey (required)\nPublic key\n\n| **Parameters** |\n|----------------------------------------------|\n\n### pIndex (optional)\nThe pIndex key is a cursor for the pagination.\n\n### pSize (optional)\nA limit on the number of objects to be returned. The range between 1 to 25 and the default is 10.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a list of service keys with pagination.\n",
"tags": [
"Key Authorization"
],
"security": [
{
"keyId": []
},
{
"keySecret": []
},
{
"licensekey": []
}
],
"parameters": [
{
"in": "path",
"name": "communityId",
"schema": {
"type": "string",
"example": "xxxxxxxxxx"
}
},
{
"in": "query",
"name": "pIndex",
"schema": {
"type": "integer",
"example": 0
}
},
{
"in": "query",
"name": "pSize",
"schema": {
"type": "integer",
"example": 10
}
},
{
"name": "privateKey",
"in": "header",
"description": "License key encrypted with ECDSA / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "requestid",
"in": "header",
"description": "JSON string encrypted with ECDSA which should contain \"appid\" (string), \"uuid\" (string) and \"ts\" (number) representing epoch timestamp in seconds / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
},
{
"name": "systemPublicKey",
"in": "header",
"description": "Public Key / Try Authorize 🔒",
"required": true,
"schema": {
"type": "string",
"example": "Do not enter anything, use 'Authorize' fields"
}
}
],
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/FetchLicenseAuthListResponse"
}
}
}
},
"401": {
"description": "Unauthorized"
}
}
}
},
"/healthz": {
"get": {
"summary": "Get healthz.",
"description": "Get healthz
\n\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns a healthz object\n - ```version = ..```
\n\n - ```git-tag```: When code is compiled from a git-tag, this must carry the tag name. This should match one of the git tags.\n - ```commit-id```: This is the git-commit-id. eg: When code is built from this, the hex code, in the end, is the commit it.\n - ```dob```: Date Of Build. This is epoc-time-in-se\tconds that tell the time when the build was created.\n - \u200bif the code is not built from a git-tag, then the ```version =\ufffc.```\n",
"tags": [
"Healthz"
],
"responses": {
"200": {
"description": "Success\n\n```\n{\n \"status\": \"all services operational\",\n \"publicKey\": \"string\" //same as /publickeys endpoint,\n \"code\": \"200\",\n \"version\": \"\" //as defined above\n}\n```\n",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/HealthzResponse"
}
}
}
}
}
}
},
"/ecdsa_helper/{method}": {
"post": {
"summary": "Encrypt and decrypt the data string by public key and private key.",
"description": "Encrypt and decrypt the data string by public key and private key.\n\n| **Parameters** |\n|----------------------------------------------|\n\n### method (optional)\nThe method parameter is type of enum. Default value is encrypt.
\nThis parameter only accepts following values
\n **encrypt**, **decrypt**\n\n\n| **Request Body** |\n|----------------------------------------------|\n\n\n### dataStr (required)\nThe dataStr key is type of string.\n\n
\n### publicKey (required)\nThe publicKey is type of string.\n\n
\n### privateKey (required)\nThe privateKey is type of string.\n\n| **Returns** |\n|-------------------------------------------|\n\nReturns the encrypted/decrypted string.
\nThis API throw an error if something goes wrong. A common source of error is public or private key is not valid.\n",
"tags": [
"ECDSA Helper"
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/EcdsaEncryptDecryptRequest"
}
}
}
},
"parameters": [
{
"in": "path",
"name": "method",
"schema": {
"type": "string",
"enum": [
"encrypt",
"decrypt"
],
"default": "encrypt"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/EcdsaEncryptDecryptResponse"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"HealthzResponse": {
"type": "object",
"properties": {
"status": {
"type": "string"
},
"publicKey": {
"type": "string"
},
"code": {
"type": "string"
},
"version": {
"type": "string"
}
},
"example": {
"status": "all services operational",
"publicKey": "//same as /publickeys endpoint",
"code": "200",
"version": "xxxx.xxxx.xxxx"
}
},
"ServiceKey": {
"type": "object",
"required": [
"tag"
],
"properties": {
"tag": {
"type": "string",
"description": "3-256 alpha-numeric (a-z, A-Z, 0-9), special character '-', '_', '|' and ':'"
},
"keyId": {
"type": "string",
"description": "auto-generated as a uuid"
},
"keySecret": {
"type": "string",
"description": "auto-generated as a uuid"
},
"type": {
"type": "string",
"description": "default = hawk | ecdsa | user"
},
"disabled": {
"type": "boolean",
"description": "default = false"
},
"expiry": {
"type": "string",
"format": "date",
"description": "default current system time + 2 years"
},
"authLevel": {
"type": "string",
"description": "options [ system, service, app, service_ext, app_ext, basic ] and default = basic"
},
"modules": {
"type": "object"
}
},
"example": {
"tag": "xxxxx",
"keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"type": "xxxxx",
"disabled": false,
"expiry": "2023-01-08T08:39:55.000Z",
"authLevel": "xxxxx",
"modules": {}
}
},
"PublicKeyResponse": {
"type": "object",
"properties": {
"publicKey": {
"type": "string"
}
},
"example": {
"publicKey": ""
}
},
"CreateServiceKeyRequest": {
"type": "object",
"properties": {
"tag": {
"type": "string",
"description": "3-256 alpha-numeric (a-z, A-Z, 0-9), special character '-', '_', '|' and ':'"
},
"keyId": {
"type": "string",
"description": "auto-generated as a uuid"
},
"keySecret": {
"type": "string",
"description": "auto-generated as a uuid"
},
"disabled": {
"type": "boolean",
"description": "default = false"
},
"expiry": {
"type": "string",
"format": "date",
"description": "default current system time + 2 years"
},
"authLevel": {
"type": "string",
"description": "options [ system, service, app, service_ext, app_ext, basic ] and default = basic"
},
"modules": {
"type": "object"
},
"description": {
"type": "string"
}
},
"example": {
"tag": "xxxxxxx",
"keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"disabled": false,
"expiry": "2023-01-08T08:39:55.000Z",
"authLevel": "xxxxxx",
"modules": {},
"type": "hawk | ecdsa | user",
"description": ""
}
},
"ServiceKeyResponse": {
"type": "object",
"properties": {
"_id": {
"type": "string"
},
"type": {
"type": "string"
},
"tag": {
"type": "string",
"description": "3-256 alpha-numeric (a-z, A-Z, 0-9), special character '-', '_', '|' and ':'"
},
"keyId": {
"type": "string",
"description": "auto-generated as a uuid"
},
"keySecret": {
"type": "string",
"description": "auto-generated as a uuid"
},
"disabled": {
"type": "boolean",
"description": "default = false"
},
"expiry": {
"type": "string",
"format": "date",
"description": "default current system time + 2 years"
},
"authLevel": {
"type": "string",
"description": "options [ system, service, app, service_ext, app_ext, basic ] and default = basic"
},
"modules": {
"type": "object"
},
"description": {
"type": "string"
}
},
"example": {
"_id": "xxxxxxxxxxxxxxxxxxxx",
"type": "xxxxx",
"tag": "xxxxxxxx",
"keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"disabled": false,
"expiry": "2023-01-13T15:36:44.978Z",
"authLevel": "xxxxxxx",
"module": {},
"description": ""
}
},
"UpdateServiceKeyRequest": {
"type": "object",
"properties": {
"disabled": {
"type": "boolean",
"description": "default = false"
},
"expiry": {
"type": "string",
"format": "date",
"description": "default current system time + 2 years"
},
"modules": {
"type": "object"
},
"description": {
"type": "string"
}
},
"example": {
"disabled": false,
"expiry": "2023-01-08T08:39:55.000Z",
"modules": {},
"description": ""
}
},
"FetchServiceKeysResponse": {
"type": "object",
"properties": {
"page": {
"type": "object",
"properties": {
"index": {
"type": "number",
"description": "Current page index"
},
"total": {
"type": "number",
"description": "Total number of records in database"
},
"size": {
"type": "number",
"description": "Total count in this response"
}
}
},
"data": {
"type": "array",
"items": {
"properties": {
"_id": {
"type": "string"
},
"type": {
"type": "string"
},
"tag": {
"type": "string",
"description": "3-64 alpha-numeric (a-z, A-Z, 0-9) and special character '-', '_', '|' and ':'"
},
"keyId": {
"type": "string",
"description": "auto-generated as a uuid"
},
"keySecret": {
"type": "string",
"description": "auto-generated as a uuid"
},
"disabled": {
"type": "boolean",
"description": "default = false"
},
"expiry": {
"type": "string",
"format": "date",
"description": "default current system time + 2 years"
},
"authLevel": {
"type": "string",
"description": "options [ system, service, app, service_ext, app_ext, basic ] and default = basic"
},
"modules": {
"type": "object"
}
}
}
}
},
"example": {
"page": {
"index": 0,
"total": 50,
"size": 1
},
"data": [
{
"tag": "xxxxxxx",
"keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"disabled": false,
"expiry": "2023-01-08T08:39:55.000Z",
"authLevel": "xxxxxx",
"modules": {}
}
]
}
},
"CreateLicenseAuthRequest": {
"type": "object",
"properties": {
"keyTag": {
"type": "string",
"description": "3-256 alpha-numeric (a-z, A-Z, 0-9), special character '-', '_', '|' and ':'"
},
"communityId": {
"type": "string",
"description": "type of ObjectId"
},
"communityName": {
"type": "string",
"description": "name of the community"
},
"isAuthorized": {
"type": "boolean",
"description": "default = true"
},
"expiry": {
"type": "string",
"format": "date",
"description": "default current system time + 2 years"
}
},
"example": {
"keyTag": "xxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"communityName": "xxxxxx",
"isAuthorized": false,
"expiry": "2023-01-08T08:39:55.000Z"
}
},
"UpdateServiceKeyToCommunityRequest": {
"type": "object",
"properties": {
"isAuthorized": {
"type": "boolean",
"description": "default = true"
},
"expiry": {
"type": "string",
"format": "date",
"description": "default current system time + 2 years"
}
},
"example": {
"isAuthorized": false,
"expiry": "2023-01-08T08:39:55.000Z"
}
},
"CreateAndUpdateLicenseAuthResponse": {
"type": "object",
"properties": {
"isAuthorized": {
"type": "boolean"
},
"_id": {
"type": "string"
},
"keyTag": {
"type": "string"
},
"communityId": {
"type": "string"
},
"expiry": {
"type": "string",
"format": "date"
}
},
"example": {
"isAuthorized": true,
"_id": "xxxxxxxxxxxxxxxxxxxx",
"keyTag": "xxxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"expiry": "2023-01-17T18:30:00.000Z"
}
},
"CheckLicenseResponse": {
"type": "object",
"properties": {
"modules": {
"type": "object"
},
"isAuthorized": {
"type": "boolean"
},
"expiry": {
"type": "string",
"format": "date"
},
"authLevel": {
"type": "string"
},
"tag": {
"type": "string"
}
},
"example": {
"modules": {},
"isAuthorized": true,
"expiry": "2023-01-08T08:39:55.000+00:00",
"authLevel": "xxxxx",
"tag": "system"
}
},
"FetchLicenseAuthListResponse": {
"type": "object",
"properties": {
"page": {
"type": "object",
"properties": {
"index": {
"type": "number",
"description": "Current page index"
},
"total": {
"type": "number",
"description": "Total number of records in database"
},
"size": {
"type": "number",
"description": "Total count in this response"
}
}
},
"data": {
"type": "array",
"items": {
"properties": {
"isAuthorized": {
"type": "boolean"
},
"_id": {
"type": "string"
},
"keyTag": {
"type": "string"
},
"communityId": {
"type": "string"
},
"expiry": {
"type": "string",
"format": "date"
}
}
}
}
},
"example": {
"page": {
"index": 0,
"total": 50,
"size": 1
},
"data": [
{
"isAuthorized": true,
"_id": "xxxxxxxxxxxxxxxxxxxx",
"keyTag": "xxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"expiry": "2023-01-17T18:30:00.000Z"
}
]
}
},
"EcdsaEncryptDecryptRequest": {
"type": "object",
"properties": {
"dataStr": {
"type": "string"
},
"publicKey": {
"type": "string"
},
"privateKey": {
"type": "string"
}
},
"example": {
"dataStr": "Hey, This is example data string.",
"publicKey": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx=",
"privateKey": "xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
}
},
"EcdsaEncryptDecryptResponse": {
"type": "object",
"properties": {
"data": {
"type": "string"
}
},
"example": {
"data": "xxxxxxxxxxxxxxxxxxxx"
}
}
},
"securitySchemes": {
"keyId": {
"type": "apiKey",
"name": "keyId",
"in": "header",
"description": "Hawk Key Id / ECDSA Public Key"
},
"keySecret": {
"type": "apiKey",
"name": "keySecret",
"in": "header",
"description": "Hawk Key Secret / ECDSA Private Key"
},
"licensekey": {
"type": "apiKey",
"name": "licensekey",
"in": "header",
"description": "API Public Key"
}
}
},
"tags": [
{
"name": "Service Key"
},
{
"name": "Public Key"
},
{
"name": "Key Authorization"
},
{
"name": "Healthz"
},
{
"name": "ECDSA Helper"
}
],
"servers": [
{
"url": "https://pilot-root.1kosmos.net/licenses/"
}
]
}