github.com/thetreep/go-swagger@v0.0.0-20240223100711-35af64f14f01/fixtures/bugs/2919/edge-api/management/identities.yml (about) 1 --- 2 paths: 3 identities: 4 get: 5 summary: List identities 6 description: | 7 Retrieves a list of identity resources; supports filtering, sorting, and pagination. Requires admin access. 8 security: 9 - ztSession: [ ] 10 tags: 11 - Identity 12 operationId: listIdentities 13 parameters: 14 - $ref: '../shared/parameters.yml#/limit' 15 - $ref: '../shared/parameters.yml#/offset' 16 - $ref: '../shared/parameters.yml#/filter' 17 - $ref: '../shared/parameters.yml#/roleFilter' 18 - $ref: '../shared/parameters.yml#/roleSemantic' 19 responses: 20 '200': 21 $ref: '#/responses/listIdentities' 22 '401': 23 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 24 '400': 25 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 26 post: 27 summary: Create an identity resource 28 description: Create an identity resource. Requires admin access. 29 security: 30 - ztSession: [ ] 31 tags: 32 - Identity 33 operationId: createIdentity 34 parameters: 35 - name: identity 36 in: body 37 required: true 38 description: An identity to create 39 schema: 40 $ref: '#/definitions/identityCreate' 41 responses: 42 '201': 43 $ref: '../shared/standard-responses.yml#/responses/createResponse' 44 '400': 45 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 46 '401': 47 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 48 identities-id: 49 parameters: 50 - $ref: '../shared/parameters.yml#/id' 51 get: 52 summary: Retrieves a single identity 53 description: Retrieves a single identity by id. Requires admin access. 54 security: 55 - ztSession: [ ] 56 tags: 57 - Identity 58 operationId: detailIdentity 59 responses: 60 '200': 61 $ref: '#/responses/detailIdentity' 62 '404': 63 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 64 '401': 65 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 66 put: 67 summary: Update all fields on an identity 68 description: Update all fields on an identity by id. Requires admin access. 69 security: 70 - ztSession: [ ] 71 tags: 72 - Identity 73 operationId: updateIdentity 74 parameters: 75 - name: identity 76 in: body 77 required: true 78 description: An identity update object 79 schema: 80 $ref: '#/definitions/identityUpdate' 81 responses: 82 '200': 83 $ref: '../shared/standard-responses.yml#/responses/updateResponse' 84 '400': 85 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 86 '404': 87 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 88 '401': 89 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 90 patch: 91 summary: Update the supplied fields on an identity 92 description: Update the supplied fields on an identity. Requires admin access. 93 security: 94 - ztSession: [ ] 95 tags: 96 - Identity 97 operationId: patchIdentity 98 parameters: 99 - name: identity 100 in: body 101 required: true 102 description: An identity patch object 103 schema: 104 $ref: '#/definitions/identityPatch' 105 responses: 106 '200': 107 $ref: '../shared/standard-responses.yml#/responses/patchResponse' 108 '400': 109 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 110 '404': 111 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 112 '401': 113 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 114 delete: 115 summary: Delete an identity 116 description: Delete an identity by id. Requires admin access. 117 security: 118 - ztSession: [ ] 119 tags: 120 - Identity 121 operationId: deleteIdentity 122 responses: 123 '200': 124 $ref: '../shared/standard-responses.yml#/responses/deleteResponse' 125 '400': 126 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 127 '401': 128 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 129 '409': 130 $ref: '../shared/standard-responses.yml#/responses/cannotDeleteReferencedResourceResponse' 131 identities-id-edge-router-policies: 132 parameters: 133 - $ref: '../shared/parameters.yml#/id' 134 get: 135 summary: List the edge router policies that affect an identity 136 description: Retrieves a list of edge router policies that apply to the specified identity. 137 security: 138 - ztSession: [ ] 139 tags: 140 - Identity 141 operationId: listIdentitysEdgeRouterPolicies 142 responses: 143 '200': 144 $ref: 'edge-router-policies.yml#/responses/listEdgeRouterPolicies' 145 '404': 146 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 147 '401': 148 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 149 identities-id-service-configs: 150 parameters: 151 - $ref: '../shared/parameters.yml#/id' 152 get: 153 summary: List the service configs associated a specific identity 154 description: Retrieves a list of service configs associated to a specific identity 155 security: 156 - ztSession: [ ] 157 tags: 158 - Identity 159 operationId: listIdentitysServiceConfigs 160 responses: 161 '200': 162 $ref: '#/responses/listServiceConfigs' 163 '404': 164 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 165 '401': 166 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 167 post: 168 summary: Associate service configs for a specific identity 169 description: Associate service configs to a specific identity 170 parameters: 171 - name: serviceConfigs 172 in: body 173 required: true 174 description: A service config patch object 175 schema: 176 $ref: 'service-configs.yml#/definitions/serviceConfigsAssignList' 177 security: 178 - ztSession: [ ] 179 tags: 180 - Identity 181 operationId: associateIdentitysServiceConfigs 182 responses: 183 '200': 184 $ref: '../shared/standard-responses.yml#/responses/emptyResponse' 185 '400': 186 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 187 '404': 188 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 189 '401': 190 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 191 delete: 192 summary: Remove associated service configs from a specific identity 193 description: Remove service configs from a specific identity 194 parameters: 195 - name: serviceConfigIdPairs 196 in: body 197 required: false 198 description: An array of service and config id pairs to remove 199 schema: 200 $ref: 'service-configs.yml#/definitions/serviceConfigsAssignList' 201 security: 202 - ztSession: [ ] 203 tags: 204 - Identity 205 operationId: disassociateIdentitysServiceConfigs 206 responses: 207 '200': 208 $ref: '../shared/standard-responses.yml#/responses/emptyResponse' 209 '400': 210 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 211 '404': 212 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 213 '401': 214 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 215 identities-id-service-policies: 216 parameters: 217 - $ref: '../shared/parameters.yml#/id' 218 get: 219 summary: List the service policies that affect an identity 220 description: Retrieves a list of service policies that apply to the specified identity. 221 security: 222 - ztSession: [ ] 223 tags: 224 - Identity 225 operationId: listIdentityServicePolicies 226 responses: 227 '200': 228 $ref: 'service-policies.yml#/responses/listServicePolicies' 229 '404': 230 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 231 '401': 232 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 233 234 identities-id-edge-routers: 235 parameters: 236 - $ref: '../shared/parameters.yml#/id' 237 get: 238 summary: List accessible edge-routers 239 description: | 240 Retrieves a list of edge-routers that the given identity may use to access services. Supports filtering, sorting, and pagination. Requires admin access. 241 security: 242 - ztSession: [ ] 243 tags: 244 - Identity 245 operationId: listIdentityEdgeRouters 246 responses: 247 '200': 248 $ref: 'edge-routers.yml#/responses/listEdgeRouters' 249 '404': 250 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 251 '401': 252 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 253 254 identities-id-services: 255 parameters: 256 - $ref: '../shared/parameters.yml#/id' 257 get: 258 summary: List accessible services 259 description: | 260 Retrieves a list of services that the given identity has access to. Supports filtering, sorting, and pagination. Requires admin access. 261 security: 262 - ztSession: [ ] 263 tags: 264 - Identity 265 operationId: listIdentityServices 266 responses: 267 '200': 268 $ref: 'edge-routers.yml#/responses/listEdgeRouters' 269 '404': 270 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 271 '401': 272 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 273 274 identities-id-policy-advice-service-id: 275 parameters: 276 - $ref: '../shared/parameters.yml#/id' 277 - $ref: '../shared/parameters.yml#/serviceId' 278 get: 279 summary: Analyze policies relating the given identity and service 280 description: | 281 Analyzes policies to see if the given identity should be able to dial or bind the given service. | 282 Will check services policies to see if the identity can access the service. Will check edge router policies | 283 to check if the identity and service have access to common edge routers so that a connnection can be made. | 284 Will also check if at least one edge router is on-line. Requires admin access. 285 security: 286 - ztSession: [ ] 287 tags: 288 - Identity 289 operationId: getIdentityPolicyAdvice 290 responses: 291 '200': 292 $ref: '#/responses/getIdentityPolicyAdvice' 293 '404': 294 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 295 '401': 296 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 297 identities-id-posture-data: 298 parameters: 299 - $ref: '../shared/parameters.yml#/id' 300 get: 301 summary: Retrieve the curent posture data for a specific identity. 302 description: | 303 Returns a nested map data represeting the posture data of the identity. 304 This data should be considered volatile. 305 security: 306 - ztSession: [ ] 307 tags: 308 - Identity 309 operationId: getIdentityPostureData 310 responses: 311 '200': 312 $ref: '#/responses/getIdentityPostureData' 313 '404': 314 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 315 '401': 316 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 317 identities-id-authenticators: 318 parameters: 319 - $ref: '../shared/parameters.yml#/id' 320 get: 321 summary: Retrieve the current authenticators of a specific identity 322 description: | 323 Returns a list of authenticators associated to the identity specified 324 security: 325 - ztSession: [ ] 326 tags: 327 - Identity 328 operationId: getIdentityAuthenticators 329 responses: 330 '200': 331 $ref: '../shared/authenticators.yml#/responses/listAuthenticators' 332 '404': 333 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 334 '401': 335 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 336 identities-id-enrollments: 337 parameters: 338 - $ref: '../shared/parameters.yml#/id' 339 get: 340 summary: Retrieve the current enrollments of a specific identity 341 description: | 342 Returns a list of enrollments associated to the identity specified 343 security: 344 - ztSession: [ ] 345 tags: 346 - Identity 347 operationId: getIdentityEnrollments 348 responses: 349 '200': 350 $ref: '../management/enrollments.yml#/responses/listEnrollments' 351 '404': 352 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 353 '401': 354 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 355 identities-id-failed-service-requests: 356 parameters: 357 - $ref: '../shared/parameters.yml#/id' 358 get: 359 summary: Retrieve a list of the most recent service failure requests due to posture checks 360 description: | 361 Returns a list of service session requests that failed due to posture checks. The entries will contain 362 every policy that was verified against and every failed check in each policy. Each check will include 363 the historical posture data and posture check configuration. 364 security: 365 - ztSession: [ ] 366 tags: 367 - Identity 368 operationId: getIdentityFailedServiceRequests 369 responses: 370 '200': 371 $ref: '#/responses/getIdentityFailedServiceRequest' 372 '404': 373 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 374 '401': 375 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 376 identities-id-mfa: 377 parameters: 378 - $ref: '../shared/parameters.yml#/id' 379 delete: 380 summary: Remove MFA from an identitity 381 description: | 382 Allows an admin to remove MFA enrollment from a specific identity. Requires admin. 383 security: 384 - ztSession: [ ] 385 tags: 386 - Identity 387 - MFA 388 operationId: removeIdentityMfa 389 responses: 390 '200': 391 $ref: '../shared/standard-responses.yml#/responses/emptyResponse' 392 '404': 393 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 394 '401': 395 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 396 identities-id-trace: 397 parameters: 398 - $ref: '../shared/parameters.yml#/id' 399 put: 400 summary: Enable/disable data flow tracing for an identity 401 description: | 402 Allows an admin to enable/disable data flow tracing for an identity 403 security: 404 - ztSession: [ ] 405 tags: 406 - Identity 407 - Tracing 408 operationId: updateIdentityTracing 409 parameters: 410 - name: traceSpec 411 in: body 412 required: true 413 description: A traceSpec object 414 schema: 415 $ref: '#/definitions/traceSpec' 416 responses: 417 '200': 418 $ref: '#/responses/traceDetail' 419 '400': 420 $ref: '../shared/standard-responses.yml#/responses/badRequestResponse' 421 '404': 422 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 423 '401': 424 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 425 identities-id-enable: 426 parameters: 427 - $ref: '../shared/parameters.yml#/id' 428 post: 429 summary: Clears all disabled state from an identity 430 description: | 431 Allows an admin to remove disabled statuses from an identity. 432 security: 433 - ztSession: [ ] 434 tags: 435 - Identity 436 operationId: enableIdentity 437 responses: 438 '200': 439 $ref: '../shared/standard-responses.yml#/responses/emptyResponse' 440 '404': 441 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 442 '401': 443 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 444 identities-id-disable: 445 parameters: 446 - $ref: '../shared/parameters.yml#/id' 447 post: 448 summary: Set an identity as disabled 449 description: | 450 Allows an admin disable an identity for a set amount of time or indefinitely. 451 security: 452 - ztSession: [ ] 453 tags: 454 - Identity 455 operationId: disableIdentity 456 parameters: 457 - name: disable 458 in: body 459 required: true 460 description: Disable parameters 461 schema: 462 $ref: '#/definitions/disableParams' 463 responses: 464 '200': 465 $ref: '../shared/standard-responses.yml#/responses/emptyResponse' 466 '404': 467 $ref: '../shared/standard-responses.yml#/responses/notFoundResponse' 468 '401': 469 $ref: '../shared/standard-responses.yml#/responses/unauthorizedResponse' 470 responses: 471 listIdentities: 472 description: A list of identities 473 schema: 474 $ref: '#/definitions/listIdentitiesEnvelope' 475 detailIdentity: 476 description: A single identity 477 schema: 478 $ref: '#/definitions/detailIdentityEnvelope' 479 getIdentityPolicyAdvice: 480 description: Returns the document that represents the policy advice 481 schema: 482 $ref: '#/definitions/getIdentityPolicyAdviceEnvelope' 483 getIdentityPostureData: 484 description: Returns the document that represents posture data 485 schema: 486 $ref: 'posture-data.yml#/definitions/postureDataEnvelope' 487 getIdentityFailedServiceRequest: 488 description: Returns a list of service request failures 489 schema: 490 $ref: 'failed-service-request.yml#/definitions/failedServiceRequestEnvelope' 491 listServiceConfigs: 492 description: A list of service configs 493 schema: 494 $ref: 'service-configs.yml#/definitions/listServiceConfigsEnvelope' 495 traceDetail: 496 description: Returns the document that represents the trace state 497 schema: 498 $ref: '#/definitions/traceDetailEnvelope' 499 500 definitions: 501 disableParams: 502 type: object 503 required: 504 - durationMinutes 505 properties: 506 durationMinutes: 507 type: integer 508 listIdentitiesEnvelope: 509 type: object 510 required: 511 - meta 512 - data 513 properties: 514 meta: 515 $ref: '../shared/standard-responses.yml#/definitions/meta' 516 data: 517 $ref: '../shared/identities.yml#/definitions/identityList' 518 detailIdentityEnvelope: 519 type: object 520 required: 521 - meta 522 - data 523 properties: 524 meta: 525 $ref: '../shared/standard-responses.yml#/definitions/meta' 526 data: 527 $ref: '../shared/identities.yml#/definitions/identityDetail' 528 traceDetailEnvelope: 529 type: object 530 required: 531 - meta 532 - data 533 properties: 534 meta: 535 $ref: '../shared/standard-responses.yml#/definitions/meta' 536 data: 537 $ref: '#/definitions/traceDetail' 538 identityCreate: 539 description: An identity to create 540 type: object 541 required: 542 - name 543 - type 544 - isAdmin 545 properties: 546 name: 547 type: string 548 type: 549 $ref: 'identity-types.yml#/definitions/identityType' 550 isAdmin: 551 type: boolean 552 enrollment: 553 type: object 554 properties: 555 ott: 556 type: boolean 557 updb: 558 type: string 559 ottca: 560 type: string 561 authPolicyId: 562 type: string 563 x-nullable: true 564 externalId: 565 type: string 566 x-nullable: true 567 roleAttributes: 568 $ref: '../shared/base-entity.yml#/definitions/attributes' 569 tags: 570 $ref: '../shared/base-entity.yml#/definitions/tags' 571 defaultHostingPrecedence: 572 $ref: '../shared/terminators.yml#/definitions/terminatorPrecedence' 573 defaultHostingCost: 574 $ref: '../shared/terminators.yml#/definitions/terminatorCost' 575 serviceHostingPrecedences: 576 $ref: '../shared/terminators.yml#/definitions/terminatorPrecedenceMap' 577 serviceHostingCosts: 578 $ref: '../shared/terminators.yml#/definitions/terminatorCostMap' 579 appData: 580 $ref: '../shared/base-entity.yml#/definitions/tags' 581 identityUpdate: 582 type: object 583 required: 584 - type 585 - name 586 - isAdmin 587 properties: 588 name: 589 type: string 590 type: 591 $ref: 'identity-types.yml#/definitions/identityType' 592 isAdmin: 593 type: boolean 594 authPolicyId: 595 type: string 596 x-nullable: true 597 externalId: 598 type: string 599 x-nullable: true 600 roleAttributes: 601 $ref: '../shared/base-entity.yml#/definitions/attributes' 602 tags: 603 $ref: '../shared/base-entity.yml#/definitions/tags' 604 defaultHostingPrecedence: 605 $ref: '../shared/terminators.yml#/definitions/terminatorPrecedence' 606 defaultHostingCost: 607 $ref: '../shared/terminators.yml#/definitions/terminatorCost' 608 serviceHostingPrecedences: 609 $ref: '../shared/terminators.yml#/definitions/terminatorPrecedenceMap' 610 serviceHostingCosts: 611 $ref: '../shared/terminators.yml#/definitions/terminatorCostMap' 612 appData: 613 $ref: '../shared/base-entity.yml#/definitions/tags' 614 identityPatch: 615 type: object 616 properties: 617 name: 618 type: string 619 x-nullable: true 620 type: 621 $ref: 'identity-types.yml#/definitions/identityType' 622 x-nullable: true 623 isAdmin: 624 type: boolean 625 x-nullable: true 626 authPolicyId: 627 type: string 628 x-nullable: true 629 externalId: 630 type: string 631 x-nullable: true 632 roleAttributes: 633 $ref: '../shared/base-entity.yml#/definitions/attributes' 634 tags: 635 $ref: '../shared/base-entity.yml#/definitions/tags' 636 defaultHostingPrecedence: 637 $ref: '../shared/terminators.yml#/definitions/terminatorPrecedence' 638 defaultHostingCost: 639 $ref: '../shared/terminators.yml#/definitions/terminatorCost' 640 serviceHostingPrecedences: 641 $ref: '../shared/terminators.yml#/definitions/terminatorPrecedenceMap' 642 serviceHostingCosts: 643 $ref: '../shared/terminators.yml#/definitions/terminatorCostMap' 644 appData: 645 $ref: '../shared/base-entity.yml#/definitions/tags' 646 getIdentityPolicyAdviceEnvelope: 647 type: object 648 required: 649 - meta 650 - data 651 properties: 652 meta: 653 $ref: '../shared/standard-responses.yml#/definitions/meta' 654 data: 655 $ref: '#/definitions/policyAdvice' 656 policyAdvice: 657 type: "object" 658 properties: 659 identityId: 660 type: "string" 661 identity: 662 $ref: '../shared/base-entity.yml#/definitions/entityRef' 663 serviceId: 664 type: "string" 665 service: 666 $ref: '../shared/base-entity.yml#/definitions/entityRef' 667 isBindAllowed: 668 type: "boolean" 669 isDialAllowed: 670 type: "boolean" 671 identityRouterCount: 672 type: "number" 673 format: int32 674 serviceRouterCount: 675 type: "number" 676 format: int32 677 commonRouters: 678 type: "array" 679 items: 680 $ref: 'edge-routers.yml#/definitions/routerEntityRef' 681 traceSpec: 682 type: "object" 683 properties: 684 enabled: 685 type: "boolean" 686 duration: 687 type: "string" 688 traceId: 689 type: "string" 690 channels: 691 type: array 692 items: 693 type: string 694 traceDetail: 695 type: "object" 696 properties: 697 enabled: 698 type: "boolean" 699 until: 700 type: "string" 701 format: date-time 702 traceId: 703 type: "string"