Edge Management API Reference
Response samples
- 200
{- "data": {
- "apiVersions": {
- "property1": {
- "property1": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}, - "property2": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}
}, - "property2": {
- "property1": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}, - "property2": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}
}
}, - "buildDate": "2020-02-11 16:09:08",
- "capabilities": [
- "string"
], - "revision": "ea556fc18740",
- "runtimeVersion": "go1.13.5",
- "version": "v0.9.0"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Response samples
- 200
{- "data": [
- "OIDC_AUTH"
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Returns a list of API specs
Returns a list of spec files embedded within the controller for consumption/documentation/code geneartion
Responses
Response samples
- 200
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Return a single spec resource
Returns single spec resource embedded within the controller for consumption/documentation/code geneartion
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Returns a list of accessible resource counts
This endpoint is usefull for UIs that wish to display UI elements with counts.
Authorizations:
Responses
Response samples
- 200
- 401
- 429
- 503
{- "data": {
- "property1": 0,
- "property2": 0
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Response samples
- 200
{- "data": {
- "apiVersions": {
- "property1": {
- "property1": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}, - "property2": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}
}, - "property2": {
- "property1": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}, - "property2": {
- "apiBaseUrls": [
- "string"
], - "path": "string",
- "version": "string"
}
}
}, - "buildDate": "2020-02-11 16:09:08",
- "capabilities": [
- "string"
], - "revision": "ea556fc18740",
- "runtimeVersion": "go1.13.5",
- "version": "v0.9.0"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List active API sessions
Returns a list of active API sessions. The resources can be sorted, filtered, and paginated. This endpoint requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "authQueries": [
- {
- "clientId": "string",
- "format": "numeric",
- "httpMethod": "string",
- "httpUrl": "string",
- "id": "string",
- "maxLength": 0,
- "minLength": 0,
- "provider": "ziti",
- "scopes": [
- "string"
], - "typeId": "MFA"
}
], - "authenticatorId": "string",
- "cachedLastActivityAt": "2019-08-24T14:15:22Z",
- "configTypes": [
- "string"
], - "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "ipAddress": "string",
- "isCertExtendable": true,
- "isMfaComplete": true,
- "isMfaRequired": true,
- "lastActivityAt": "2019-08-24T14:15:22Z",
- "token": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single API Session
Retrieves a single API Session by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "authQueries": [
- {
- "clientId": "string",
- "format": "numeric",
- "httpMethod": "string",
- "httpUrl": "string",
- "id": "string",
- "maxLength": 0,
- "minLength": 0,
- "provider": "ziti",
- "scopes": [
- "string"
], - "typeId": "MFA"
}
], - "authenticatorId": "string",
- "cachedLastActivityAt": "2019-08-24T14:15:22Z",
- "configTypes": [
- "string"
], - "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "ipAddress": "string",
- "isCertExtendable": true,
- "isMfaComplete": true,
- "isMfaRequired": true,
- "lastActivityAt": "2019-08-24T14:15:22Z",
- "token": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Deletes an API Sessions
Deletes and API sesion by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 403
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List Auth Policies
Retrieves a list of Auth Policies
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string",
- "primary": {
- "cert": {
- "allowExpiredCerts": true,
- "allowed": true
}, - "extJwt": {
- "allowed": true,
- "allowedSigners": [
- "string"
]
}, - "updb": {
- "allowed": true,
- "lockoutDurationMinutes": 0,
- "maxAttempts": 0,
- "minPasswordLength": 0,
- "requireMixedCase": true,
- "requireNumberChar": true,
- "requireSpecialChar": true
}
}, - "secondary": {
- "requireExtJwtSigner": "string",
- "requireTotp": true
}
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Creates an Auth Policy
Creates an Auth Policy. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
An Auth Policy to create
name required | string |
required | object (authPolicyPrimary) |
required | object (authPolicySecondary) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "name": "string",
- "primary": {
- "cert": {
- "allowExpiredCerts": true,
- "allowed": true
}, - "extJwt": {
- "allowed": true,
- "allowedSigners": [
- "string"
]
}, - "updb": {
- "allowed": true,
- "lockoutDurationMinutes": 0,
- "maxAttempts": 0,
- "minPasswordLength": 0,
- "requireMixedCase": true,
- "requireNumberChar": true,
- "requireSpecialChar": true
}
}, - "secondary": {
- "requireExtJwtSigner": "string",
- "requireTotp": true
}, - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single Auth Policy
Retrieves a single Auth Policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string",
- "primary": {
- "cert": {
- "allowExpiredCerts": true,
- "allowed": true
}, - "extJwt": {
- "allowed": true,
- "allowedSigners": [
- "string"
]
}, - "updb": {
- "allowed": true,
- "lockoutDurationMinutes": 0,
- "maxAttempts": 0,
- "minPasswordLength": 0,
- "requireMixedCase": true,
- "requireNumberChar": true,
- "requireSpecialChar": true
}
}, - "secondary": {
- "requireExtJwtSigner": "string",
- "requireTotp": true
}
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on an Auth Policy
Update all fields on an Auth Policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An Auth Policy update object
name required | string |
required | object (authPolicyPrimary) |
required | object (authPolicySecondary) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "name": "string",
- "primary": {
- "cert": {
- "allowExpiredCerts": true,
- "allowed": true
}, - "extJwt": {
- "allowed": true,
- "allowedSigners": [
- "string"
]
}, - "updb": {
- "allowed": true,
- "lockoutDurationMinutes": 0,
- "maxAttempts": 0,
- "minPasswordLength": 0,
- "requireMixedCase": true,
- "requireNumberChar": true,
- "requireSpecialChar": true
}
}, - "secondary": {
- "requireExtJwtSigner": "string",
- "requireTotp": true
}, - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete an Auth Policy
Delete an Auth Policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on an Auth Policy
Update only the supplied fields on an Auth Policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An Auth Policy patch object
name | string or null |
object (authPolicyPrimaryPatch) | |
object or null (authPolicySecondaryPatch) | |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "name": "string",
- "primary": {
- "cert": {
- "allowExpiredCerts": true,
- "allowed": true
}, - "extJwt": {
- "allowed": true,
- "allowedSigners": [
- "string"
]
}, - "updb": {
- "allowed": true,
- "lockoutDurationMinutes": 0,
- "maxAttempts": 0,
- "minPasswordLength": 0,
- "requireMixedCase": true,
- "requireNumberChar": true,
- "requireSpecialChar": true
}
}, - "secondary": {
- "requireExtJwtSigner": "string",
- "requireTotp": true
}, - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Authenticate via a method supplied via a query string parameter
Allowed authentication methods include "password", "cert", and "ext-jwt"
query Parameters
method required | string Enum: "password" "cert" "ext-jwt" |
Request Body schema: application/json
configTypes | Array of strings (configTypes) Specific configuration types that should be returned |
object (envInfo) Environment information an authenticating client may provide | |
password | string (password) [ 5 .. 100 ] characters |
object (sdkInfo) SDK information an authenticating client may provide | |
username | string (username) [ 4 .. 100 ] characters |
Responses
Request samples
- Payload
{- "configTypes": [
- "string"
], - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "password": "string",
- "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "username": "string"
}
Response samples
- 200
- 400
- 401
- 429
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "authQueries": [
- {
- "clientId": "string",
- "format": "numeric",
- "httpMethod": "string",
- "httpUrl": "string",
- "id": "string",
- "maxLength": 0,
- "minLength": 0,
- "provider": "ziti",
- "scopes": [
- "string"
], - "typeId": "MFA"
}
], - "authenticatorId": "string",
- "cachedLastActivityAt": "2019-08-24T14:15:22Z",
- "configTypes": [
- "string"
], - "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "ipAddress": "string",
- "isCertExtendable": true,
- "isMfaComplete": true,
- "isMfaRequired": true,
- "lastActivityAt": "2019-08-24T14:15:22Z",
- "token": "string",
- "expirationSeconds": 0,
- "expiresAt": "2019-08-24T14:15:22Z"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Complete MFA authentication
Completes MFA authentication by submitting a MFA time based one time token or backup code.
Authorizations:
Request Body schema: application/jsonrequired
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 429
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Complete MFA authentication
Completes MFA authentication by submitting a MFA time based one time token or backup code.
Authorizations:
Request Body schema: application/jsonrequired
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 429
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Returns the current status of MFA enrollment
Returns details about the current MFA enrollment. If enrollment has not been completed it will return the current MFA configuration details necessary to complete a POST /current-identity/mfa/verify
.
Authorizations:
Responses
Response samples
- 200
- 401
- 404
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isVerified": true,
- "provisioningUrl": "string",
- "recoveryCodes": [
- "string"
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Initiate MFA enrollment
Allows authenticator based MFA enrollment. If enrollment has already been completed, it must be disabled before attempting to re-enroll. Subsequent enrollment request is completed via POST /current-identity/mfa/verify
Authorizations:
Responses
Response samples
- 201
- 401
- 409
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Disable MFA for the current identity
Disable MFA for the current identity. Requires a current valid time based one time password if MFA enrollment has been completed. If not, code should be an empty string. If one time passwords are not available and admin account can be used to remove MFA from the identity via DELETE /identities/<id>/mfa
.
Authorizations:
header Parameters
mfa-validation-code | string |
Responses
Response samples
- 200
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
For a completed MFA enrollment view the current recovery codes
Allows the viewing of recovery codes of an MFA enrollment. Requires a current valid time based one time password to interact with. Available after a completed MFA enrollment.
Authorizations:
header Parameters
mfa-validation-code | string |
Request Body schema: application/json
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 404
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "recoveryCodes": [
- "string"
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
For a completed MFA enrollment regenerate the recovery codes
Allows regeneration of recovery codes of an MFA enrollment. Requires a current valid time based one time password to interact with. Available after a completed MFA enrollment. This replaces all existing recovery codes.
Authorizations:
Request Body schema: application/jsonrequired
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Complete MFA enrollment by verifying a time based one time token
Completes MFA enrollment by accepting a time based one time password as verification. Called after MFA enrollment has been initiated via POST /current-identity/mfa
.
Authorizations:
Request Body schema: application/jsonrequired
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Remove MFA from an identitity
Allows an admin to remove MFA enrollment from a specific identity. Requires admin.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List authenticators
Returns a list of authenticators associated to identities. The resources can be sorted, filtered, and paginated. This endpoint requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "certPem": "string",
- "fingerprint": "string",
- "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "isIssuedByNetwork": true,
- "method": "string",
- "username": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Creates an authenticator
Creates an authenticator for a specific identity. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A Authenticator create object
certPem | string The client certificate the identity will login with. Used only for method='cert' |
identityId required | string The id of an existing identity that will be assigned this authenticator |
method required | string The type of authenticator to create; which will dictate which properties on this object are required. |
password | string The password the identity will login with. Used only for method='updb' |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
username | string The username that the identity will login with. Used only for method='updb' |
Responses
Request samples
- Payload
{- "certPem": "string",
- "identityId": "string",
- "method": "string",
- "password": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "username": "string"
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single authenticator
Retrieves a single authenticator by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "certPem": "string",
- "fingerprint": "string",
- "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "isIssuedByNetwork": true,
- "method": "string",
- "username": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on an authenticator
Update all fields on an authenticator by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An authenticator put object
password required | string (password) [ 5 .. 100 ] characters |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
username required | string (username) [ 4 .. 100 ] characters |
Responses
Request samples
- Payload
{- "password": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "username": "string"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete an Authenticator
Delete an authenticator by id. Deleting all authenticators for an identity will make it impossible to log in. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on an authenticator
Update the supplied fields on an authenticator by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An authenticator patch object
password | string or null (passwordNullable) [ 5 .. 100 ] characters |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
username | string or null (usernameNullable) [ 4 .. 100 ] characters |
Responses
Request samples
- Payload
{- "password": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "username": "string"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Reverts an authenticator to an enrollment
Allows an authenticator to be reverted to an enrollment and allows re-enrollment to occur. On success the created enrollment record response is provided and the source authenticator record will be deleted. The enrollment created depends on the authenticator. UPDB authenticators result in UPDB enrollments, CERT authenticators result in OTT enrollments, CERT + CA authenticators result in OTTCA enrollments.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A reEnrollment request
expiresAt required | string <date-time> |
Responses
Request samples
- Payload
{- "expiresAt": "2019-08-24T14:15:22Z"
}
Response samples
- 201
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List CAs
Retrieves a list of CA resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "certPem": "string",
- "externalIdClaim": {
- "index": 0,
- "location": "COMMON_NAME",
- "matcher": "ALL",
- "matcherCriteria": "string",
- "parser": "NONE",
- "parserCriteria": "string"
}, - "fingerprint": "string",
- "identityNameFormat": "string",
- "identityRoles": [
- "string"
], - "isAuthEnabled": true,
- "isAutoCaEnrollmentEnabled": true,
- "isOttCaEnrollmentEnabled": true,
- "isVerified": false,
- "name": "string",
- "verificationToken": "661bcd0f-0b84-48ca-a7f5-e63d66ad0300"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Creates a CA
Creates a CA in an unverified state. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A CA to create
certPem required | string |
object (externalIdClaim) | |
identityNameFormat | string |
identityRoles required | Array of strings (roles) |
isAuthEnabled required | boolean |
isAutoCaEnrollmentEnabled required | boolean |
isOttCaEnrollmentEnabled required | boolean |
name required | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "certPem": "-----BEGIN CERTIFICATE-----\nMIICUjCCAdmgAwIBAgIJANooo7NB+dZZMAoGCCqGSM49BAMCMF4xCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJOQzETMBEGA1UECgwKTmV0Rm91bmRyeTEtMCsGA1UEAwwk\nTmV0Rm91bmRyeSBaaXRpIEV4dGVybmFsIEFQSSBSb290IENBMB4XDTE4MTExNTEy\nNTcwOVoXDTM4MTExMDEyNTcwOVowXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5D\nMRMwEQYDVQQKDApOZXRGb3VuZHJ5MS0wKwYDVQQDDCROZXRGb3VuZHJ5IFppdGkg\nRXh0ZXJuYWwgQVBJIFJvb3QgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARwq61Z\nIaqbaw0PDt3frJZaHjkxfZhwYrykI1GlbRNd/jix03lVG9qvpN5Og9fQfFFcFmD/\n3vCE9S6O0npm0mADQxcBcxbMRAH5dtBuCuiJW6qAAbPgiM32vqSxBiFt0KejYzBh\nMB0GA1UdDgQWBBRx1OVGuc/jdltDc8YBtkw8Tbr4fjAfBgNVHSMEGDAWgBRx1OVG\nuc/jdltDc8YBtkw8Tbr4fjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB\nhjAKBggqhkjOPQQDAgNnADBkAjBDRxNZUaIVpkQKnAgJukl3ysd3/i7Z6hDyIEms\nkllz/+ZvmdBp9iedV5o5BvJUggACMCv+UBFlJH7pmsOCo/F45Kk178YsCC7gaMxE\n1ZG1zveyMvsYsH04C9FndE6w2MLvlA==\n-----END CERTIFICATE-----\n",
- "externalIdClaim": {
- "index": 0,
- "location": "COMMON_NAME",
- "matcher": "ALL",
- "matcherCriteria": "string",
- "parser": "NONE",
- "parserCriteria": "string"
}, - "identityNameFormat": "string",
- "identityRoles": [
- "string"
], - "isAuthEnabled": true,
- "isAutoCaEnrollmentEnabled": true,
- "isOttCaEnrollmentEnabled": true,
- "name": "Test 3rd Party External CA",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single CA
Retrieves a single CA by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "certPem": "string",
- "externalIdClaim": {
- "index": 0,
- "location": "COMMON_NAME",
- "matcher": "ALL",
- "matcherCriteria": "string",
- "parser": "NONE",
- "parserCriteria": "string"
}, - "fingerprint": "string",
- "identityNameFormat": "string",
- "identityRoles": [
- "string"
], - "isAuthEnabled": true,
- "isAutoCaEnrollmentEnabled": true,
- "isOttCaEnrollmentEnabled": true,
- "isVerified": false,
- "name": "string",
- "verificationToken": "661bcd0f-0b84-48ca-a7f5-e63d66ad0300"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a CA
Update all fields on a CA by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A CA update object
object (externalIdClaim) | |
identityNameFormat required | string |
identityRoles required | Array of strings (roles) |
isAuthEnabled required | boolean |
isAutoCaEnrollmentEnabled required | boolean |
isOttCaEnrollmentEnabled required | boolean |
name required | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "externalIdClaim": {
- "index": 0,
- "location": "COMMON_NAME",
- "matcher": "ALL",
- "matcherCriteria": "string",
- "parser": "NONE",
- "parserCriteria": "string"
}, - "identityNameFormat": "string",
- "identityRoles": [
- "string"
], - "isAuthEnabled": true,
- "isAutoCaEnrollmentEnabled": true,
- "isOttCaEnrollmentEnabled": true,
- "name": "My CA",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a CA
Delete a CA by id. Deleting a CA will delete its associated certificate authenticators. This can make it impossible for identities to authenticate if they no longer have any valid authenticators. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a CA
Update only the supplied fields on a CA by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A CA patch object
object (externalIdClaimPatch) | |
identityNameFormat | string or null |
identityRoles | Array of strings (roles) |
isAuthEnabled | boolean or null |
isAutoCaEnrollmentEnabled | boolean or null |
isOttCaEnrollmentEnabled | boolean or null |
name | string or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "externalIdClaim": {
- "index": 0,
- "location": "COMMON_NAME",
- "matcher": "ALL",
- "matcherCriteria": "string",
- "parser": "NONE",
- "parserCriteria": "string"
}, - "identityNameFormat": "string",
- "identityRoles": [
- "string"
], - "isAuthEnabled": true,
- "isAutoCaEnrollmentEnabled": true,
- "isOttCaEnrollmentEnabled": true,
- "name": "My CA",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieve the enrollment JWT for a CA
For CA auto enrollment, the enrollment JWT is static and provided on each CA resource. This endpoint provides the jwt as a text response.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImNhIiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6MTI 4MC8ifQ.Ot6lhNBSOw8ygHytdI5l7WDf9EWadOj44UPvJ0c-8mJ54fClWM3uMZrAHSSfV6KmOSZOeBBJe4VlNyoD-_MOECP0BzYSnSQP3E zJb0VlM-fFmGcKNGW157icyZNISfO43JL_Lw2QPBzTgikqSIj9eZnocC3BeAmZCHsVznnLfHWqDldcmuxnu-5MNOSrWV1x9iVcgLFlLHXK 2PLA4qIiZmlQTrQjpHJmUaoJ07mnj8hMKzxB3wBG8kpazjEo7HDRCO06aBH4eqFgf_l0iT8Dzcb31jquWMGUoSXPhf4lVJh_FiNcR1wVx- UiHLbG5h23Aqf1UJF-F38rc1FElKz0Zg
Verify a CA
Allows a CA to become verified by submitting a certificate in PEM format that has been signed by the target CA. The common name on the certificate must match the verificationToken property of the CA. Unverfieid CAs can not be used for enrollment/authentication. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: text/plainrequired
A PEM formatted certificate signed by the target CA with the common name matching the CA's validationToken
Responses
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List config-types
Retrieves a list of config-type resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "ziti-tunneler-server.v1",
- "schema": { }
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a config-type. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A config-type to create
name required | string |
object A JSON schema to enforce configuration against | |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "name": "ziti-tunneler-server.v1",
- "schema": { },
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single config-type
Retrieves a single config-type by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "ziti-tunneler-server.v1",
- "schema": { }
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a config-type
Update all fields on a config-type by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A config-type update object
name required | string |
object A JSON schema to enforce configuration against | |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "name": "ziti-tunneler-server.v1",
- "schema": { },
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a config-type
Delete a config-type by id. Removing a configuration type that are in use will result in a 409 conflict HTTP status code and error. All configurations of a type must be removed first.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a config-type
Update the supplied fields on a config-type. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A config-type patch object
name | string |
object A JSON schema to enforce configuration against | |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "name": "ziti-tunneler-server.v1",
- "schema": { },
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Lists the configs of a specific config-type
Lists the configs associated to a config-type. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "configType": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "configTypeId": "string",
- "data": { },
- "name": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List configs
Retrieves a list of config resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "configType": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "configTypeId": "string",
- "data": { },
- "name": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a config resource
Create a config resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A config to create
configTypeId required | string The id of a config-type that the data section will match |
required | object Data payload is defined by the schema of the config-type defined in the type parameter |
name required | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "configTypeId": "cea49285-6c07-42cf-9f52-09a9b115c783",
- "data": {
- "hostname": "example.com",
- "port": 80
}, - "name": "test-config"
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single config
Retrieves a single config by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "configType": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "configTypeId": "string",
- "data": { },
- "name": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a config
Update all fields on a config by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A config update object
required | object Data payload is defined by the schema of the config-type defined in the type parameter |
name required | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "data": {
- "hostname": "example.com",
- "port": 80
}, - "name": "example-config-name"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a config
Delete a config by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a config
Update the supplied fields on a config. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A config patch object
object Data payload is defined by the schema of the config-type defined in the type parameter | |
name | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "data": {
- "hostname": "example.com",
- "port": 80
}, - "name": "example-config-name"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List services referenced by a config
Retrieves a list of service resources that reference a given config; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "config": {
- "property1": {
- "property1": { },
- "property2": { }
}, - "property2": {
- "property1": { },
- "property2": { }
}
}, - "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "permissions": [
- "Dial"
], - "postureQueries": [
- {
- "isPassing": true,
- "policyId": "string",
- "policyType": "Dial",
- "postureQueries": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isPassing": true,
- "process": {
- "osType": "Windows",
- "path": "string"
}, - "processes": [
- {
- "osType": "Windows",
- "path": "string"
}
], - "queryType": "OS",
- "timeout": 0,
- "timeoutRemaining": 0
}
]
}
], - "roleAttributes": [
- "string"
], - "terminatorStrategy": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List controllers
Retrieves a list of controllers
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "apiAddresses": {
- "property1": [
- {
- "url": "string",
- "version": "string"
}
], - "property2": [
- {
- "url": "string",
- "version": "string"
}
]
}, - "certPem": "string",
- "ctrlAddress": "string",
- "fingerprint": "string",
- "isOnline": true,
- "lastJoinedAt": "2019-08-24T14:15:22Z",
- "name": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Return the current API session
Retrieves the API session that was used to issue the current request
Authorizations:
Responses
Response samples
- 200
- 401
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "authQueries": [
- {
- "clientId": "string",
- "format": "numeric",
- "httpMethod": "string",
- "httpUrl": "string",
- "id": "string",
- "maxLength": 0,
- "minLength": 0,
- "provider": "ziti",
- "scopes": [
- "string"
], - "typeId": "MFA"
}
], - "authenticatorId": "string",
- "cachedLastActivityAt": "2019-08-24T14:15:22Z",
- "configTypes": [
- "string"
], - "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "ipAddress": "string",
- "isCertExtendable": true,
- "isMfaComplete": true,
- "isMfaRequired": true,
- "lastActivityAt": "2019-08-24T14:15:22Z",
- "token": "string",
- "expirationSeconds": 0,
- "expiresAt": "2019-08-24T14:15:22Z"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List authenticators for the current identity
Retrieves a list of authenticators assigned to the current API session's identity; supports filtering, sorting, and pagination.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "certPem": "string",
- "fingerprint": "string",
- "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "isIssuedByNetwork": true,
- "method": "string",
- "username": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieve an authenticator for the current identity
Retrieves a single authenticator by id. Will only show authenticators assigned to the API session's identity.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "certPem": "string",
- "fingerprint": "string",
- "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "isIssuedByNetwork": true,
- "method": "string",
- "username": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on an authenticator of this identity
Update all fields on an authenticator by id. Will only update authenticators assigned to the API session's identity.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An authenticator put object
password required | string (password) [ 5 .. 100 ] characters |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
username required | string (username) [ 4 .. 100 ] characters |
currentPassword required | string (password) [ 5 .. 100 ] characters |
Responses
Request samples
- Payload
{- "password": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "username": "string",
- "currentPassword": "string"
}
Response samples
- 200
- 400
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on an authenticator of this identity
Update the supplied fields on an authenticator by id. Will only update authenticators assigned to the API session's identity.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An authenticator patch object
password | string or null (passwordNullable) [ 5 .. 100 ] characters |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
username | string or null (usernameNullable) [ 4 .. 100 ] characters |
currentPassword required | string (password) [ 5 .. 100 ] characters |
Responses
Request samples
- Payload
{- "password": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "username": "string",
- "currentPassword": "string"
}
Response samples
- 200
- 400
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Allows the current identity to recieve a new certificate associated with a certificate based authenticator
This endpoint only functions for certificates issued by the controller. 3rd party certificates are not handled. Allows an identity to extend its certificate's expiration date by using its current and valid client certificate to submit a CSR. This CSR may be passed in using a new private key, thus allowing private key rotation. The response from this endpoint is a new client certificate which the client must be verified via the /authenticators/{id}/extend-verify endpoint. After verification is completion any new connections must be made with new certificate. Prior to verification the old client certificate remains active.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
clientCertCsr required | string |
Responses
Request samples
- Payload
{- "clientCertCsr": "string"
}
Response samples
- 200
- 401
{- "data": {
- "ca": "string",
- "clientCert": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Allows the current identity to validate reciept of a new client certificate
After submitting a CSR for a new client certificate the resulting public certificate must be re-submitted to this endpoint to verify receipt. After receipt, the new client certificate must be used for new authentication requests.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
clientCert required | string A PEM encoded client certificate previously returned after an extension request |
Responses
Request samples
- Payload
{- "clientCert": "string"
}
Response samples
- 200
- 401
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Return the current identity
Returns the identity associated with the API sessions used to issue the current request
Authorizations:
Responses
Response samples
- 200
- 401
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicy": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "authPolicyId": "string",
- "authenticators": {
- "cert": {
- "fingerprint": "string",
- "id": "string"
}, - "updb": {
- "id": "string",
- "username": "string"
}
}, - "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "disabled": true,
- "disabledAt": "2019-08-24T14:15:22Z",
- "disabledUntil": "2019-08-24T14:15:22Z",
- "edgeRouterConnectionStatus": "online",
- "enrollment": {
- "ott": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "ottca": {
- "ca": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "updb": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}
}, - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "externalId": "string",
- "hasApiSession": true,
- "hasEdgeRouterConnection": true,
- "isAdmin": true,
- "isDefaultAdmin": true,
- "isMfaEnabled": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "type": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "typeId": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Returns the current status of MFA enrollment
Returns details about the current MFA enrollment. If enrollment has not been completed it will return the current MFA configuration details necessary to complete a POST /current-identity/mfa/verify
.
Authorizations:
Responses
Response samples
- 200
- 401
- 404
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isVerified": true,
- "provisioningUrl": "string",
- "recoveryCodes": [
- "string"
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Initiate MFA enrollment
Allows authenticator based MFA enrollment. If enrollment has already been completed, it must be disabled before attempting to re-enroll. Subsequent enrollment request is completed via POST /current-identity/mfa/verify
Authorizations:
Responses
Response samples
- 201
- 401
- 409
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Disable MFA for the current identity
Disable MFA for the current identity. Requires a current valid time based one time password if MFA enrollment has been completed. If not, code should be an empty string. If one time passwords are not available and admin account can be used to remove MFA from the identity via DELETE /identities/<id>/mfa
.
Authorizations:
header Parameters
mfa-validation-code | string |
Responses
Response samples
- 200
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
For a completed MFA enrollment view the current recovery codes
Allows the viewing of recovery codes of an MFA enrollment. Requires a current valid time based one time password to interact with. Available after a completed MFA enrollment.
Authorizations:
header Parameters
mfa-validation-code | string |
Request Body schema: application/json
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 404
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "recoveryCodes": [
- "string"
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
For a completed MFA enrollment regenerate the recovery codes
Allows regeneration of recovery codes of an MFA enrollment. Requires a current valid time based one time password to interact with. Available after a completed MFA enrollment. This replaces all existing recovery codes.
Authorizations:
Request Body schema: application/jsonrequired
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Complete MFA enrollment by verifying a time based one time token
Completes MFA enrollment by accepting a time based one time password as verification. Called after MFA enrollment has been initiated via POST /current-identity/mfa
.
Authorizations:
Request Body schema: application/jsonrequired
An MFA validation request
code required | string |
Responses
Request samples
- Payload
{- "code": "string"
}
Response samples
- 200
- 401
- 404
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Allows the current identity to recieve a new certificate associated with a certificate based authenticator
This endpoint only functions for certificates issued by the controller. 3rd party certificates are not handled. Allows an identity to extend its certificate's expiration date by using its current and valid client certificate to submit a CSR. This CSR may be passed in using a new private key, thus allowing private key rotation. The response from this endpoint is a new client certificate which the client must be verified via the /authenticators/{id}/extend-verify endpoint. After verification is completion any new connections must be made with new certificate. Prior to verification the old client certificate remains active.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
clientCertCsr required | string |
Responses
Request samples
- Payload
{- "clientCertCsr": "string"
}
Response samples
- 200
- 401
{- "data": {
- "ca": "string",
- "clientCert": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Allows the current identity to validate reciept of a new client certificate
After submitting a CSR for a new client certificate the resulting public certificate must be re-submitted to this endpoint to verify receipt. After receipt, the new client certificate must be used for new authentication requests.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
clientCert required | string A PEM encoded client certificate previously returned after an extension request |
Responses
Request samples
- Payload
{- "clientCert": "string"
}
Response samples
- 200
- 401
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Allows the current identity to recieve a new certificate associated with a certificate based authenticator
This endpoint only functions for certificates issued by the controller. 3rd party certificates are not handled. Allows an identity to extend its certificate's expiration date by using its current and valid client certificate to submit a CSR. This CSR may be passed in using a new private key, thus allowing private key rotation. The response from this endpoint is a new client certificate which the client must be verified via the /authenticators/{id}/extend-verify endpoint. After verification is completion any new connections must be made with new certificate. Prior to verification the old client certificate remains active.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
clientCertCsr required | string |
Responses
Request samples
- Payload
{- "clientCertCsr": "string"
}
Response samples
- 200
- 401
{- "data": {
- "ca": "string",
- "clientCert": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Allows the current identity to validate reciept of a new client certificate
After submitting a CSR for a new client certificate the resulting public certificate must be re-submitted to this endpoint to verify receipt. After receipt, the new client certificate must be used for new authentication requests.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
clientCert required | string A PEM encoded client certificate previously returned after an extension request |
Responses
Request samples
- Payload
{- "clientCert": "string"
}
Response samples
- 200
- 401
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Starts a data integrity scan on the datastore
Starts a data integrity scan on the datastore. Requires admin access. Only once instance may run at a time, including runs of fixDataIntegrity.
Authorizations:
Responses
Response samples
- 202
- 401
- 429
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Returns any results found from in-progress integrity checks
Returns any results found from in-progress integrity checks. Requires admin access.
Authorizations:
Responses
Response samples
- 200
- 401
- 429
- 503
{- "data": {
- "endTime": "2019-08-24T14:15:22Z",
- "error": "string",
- "fixingErrors": true,
- "inProgress": true,
- "results": [
- {
- "description": "string",
- "fixed": true
}
], - "startTime": "2019-08-24T14:15:22Z",
- "tooManyErrors": true
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Runs a data integrity scan on the datastore, attempts to fix any issues it can and returns any found issues
Runs a data integrity scan on the datastore, attempts to fix any issues it can, and returns any found issues. Requires admin access. Only once instance may run at a time, including runs of checkDataIntegrity.
Authorizations:
Responses
Response samples
- 202
- 401
- 429
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a new database snapshot
Create a new database snapshot. Requires admin access.
Authorizations:
Responses
Response samples
- 200
- 401
- 429
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List edge router policies
Retrieves a list of edge router policy resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "edgeRouterRoles": [
- "string"
], - "edgeRouterRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "isSystem": true,
- "name": "string",
- "semantic": "AllOf"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create an edge router policy resource
Create an edge router policy resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
An edge router policy to create
edgeRouterRoles | Array of strings (roles) |
identityRoles | Array of strings (roles) |
name required | string |
semantic required | string (semantic) Enum: "AllOf" "AnyOf" |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "edgeRouterRoles": [
- "string"
], - "identityRoles": [
- "string"
], - "name": "string",
- "semantic": "AllOf",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single edge router policy
Retrieves a single edge router policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "edgeRouterRoles": [
- "string"
], - "edgeRouterRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "isSystem": true,
- "name": "string",
- "semantic": "AllOf"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on an edge router policy
Update all fields on an edge router policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An edge router policy update object
edgeRouterRoles | Array of strings (roles) |
identityRoles | Array of strings (roles) |
name required | string |
semantic required | string (semantic) Enum: "AllOf" "AnyOf" |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "edgeRouterRoles": [
- "string"
], - "identityRoles": [
- "string"
], - "name": "string",
- "semantic": "AllOf",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete an edge router policy
Delete an edge router policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on an edge router policy
Update the supplied fields on an edge router policy. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An edge router policy patch object
edgeRouterRoles | Array of strings (roles) |
identityRoles | Array of strings (roles) |
name | string |
semantic | string (semantic) Enum: "AllOf" "AnyOf" |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "edgeRouterRoles": [
- "string"
], - "identityRoles": [
- "string"
], - "name": "string",
- "semantic": "AllOf",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List edge routers a policy affects
Retrieves a list of edge routers an edge router policy resources affects; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
- "edge-router-policies": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d/edge-routers"
}, - "self": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d"
}
}, - "cost": 0,
- "createdAt": "2020-03-16T17:13:31.5807454Z",
- "enrollmentCreatedAt": "2020-03-16T17:13:31.5777637Z",
- "enrollmentExpiresAt": "2020-03-16T17:18:31.5777637Z",
- "enrollmentJwt": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImVyb3R0IiwiZXhwIjoxNTg0Mzc5MTExLCJpc3MiOiJodHRwczovL 2xvY2FsaG9zdDoxMjgwIiwianRpIjoiMzBhMWYwZWEtZDM5Yi00YWFlLWI4NTItMzA0Y2YxYzMwZDFmIiwic3ViIjoiYjA3NjZiOGQtYmQxYS00ZDI 4LTg0MTUtNjM5YjI5ZDNjODNkIn0.UsyQhCPORQ5tQnYWY7S88LNvV9iFS5Hy-P4aJaClZzEICobKgnQoyQblJcdMvk3cGKwyFqAnQtt0tDZkb8tHz Vqyv6bilHcAFuMRrdwXRqdXquabSN5geu2qBUnyzL7Mf2X85if8sbMida6snB4oLZsVRF3CRn4ODBJdeiVJ_Z4rgD-zW2IwtXPApT7ALyiiw2cN4EH 8pqQ7tpZKqztE0PGEbBQFPGKUFnm7oXyvSUo17EsFJUv5gUlBzfKKGolh5io4ptp22HZrqsqSnqDSOnYEZHonr5Yljuwiktrlh-JKiK6GGns5OAJMP dO9lgM4yHSpF2ILbqhWMV93Y3zMOg",
- "enrollmentToken": "30a1f0ea-d39b-4aae-b852-304cf1c30d1f",
- "fingerprint": null,
- "hostname": "",
- "id": "b0766b8d-bd1a-4d28-8415-639b29d3c83d",
- "isOnline": false,
- "isTunnelerEnabled": false,
- "isVerified": false,
- "name": "TestRouter-e33c837f-3222-4b40-bcd6-b3458fd5156e",
- "noTraversal": false,
- "roleAttributes": [
- "eastCoast",
- "sales",
- "test"
], - "supportedProtocols": { },
- "tags": { },
- "updatedAt": "2020-03-16T17:13:31.5807454Z"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List identities an edge router policy affects
Retrieves a list of identities an edge router policy resources affects; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicy": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "authPolicyId": "string",
- "authenticators": {
- "cert": {
- "fingerprint": "string",
- "id": "string"
}, - "updb": {
- "id": "string",
- "username": "string"
}
}, - "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "disabled": true,
- "disabledAt": "2019-08-24T14:15:22Z",
- "disabledUntil": "2019-08-24T14:15:22Z",
- "edgeRouterConnectionStatus": "online",
- "enrollment": {
- "ott": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "ottca": {
- "ca": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "updb": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}
}, - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "externalId": "string",
- "hasApiSession": true,
- "hasEdgeRouterConnection": true,
- "isAdmin": true,
- "isDefaultAdmin": true,
- "isMfaEnabled": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "type": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "typeId": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List role attributes in use by edge routers
Retrieves a list of role attributes in use by edge routers; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- "string"
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List role attributes in use by identities
Retrieves a list of role attributes in use by identities; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- "string"
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List role attributes in use by posture checks
Retrieves a list of role attributes in use by posture checks; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- "string"
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List role attributes in use by services
Retrieves a list of role attributes in use by services; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- "string"
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List edge routers
Retrieves a list of edge router resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
roleFilter | Array of strings |
roleSemantic | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
- "edge-router-policies": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d/edge-routers"
}, - "self": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d"
}
}, - "cost": 0,
- "createdAt": "2020-03-16T17:13:31.5807454Z",
- "enrollmentCreatedAt": "2020-03-16T17:13:31.5777637Z",
- "enrollmentExpiresAt": "2020-03-16T17:18:31.5777637Z",
- "enrollmentJwt": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImVyb3R0IiwiZXhwIjoxNTg0Mzc5MTExLCJpc3MiOiJodHRwczovL 2xvY2FsaG9zdDoxMjgwIiwianRpIjoiMzBhMWYwZWEtZDM5Yi00YWFlLWI4NTItMzA0Y2YxYzMwZDFmIiwic3ViIjoiYjA3NjZiOGQtYmQxYS00ZDI 4LTg0MTUtNjM5YjI5ZDNjODNkIn0.UsyQhCPORQ5tQnYWY7S88LNvV9iFS5Hy-P4aJaClZzEICobKgnQoyQblJcdMvk3cGKwyFqAnQtt0tDZkb8tHz Vqyv6bilHcAFuMRrdwXRqdXquabSN5geu2qBUnyzL7Mf2X85if8sbMida6snB4oLZsVRF3CRn4ODBJdeiVJ_Z4rgD-zW2IwtXPApT7ALyiiw2cN4EH 8pqQ7tpZKqztE0PGEbBQFPGKUFnm7oXyvSUo17EsFJUv5gUlBzfKKGolh5io4ptp22HZrqsqSnqDSOnYEZHonr5Yljuwiktrlh-JKiK6GGns5OAJMP dO9lgM4yHSpF2ILbqhWMV93Y3zMOg",
- "enrollmentToken": "30a1f0ea-d39b-4aae-b852-304cf1c30d1f",
- "fingerprint": null,
- "hostname": "",
- "id": "b0766b8d-bd1a-4d28-8415-639b29d3c83d",
- "isOnline": false,
- "isTunnelerEnabled": false,
- "isVerified": false,
- "name": "TestRouter-e33c837f-3222-4b40-bcd6-b3458fd5156e",
- "noTraversal": false,
- "roleAttributes": [
- "eastCoast",
- "sales",
- "test"
], - "supportedProtocols": { },
- "tags": { },
- "updatedAt": "2020-03-16T17:13:31.5807454Z"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create an edge router
Create a edge router resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A edge router to create
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
isTunnelerEnabled | boolean |
name required | string |
noTraversal | boolean or null |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "appData": {
- "property1": { },
- "property2": { }
}, - "cost": 65535,
- "disabled": true,
- "isTunnelerEnabled": true,
- "name": "string",
- "noTraversal": true,
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single edge router
Retrieves a single edge router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
- "edge-router-policies": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d/edge-routers"
}, - "self": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d"
}
}, - "cost": 0,
- "createdAt": "2020-03-16T17:13:31.5807454Z",
- "enrollmentCreatedAt": "2020-03-16T17:13:31.5777637Z",
- "enrollmentExpiresAt": "2020-03-16T17:18:31.5777637Z",
- "enrollmentJwt": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImVyb3R0IiwiZXhwIjoxNTg0Mzc5MTExLCJpc3MiOiJodHRwczovL 2xvY2FsaG9zdDoxMjgwIiwianRpIjoiMzBhMWYwZWEtZDM5Yi00YWFlLWI4NTItMzA0Y2YxYzMwZDFmIiwic3ViIjoiYjA3NjZiOGQtYmQxYS00ZDI 4LTg0MTUtNjM5YjI5ZDNjODNkIn0.UsyQhCPORQ5tQnYWY7S88LNvV9iFS5Hy-P4aJaClZzEICobKgnQoyQblJcdMvk3cGKwyFqAnQtt0tDZkb8tHz Vqyv6bilHcAFuMRrdwXRqdXquabSN5geu2qBUnyzL7Mf2X85if8sbMida6snB4oLZsVRF3CRn4ODBJdeiVJ_Z4rgD-zW2IwtXPApT7ALyiiw2cN4EH 8pqQ7tpZKqztE0PGEbBQFPGKUFnm7oXyvSUo17EsFJUv5gUlBzfKKGolh5io4ptp22HZrqsqSnqDSOnYEZHonr5Yljuwiktrlh-JKiK6GGns5OAJMP dO9lgM4yHSpF2ILbqhWMV93Y3zMOg",
- "enrollmentToken": "30a1f0ea-d39b-4aae-b852-304cf1c30d1f",
- "fingerprint": null,
- "hostname": "",
- "id": "b0766b8d-bd1a-4d28-8415-639b29d3c83d",
- "isOnline": false,
- "isTunnelerEnabled": false,
- "isVerified": false,
- "name": "TestRouter-e33c837f-3222-4b40-bcd6-b3458fd5156e",
- "noTraversal": false,
- "roleAttributes": [
- "eastCoast",
- "sales",
- "test"
], - "supportedProtocols": { },
- "tags": { },
- "updatedAt": "2020-03-16T17:13:31.5807454Z"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on an edge router
Update all fields on an edge router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An edge router update object
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
isTunnelerEnabled | boolean |
name required | string |
noTraversal | boolean or null |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "appData": {
- "property1": { },
- "property2": { }
}, - "cost": 65535,
- "disabled": true,
- "isTunnelerEnabled": true,
- "name": "string",
- "noTraversal": true,
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete an edge router
Delete an edge router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on an edge router
Update the supplied fields on an edge router. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An edge router patch object
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
isTunnelerEnabled | boolean |
name | string or null |
noTraversal | boolean or null |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "appData": {
- "property1": { },
- "property2": { }
}, - "cost": 65535,
- "disabled": true,
- "isTunnelerEnabled": true,
- "name": "string",
- "noTraversal": true,
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List the edge router policies that affect an edge router
Retrieves a list of edge router policies that apply to the specified edge router.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "edgeRouterRoles": [
- "string"
], - "edgeRouterRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "isSystem": true,
- "name": "string",
- "semantic": "AllOf"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List associated identities
Retrieves a list of identities that may access services via the given edge router. Supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicy": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "authPolicyId": "string",
- "authenticators": {
- "cert": {
- "fingerprint": "string",
- "id": "string"
}, - "updb": {
- "id": "string",
- "username": "string"
}
}, - "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "disabled": true,
- "disabledAt": "2019-08-24T14:15:22Z",
- "disabledUntil": "2019-08-24T14:15:22Z",
- "edgeRouterConnectionStatus": "online",
- "enrollment": {
- "ott": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "ottca": {
- "ca": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "updb": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}
}, - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "externalId": "string",
- "hasApiSession": true,
- "hasEdgeRouterConnection": true,
- "isAdmin": true,
- "isDefaultAdmin": true,
- "isMfaEnabled": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "type": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "typeId": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Re-enroll an edge router
Removes current certificate based authentication mechanisms and reverts the edge router into a state where enrollment must be performed. The router retains all other properties and associations. If the router is currently connected, it will be disconnected and any attemps to reconnect will fail until the enrollment process is completed with the newly generated JWT.
If the edge router has an existing outstanding enrollment JWT it will be replaced. The previous JWT will no longer be usable to complete the enrollment process.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List the service policies that affect an edge router
Retrieves a list of service policies policies that apply to the specified edge router.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "postureCheckRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "type": "Dial"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List associated services
Retrieves a list of services that may be accessed via the given edge router. Supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "config": {
- "property1": {
- "property1": { },
- "property2": { }
}, - "property2": {
- "property1": { },
- "property2": { }
}
}, - "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "permissions": [
- "Dial"
], - "postureQueries": [
- {
- "isPassing": true,
- "policyId": "string",
- "policyType": "Dial",
- "postureQueries": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isPassing": true,
- "process": {
- "osType": "Windows",
- "path": "string"
}, - "processes": [
- {
- "osType": "Windows",
- "path": "string"
}
], - "queryType": "OS",
- "timeout": 0,
- "timeoutRemaining": 0
}
]
}
], - "roleAttributes": [
- "string"
], - "terminatorStrategy": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List outstanding enrollments
Retrieves a list of outstanding enrollments; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
- "self": {
- "href": "./enrollments/624fa53f-7629-4a7a-9e38-c1f4ce322c1d"
}
}, - "ca": null,
- "createdAt": "0001-01-01T00:00:00Z",
- "expiresAt": "2020-03-11T20:20:24.0055543Z",
- "id": "624fa53f-7629-4a7a-9e38-c1f4ce322c1d",
- "identity": {
- "_links": {
- "self": {
- "href": "./identities/f047ac96-dc3a-408a-a6f2-0ba487c08ef9"
}
}, - "id": "f047ac96-dc3a-408a-a6f2-0ba487c08ef9",
- "name": "updb--0f245140-7f2e-4326-badf-6aba55e52475",
- "urlName": "identities"
}, - "method": "updb",
- "tags": null,
- "token": "1e727c8f-07e4-4a1d-a8b0-da0c7a01c6e1",
- "updatedAt": "0001-01-01T00:00:00Z",
- "username": "example-username"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create an outstanding enrollment for an identity
Creates a new OTT, OTTCA, or UPDB enrollment for a specific identity. If an enrollment of the same type is already outstanding the request will fail with a 409 conflict. If desired, an existing enrollment can be refreshed by enrollments/:id/refresh
or deleted.
Authorizations:
Request Body schema: application/jsonrequired
An enrollment to create
caId | string or null |
expiresAt required | string <date-time> |
identityId required | string |
method required | string Enum: "ott" "ottca" "updb" |
username | string or null |
Responses
Request samples
- Payload
{- "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "identityId": "string",
- "method": "ott",
- "username": "string"
}
Response samples
- 201
- 400
- 401
- 409
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves an outstanding enrollment
Retrieves a single outstanding enrollment by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
- "self": {
- "href": "./enrollments/624fa53f-7629-4a7a-9e38-c1f4ce322c1d"
}
}, - "ca": null,
- "createdAt": "0001-01-01T00:00:00Z",
- "expiresAt": "2020-03-11T20:20:24.0055543Z",
- "id": "624fa53f-7629-4a7a-9e38-c1f4ce322c1d",
- "identity": {
- "_links": {
- "self": {
- "href": "./identities/f047ac96-dc3a-408a-a6f2-0ba487c08ef9"
}
}, - "id": "f047ac96-dc3a-408a-a6f2-0ba487c08ef9",
- "name": "updb--0f245140-7f2e-4326-badf-6aba55e52475",
- "urlName": "identities"
}, - "method": "updb",
- "tags": null,
- "token": "1e727c8f-07e4-4a1d-a8b0-da0c7a01c6e1",
- "updatedAt": "0001-01-01T00:00:00Z",
- "username": "example-username"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete an outstanding enrollment
Delete an outstanding enrollment by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Refreshes an enrollment record's expiration window
For expired or unexpired enrollments, reset the expiration window. A new JWT will be generated and must be used for the enrollment.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An enrollment refresh request
expiresAt required | string <date-time> |
Responses
Request samples
- Payload
{- "expiresAt": "2019-08-24T14:15:22Z"
}
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Returns a list of JWTs suitable for bootstrapping network trust.
Returns a list of JWTs for trusting a network
Responses
Response samples
- 200
- 400
- 429
{- "data": [
- {
- "name": "string",
- "token": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List External JWT Signers
Retrieves a list of external JWT signers for authentication
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "audience": "string",
- "certPem": "string",
- "claimsProperty": "string",
- "clientId": "string",
- "commonName": "string",
- "enabled": true,
- "externalAuthUrl": "string",
- "fingerprint": "string",
- "issuer": "string",
- "kid": "string",
- "name": "MyApps Signer",
- "notAfter": "2019-08-24T14:15:22Z",
- "notBefore": "2019-08-24T14:15:22Z",
- "scopes": [
- "string"
], - "useExternalId": true
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Creates an External JWT Signer
Creates an External JWT Signer. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
An External JWT Signer to create
audience required | string or null |
certPem | string or null |
claimsProperty | string or null |
clientId | string or null |
enabled required | boolean |
externalAuthUrl | string or null <url> |
issuer required | string |
jwksEndpoint | string or null <uri> |
kid | string or null |
name required | string |
scopes | Array of strings or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
useExternalId | boolean or null |
Responses
Request samples
- Payload
{- "audience": "string",
- "certPem": "string",
- "claimsProperty": "string",
- "clientId": "string",
- "enabled": true,
- "externalAuthUrl": "string",
- "issuer": "string",
- "kid": "string",
- "name": "MyApps Signer",
- "scopes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "useExternalId": true
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single External JWT Signer
Retrieves a single External JWT Signer by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "audience": "string",
- "certPem": "string",
- "claimsProperty": "string",
- "clientId": "string",
- "commonName": "string",
- "enabled": true,
- "externalAuthUrl": "string",
- "fingerprint": "string",
- "issuer": "string",
- "kid": "string",
- "name": "MyApps Signer",
- "notAfter": "2019-08-24T14:15:22Z",
- "notBefore": "2019-08-24T14:15:22Z",
- "scopes": [
- "string"
], - "useExternalId": true
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on an External JWT Signer
Update all fields on an External JWT Signer by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An External JWT Signer update object
audience required | string or null |
certPem | string or null |
claimsProperty | string or null |
clientId | string or null |
enabled required | boolean |
externalAuthUrl | string or null <url> |
issuer required | string |
jwksEndpoint | string or null <uri> |
kid | string or null |
name required | string |
scopes | Array of strings or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
useExternalId | boolean or null |
Responses
Request samples
- Payload
{- "audience": "string",
- "certPem": "string",
- "claimsProperty": "string",
- "clientId": "string",
- "enabled": true,
- "externalAuthUrl": "string",
- "issuer": "string",
- "kid": "string",
- "name": "MyApps Signer",
- "scopes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "useExternalId": true
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete an External JWT Signer
Delete an External JWT Signer by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on an External JWT Signer
Update only the supplied fields on an External JWT Signer by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An External JWT Signer patch object
audience | string or null |
certPem | string or null |
claimsProperty | string or null |
clientId | string or null |
enabled | boolean or null |
externalAuthUrl | string or null <url> |
issuer | string or null |
jwksEndpoint | string or null <uri> |
kid | string or null |
name | string or null |
scopes | Array of strings |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
useExternalId | boolean or null |
Responses
Request samples
- Payload
{- "audience": "string",
- "certPem": "string",
- "claimsProperty": "string",
- "clientId": "string",
- "enabled": true,
- "externalAuthUrl": "string",
- "issuer": "string",
- "kid": "string",
- "name": "MyApps Signer",
- "scopes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "useExternalId": true
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List identities
Retrieves a list of identity resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
roleFilter | Array of strings |
roleSemantic | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicy": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "authPolicyId": "string",
- "authenticators": {
- "cert": {
- "fingerprint": "string",
- "id": "string"
}, - "updb": {
- "id": "string",
- "username": "string"
}
}, - "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "disabled": true,
- "disabledAt": "2019-08-24T14:15:22Z",
- "disabledUntil": "2019-08-24T14:15:22Z",
- "edgeRouterConnectionStatus": "online",
- "enrollment": {
- "ott": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "ottca": {
- "ca": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "updb": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}
}, - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "externalId": "string",
- "hasApiSession": true,
- "hasEdgeRouterConnection": true,
- "isAdmin": true,
- "isDefaultAdmin": true,
- "isMfaEnabled": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "type": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "typeId": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create an identity resource
Create an identity resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
An identity to create
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
authPolicyId | string or null |
defaultHostingCost | integer (terminatorCost) [ 0 .. 65535 ] |
defaultHostingPrecedence | string (terminatorPrecedence) Enum: "default" "required" "failed" |
object | |
externalId | string or null |
isAdmin required | boolean |
name required | string |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object (terminatorCostMap) | |
object (terminatorPrecedenceMap) | |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
type required | string (identityType) Enum: "User" "Device" "Service" "Router" "Default" |
Responses
Request samples
- Payload
{- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicyId": "string",
- "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "enrollment": {
- "ott": true,
- "ottca": "string",
- "updb": "string"
}, - "externalId": "string",
- "isAdmin": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "tags": {
- "property1": { },
- "property2": { }
}, - "type": "User"
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single identity
Retrieves a single identity by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicy": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "authPolicyId": "string",
- "authenticators": {
- "cert": {
- "fingerprint": "string",
- "id": "string"
}, - "updb": {
- "id": "string",
- "username": "string"
}
}, - "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "disabled": true,
- "disabledAt": "2019-08-24T14:15:22Z",
- "disabledUntil": "2019-08-24T14:15:22Z",
- "edgeRouterConnectionStatus": "online",
- "enrollment": {
- "ott": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "ottca": {
- "ca": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "updb": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}
}, - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "externalId": "string",
- "hasApiSession": true,
- "hasEdgeRouterConnection": true,
- "isAdmin": true,
- "isDefaultAdmin": true,
- "isMfaEnabled": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "type": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "typeId": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on an identity
Update all fields on an identity by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An identity update object
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
authPolicyId | string or null |
defaultHostingCost | integer (terminatorCost) [ 0 .. 65535 ] |
defaultHostingPrecedence | string (terminatorPrecedence) Enum: "default" "required" "failed" |
externalId | string or null |
isAdmin required | boolean |
name required | string |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object (terminatorCostMap) | |
object (terminatorPrecedenceMap) | |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
type required | string (identityType) Enum: "User" "Device" "Service" "Router" "Default" |
Responses
Request samples
- Payload
{- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicyId": "string",
- "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "externalId": "string",
- "isAdmin": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "tags": {
- "property1": { },
- "property2": { }
}, - "type": "User"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete an identity
Delete an identity by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on an identity
Update the supplied fields on an identity. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
An identity patch object
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
authPolicyId | string or null |
defaultHostingCost | integer (terminatorCost) [ 0 .. 65535 ] |
defaultHostingPrecedence | string (terminatorPrecedence) Enum: "default" "required" "failed" |
externalId | string or null |
isAdmin | boolean or null |
name | string or null |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object (terminatorCostMap) | |
object (terminatorPrecedenceMap) | |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
type | string (identityType) Enum: "User" "Device" "Service" "Router" "Default" |
Responses
Request samples
- Payload
{- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicyId": "string",
- "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "externalId": "string",
- "isAdmin": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "tags": {
- "property1": { },
- "property2": { }
}, - "type": "User"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieve the current authenticators of a specific identity
Returns a list of authenticators associated to the identity specified
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "certPem": "string",
- "fingerprint": "string",
- "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "isIssuedByNetwork": true,
- "method": "string",
- "username": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Set an identity as disabled
Reject an identity's API session requests for N minutes or indefinitely if 0.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
Disable parameters
durationMinutes required | integer |
Responses
Request samples
- Payload
{- "durationMinutes": 0
}
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List the edge router policies that affect an identity
Retrieves a list of edge router policies that apply to the specified identity.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "edgeRouterRoles": [
- "string"
], - "edgeRouterRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "isSystem": true,
- "name": "string",
- "semantic": "AllOf"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List accessible edge-routers
Retrieves a list of edge-routers that the given identity may use to access services. Supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
- "edge-router-policies": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d/edge-routers"
}, - "self": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d"
}
}, - "cost": 0,
- "createdAt": "2020-03-16T17:13:31.5807454Z",
- "enrollmentCreatedAt": "2020-03-16T17:13:31.5777637Z",
- "enrollmentExpiresAt": "2020-03-16T17:18:31.5777637Z",
- "enrollmentJwt": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImVyb3R0IiwiZXhwIjoxNTg0Mzc5MTExLCJpc3MiOiJodHRwczovL 2xvY2FsaG9zdDoxMjgwIiwianRpIjoiMzBhMWYwZWEtZDM5Yi00YWFlLWI4NTItMzA0Y2YxYzMwZDFmIiwic3ViIjoiYjA3NjZiOGQtYmQxYS00ZDI 4LTg0MTUtNjM5YjI5ZDNjODNkIn0.UsyQhCPORQ5tQnYWY7S88LNvV9iFS5Hy-P4aJaClZzEICobKgnQoyQblJcdMvk3cGKwyFqAnQtt0tDZkb8tHz Vqyv6bilHcAFuMRrdwXRqdXquabSN5geu2qBUnyzL7Mf2X85if8sbMida6snB4oLZsVRF3CRn4ODBJdeiVJ_Z4rgD-zW2IwtXPApT7ALyiiw2cN4EH 8pqQ7tpZKqztE0PGEbBQFPGKUFnm7oXyvSUo17EsFJUv5gUlBzfKKGolh5io4ptp22HZrqsqSnqDSOnYEZHonr5Yljuwiktrlh-JKiK6GGns5OAJMP dO9lgM4yHSpF2ILbqhWMV93Y3zMOg",
- "enrollmentToken": "30a1f0ea-d39b-4aae-b852-304cf1c30d1f",
- "fingerprint": null,
- "hostname": "",
- "id": "b0766b8d-bd1a-4d28-8415-639b29d3c83d",
- "isOnline": false,
- "isTunnelerEnabled": false,
- "isVerified": false,
- "name": "TestRouter-e33c837f-3222-4b40-bcd6-b3458fd5156e",
- "noTraversal": false,
- "roleAttributes": [
- "eastCoast",
- "sales",
- "test"
], - "supportedProtocols": { },
- "tags": { },
- "updatedAt": "2020-03-16T17:13:31.5807454Z"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Clears all disabled state from an identity
Allows an admin to remove disabled statuses from an identity.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieve the current enrollments of a specific identity
Returns a list of enrollments associated to the identity specified
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
- "self": {
- "href": "./enrollments/624fa53f-7629-4a7a-9e38-c1f4ce322c1d"
}
}, - "ca": null,
- "createdAt": "0001-01-01T00:00:00Z",
- "expiresAt": "2020-03-11T20:20:24.0055543Z",
- "id": "624fa53f-7629-4a7a-9e38-c1f4ce322c1d",
- "identity": {
- "_links": {
- "self": {
- "href": "./identities/f047ac96-dc3a-408a-a6f2-0ba487c08ef9"
}
}, - "id": "f047ac96-dc3a-408a-a6f2-0ba487c08ef9",
- "name": "updb--0f245140-7f2e-4326-badf-6aba55e52475",
- "urlName": "identities"
}, - "method": "updb",
- "tags": null,
- "token": "1e727c8f-07e4-4a1d-a8b0-da0c7a01c6e1",
- "updatedAt": "0001-01-01T00:00:00Z",
- "username": "example-username"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieve a list of the most recent service failure requests due to posture checks
Returns a list of service session requests that failed due to posture checks. The entries will contain every policy that was verified against and every failed check in each policy. Each check will include the historical posture data and posture check configuration.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "apiSessionId": "string",
- "policyFailures": [
- {
- "checks": [
- {
- "postureCheckId": "string",
- "postureCheckName": "string",
- "postureCheckType": "string"
}
], - "policyId": "string",
- "policyName": "string"
}
], - "serviceId": "string",
- "serviceName": "string",
- "sessionType": "Dial",
- "when": "2019-08-24T14:15:22Z"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Remove MFA from an identitity
Allows an admin to remove MFA enrollment from a specific identity. Requires admin.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Analyze policies relating the given identity and service
Analyzes policies to see if the given identity should be able to dial or bind the given service. | Will check services policies to see if the identity can access the service. Will check edge router policies | to check if the identity and service have access to common edge routers so that a connnection can be made. | Will also check if at least one edge router is on-line. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
serviceId required | string The id of a service |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "commonRouters": [
- {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string",
- "isOnline": true
}
], - "identity": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "identityId": "string",
- "identityRouterCount": 0,
- "isBindAllowed": true,
- "isDialAllowed": true,
- "service": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "serviceId": "string",
- "serviceRouterCount": 0
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieve the curent posture data for a specific identity.
Returns a nested map data represeting the posture data of the identity. This data should be considered volatile.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "apiSessionPostureData": {
- "property1": {
- "endpointState": {
- "unlockedAt": "2019-08-24T14:15:22Z",
- "wokenAt": "2019-08-24T14:15:22Z"
}, - "mfa": {
- "apiSessionId": "string",
- "passedAt": "2019-08-24T14:15:22Z",
- "passedMfa": true,
- "passedOnUnlock": true,
- "passedOnWake": true
}, - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}
}, - "property2": {
- "endpointState": {
- "unlockedAt": "2019-08-24T14:15:22Z",
- "wokenAt": "2019-08-24T14:15:22Z"
}, - "mfa": {
- "apiSessionId": "string",
- "passedAt": "2019-08-24T14:15:22Z",
- "passedMfa": true,
- "passedOnUnlock": true,
- "passedOnWake": true
}, - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}
}
}, - "domain": {
- "lastUpdatedAt": "2019-08-24T14:15:22Z",
- "postureCheckId": "string",
- "timedOut": true,
- "domain": "string"
}, - "mac": {
- "lastUpdatedAt": "2019-08-24T14:15:22Z",
- "postureCheckId": "string",
- "timedOut": true,
- "addresses": [
- "string"
]
}, - "os": {
- "lastUpdatedAt": "2019-08-24T14:15:22Z",
- "postureCheckId": "string",
- "timedOut": true,
- "build": "string",
- "type": "string",
- "version": "string"
}, - "processes": [
- {
- "lastUpdatedAt": "2019-08-24T14:15:22Z",
- "postureCheckId": "string",
- "timedOut": true,
- "binaryHash": "string",
- "isRunning": true,
- "signerFingerprints": [
- "string"
]
}
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List the service configs associated a specific identity
Retrieves a list of service configs associated to a specific identity
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "config": {
- "_links": {
- "self": {
- "href": "./identities/13347602-ba34-4ff7-8082-e533ba945744"
}
}, - "id": "13347602-ba34-4ff7-8082-e533ba945744",
- "name": "test-config-02fade09-fcc3-426c-854e-18539726bdc6",
- "urlName": "configs"
}, - "service": {
- "_links": {
- "self": {
- "href": "./services/913a8c63-17a6-44d7-82b3-9f6eb997cf8e"
}
}, - "id": "913a8c63-17a6-44d7-82b3-9f6eb997cf8e",
- "name": "netcat4545-egress-r2",
- "urlName": "services"
}
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Associate service configs for a specific identity
Associate service configs to a specific identity
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A service config patch object
configId required | string |
serviceId required | string |
Responses
Request samples
- Payload
[- {
- "configId": "string",
- "serviceId": "string"
}
]
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Remove associated service configs from a specific identity
Remove service configs from a specific identity
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/json
An array of service and config id pairs to remove
configId required | string |
serviceId required | string |
Responses
Request samples
- Payload
[- {
- "configId": "string",
- "serviceId": "string"
}
]
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List the service policies that affect an identity
Retrieves a list of service policies that apply to the specified identity.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "postureCheckRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "type": "Dial"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List accessible services
Retrieves a list of services that the given identity has access to. Supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
filter | string |
policyType | string Enum: "dial" "bind" |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "config": {
- "property1": {
- "property1": { },
- "property2": { }
}, - "property2": {
- "property1": { },
- "property2": { }
}
}, - "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "permissions": [
- "Dial"
], - "postureQueries": [
- {
- "isPassing": true,
- "policyId": "string",
- "policyType": "Dial",
- "postureQueries": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isPassing": true,
- "process": {
- "osType": "Windows",
- "path": "string"
}, - "processes": [
- {
- "osType": "Windows",
- "path": "string"
}
], - "queryType": "OS",
- "timeout": 0,
- "timeoutRemaining": 0
}
]
}
], - "roleAttributes": [
- "string"
], - "terminatorStrategy": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Enable/disable data flow tracing for an identity
Allows an admin to enable/disable data flow tracing for an identity
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A traceSpec object
channels | Array of strings |
duration | string |
enabled | boolean |
traceId | string |
Responses
Request samples
- Payload
{- "channels": [
- "string"
], - "duration": "string",
- "enabled": true,
- "traceId": "string"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": {
- "enabled": true,
- "traceId": "string",
- "until": "2019-08-24T14:15:22Z"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List available identity types
Retrieves a list of identity types; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a identity type
Retrieves a single identity type by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Enable/disable data flow tracing for an identity
Allows an admin to enable/disable data flow tracing for an identity
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A traceSpec object
channels | Array of strings |
duration | string |
enabled | boolean |
traceId | string |
Responses
Request samples
- Payload
{- "channels": [
- "string"
], - "duration": "string",
- "enabled": true,
- "traceId": "string"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": {
- "enabled": true,
- "traceId": "string",
- "until": "2019-08-24T14:15:22Z"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List a subset of posture check types
Retrieves a list of posture check types
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string",
- "operatingSystems": [
- {
- "type": "Windows",
- "versions": [
- "string"
]
}
], - "version": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single posture check type
Retrieves a single posture check type by id
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "name": "string",
- "operatingSystems": [
- {
- "type": "Windows",
- "versions": [
- "string"
]
}
], - "version": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List a subset of posture checks
Retrieves a list of posture checks
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
roleFilter | Array of strings |
roleSemantic | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "typeId": "string",
- "updatedAt": "2019-08-24T14:15:22Z",
- "version": 0
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Creates a Posture Checks
Creates a Posture Checks
Authorizations:
Request Body schema: application/jsonrequired
A Posture Check to create
name required | string |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
typeId required | string (postureCheckType) |
domains required | Array of strings non-empty |
Responses
Request samples
- Payload
{- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "typeId": "postureCheckDomainCreate",
- "domains": [
- "string"
]
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single Posture Checks
Retrieves a single Posture Checks by id
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "typeId": "string",
- "updatedAt": "2019-08-24T14:15:22Z",
- "version": 0
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a Posture Checks
Update all fields on a Posture Checks by id
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A Posture Check update object
name required | string |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
typeId | string (postureCheckType) |
domains required | Array of strings non-empty |
Responses
Request samples
- Payload
{- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "typeId": "postureCheckDomainUpdate",
- "domains": [
- "string"
]
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Deletes an Posture Checks
Deletes and Posture Checks by id
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 403
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a Posture Checks
Update only the supplied fields on a Posture Checks by id
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A Posture Check patch object
name | string |
roleAttributes | Array of strings or null (attributes) A set of strings used to loosly couple this resource to policies |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
typeId required | string (postureCheckType) |
domains | Array of strings non-empty |
Responses
Request samples
- Payload
{- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "typeId": "postureCheckDomainPatch",
- "domains": [
- "string"
]
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List routers
Retrieves a list of router resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "cost": 65535,
- "disabled": true,
- "enrollmentCreatedAt": "2019-08-24T14:15:22Z",
- "enrollmentExpiresAt": "2019-08-24T14:15:22Z",
- "enrollmentJwt": "string",
- "enrollmentToken": "string",
- "fingerprint": "string",
- "isOnline": true,
- "isVerified": true,
- "name": "string",
- "noTraversal": true,
- "unverifiedCertPem": "string",
- "unverifiedFingerprint": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a router resource
Create a router resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A router to create
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
name required | string |
noTraversal | boolean or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "cost": 65535,
- "disabled": true,
- "name": "string",
- "noTraversal": true,
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single router
Retrieves a single router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "cost": 65535,
- "disabled": true,
- "enrollmentCreatedAt": "2019-08-24T14:15:22Z",
- "enrollmentExpiresAt": "2019-08-24T14:15:22Z",
- "enrollmentJwt": "string",
- "enrollmentToken": "string",
- "fingerprint": "string",
- "isOnline": true,
- "isVerified": true,
- "name": "string",
- "noTraversal": true,
- "unverifiedCertPem": "string",
- "unverifiedFingerprint": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a router
Update all fields on a router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A router update object
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
name required | string |
noTraversal | boolean or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "cost": 65535,
- "disabled": true,
- "name": "string",
- "noTraversal": true,
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a router
Delete a router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a router
Update the supplied fields on a router. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A router patch object
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
name | string |
noTraversal | boolean or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "cost": 65535,
- "disabled": true,
- "name": "string",
- "noTraversal": true,
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List routers
Retrieves a list of router resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "cost": 65535,
- "disabled": true,
- "enrollmentCreatedAt": "2019-08-24T14:15:22Z",
- "enrollmentExpiresAt": "2019-08-24T14:15:22Z",
- "enrollmentJwt": "string",
- "enrollmentToken": "string",
- "fingerprint": "string",
- "isOnline": true,
- "isVerified": true,
- "name": "string",
- "noTraversal": true,
- "unverifiedCertPem": "string",
- "unverifiedFingerprint": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a router resource
Create a router resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A router to create
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
name required | string |
noTraversal | boolean or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "cost": 65535,
- "disabled": true,
- "name": "string",
- "noTraversal": true,
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single router
Retrieves a single router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "cost": 65535,
- "disabled": true,
- "enrollmentCreatedAt": "2019-08-24T14:15:22Z",
- "enrollmentExpiresAt": "2019-08-24T14:15:22Z",
- "enrollmentJwt": "string",
- "enrollmentToken": "string",
- "fingerprint": "string",
- "isOnline": true,
- "isVerified": true,
- "name": "string",
- "noTraversal": true,
- "unverifiedCertPem": "string",
- "unverifiedFingerprint": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a router
Update all fields on a router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A router update object
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
name required | string |
noTraversal | boolean or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "cost": 65535,
- "disabled": true,
- "name": "string",
- "noTraversal": true,
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a router
Delete a router by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a router
Update the supplied fields on a router. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A router patch object
cost | integer or null [ 0 .. 65535 ] |
disabled | boolean or null |
name | string |
noTraversal | boolean or null |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "cost": 65535,
- "disabled": true,
- "name": "string",
- "noTraversal": true,
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List service edge router policies
Retrieves a list of service edge router policy resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "edgeRouterRoles": [
- "string"
], - "edgeRouterRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
]
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a service edge router policy resource
Create a service edge router policy resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A service edge router policy to create
edgeRouterRoles | Array of strings (roles) |
name required | string |
semantic required | string (semantic) Enum: "AllOf" "AnyOf" |
serviceRoles | Array of strings (roles) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "edgeRouterRoles": [
- "string"
], - "name": "string",
- "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single service edge policy
Retrieves a single service edge policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "edgeRouterRoles": [
- "string"
], - "edgeRouterRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a service edge policy
Update all fields on a service edge policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A service edge router policy update object
edgeRouterRoles | Array of strings (roles) |
name required | string |
semantic required | string (semantic) Enum: "AllOf" "AnyOf" |
serviceRoles | Array of strings (roles) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "edgeRouterRoles": [
- "string"
], - "name": "string",
- "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a service edge policy
Delete a service edge policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a service edge policy
Update the supplied fields on a service edge policy. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A service edge router policy patch object
edgeRouterRoles | Array of strings (roles) |
name | string |
semantic | string (semantic) Enum: "AllOf" "AnyOf" |
serviceRoles | Array of strings (roles) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "edgeRouterRoles": [
- "string"
], - "name": "string",
- "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List the edge routers that a service edge router policy applies to
List the edge routers that a service edge router policy applies to
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
- "edge-router-policies": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d/edge-routers"
}, - "self": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d"
}
}, - "cost": 0,
- "createdAt": "2020-03-16T17:13:31.5807454Z",
- "enrollmentCreatedAt": "2020-03-16T17:13:31.5777637Z",
- "enrollmentExpiresAt": "2020-03-16T17:18:31.5777637Z",
- "enrollmentJwt": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImVyb3R0IiwiZXhwIjoxNTg0Mzc5MTExLCJpc3MiOiJodHRwczovL 2xvY2FsaG9zdDoxMjgwIiwianRpIjoiMzBhMWYwZWEtZDM5Yi00YWFlLWI4NTItMzA0Y2YxYzMwZDFmIiwic3ViIjoiYjA3NjZiOGQtYmQxYS00ZDI 4LTg0MTUtNjM5YjI5ZDNjODNkIn0.UsyQhCPORQ5tQnYWY7S88LNvV9iFS5Hy-P4aJaClZzEICobKgnQoyQblJcdMvk3cGKwyFqAnQtt0tDZkb8tHz Vqyv6bilHcAFuMRrdwXRqdXquabSN5geu2qBUnyzL7Mf2X85if8sbMida6snB4oLZsVRF3CRn4ODBJdeiVJ_Z4rgD-zW2IwtXPApT7ALyiiw2cN4EH 8pqQ7tpZKqztE0PGEbBQFPGKUFnm7oXyvSUo17EsFJUv5gUlBzfKKGolh5io4ptp22HZrqsqSnqDSOnYEZHonr5Yljuwiktrlh-JKiK6GGns5OAJMP dO9lgM4yHSpF2ILbqhWMV93Y3zMOg",
- "enrollmentToken": "30a1f0ea-d39b-4aae-b852-304cf1c30d1f",
- "fingerprint": null,
- "hostname": "",
- "id": "b0766b8d-bd1a-4d28-8415-639b29d3c83d",
- "isOnline": false,
- "isTunnelerEnabled": false,
- "isVerified": false,
- "name": "TestRouter-e33c837f-3222-4b40-bcd6-b3458fd5156e",
- "noTraversal": false,
- "roleAttributes": [
- "eastCoast",
- "sales",
- "test"
], - "supportedProtocols": { },
- "tags": { },
- "updatedAt": "2020-03-16T17:13:31.5807454Z"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List the services that a service edge router policy applies to
List the services that a service edge router policy applies to
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "config": {
- "property1": {
- "property1": { },
- "property2": { }
}, - "property2": {
- "property1": { },
- "property2": { }
}
}, - "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "permissions": [
- "Dial"
], - "postureQueries": [
- {
- "isPassing": true,
- "policyId": "string",
- "policyType": "Dial",
- "postureQueries": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isPassing": true,
- "process": {
- "osType": "Windows",
- "path": "string"
}, - "processes": [
- {
- "osType": "Windows",
- "path": "string"
}
], - "queryType": "OS",
- "timeout": 0,
- "timeoutRemaining": 0
}
]
}
], - "roleAttributes": [
- "string"
], - "terminatorStrategy": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List service policies
Retrieves a list of service policy resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "postureCheckRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "type": "Dial"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a service policy resource
Create a service policy resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A service policy to create
identityRoles | Array of strings (roles) |
name required | string |
postureCheckRoles | Array of strings (roles) |
semantic required | string (semantic) Enum: "AllOf" "AnyOf" |
serviceRoles | Array of strings (roles) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
type required | string (dialBind) Enum: "Dial" "Bind" "Invalid" |
Responses
Request samples
- Payload
{- "identityRoles": [
- "string"
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "type": "Dial"
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single service policy
Retrieves a single service policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "postureCheckRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "type": "Dial"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a service policy
Update all fields on a service policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A service policy update object
identityRoles | Array of strings (roles) |
name required | string |
postureCheckRoles | Array of strings (roles) |
semantic required | string (semantic) Enum: "AllOf" "AnyOf" |
serviceRoles | Array of strings (roles) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
type required | string (dialBind) Enum: "Dial" "Bind" "Invalid" |
Responses
Request samples
- Payload
{- "identityRoles": [
- "string"
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "type": "Dial"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a service policy
Delete a service policy by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a service policy
Update the supplied fields on a service policy. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A service policy patch object
identityRoles | Array of strings (roles) |
name | string |
postureCheckRoles | Array of strings (roles) |
semantic | string (semantic) Enum: "AllOf" "AnyOf" |
serviceRoles | Array of strings (roles) |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
type | string (dialBind) Enum: "Dial" "Bind" "Invalid" |
Responses
Request samples
- Payload
{- "identityRoles": [
- "string"
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "type": "Dial"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List identities a service policy affects
Retrieves a list of identity resources that are affected by a service policy; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicy": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "authPolicyId": "string",
- "authenticators": {
- "cert": {
- "fingerprint": "string",
- "id": "string"
}, - "updb": {
- "id": "string",
- "username": "string"
}
}, - "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "disabled": true,
- "disabledAt": "2019-08-24T14:15:22Z",
- "disabledUntil": "2019-08-24T14:15:22Z",
- "edgeRouterConnectionStatus": "online",
- "enrollment": {
- "ott": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "ottca": {
- "ca": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "updb": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}
}, - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "externalId": "string",
- "hasApiSession": true,
- "hasEdgeRouterConnection": true,
- "isAdmin": true,
- "isDefaultAdmin": true,
- "isMfaEnabled": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "type": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "typeId": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List posture check a service policy includes
Retrieves a list of posture check resources that are affected by a service policy; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "typeId": "string",
- "updatedAt": "2019-08-24T14:15:22Z",
- "version": 0
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List services a service policy affects
Retrieves a list of service resources that are affected by a service policy; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "config": {
- "property1": {
- "property1": { },
- "property2": { }
}, - "property2": {
- "property1": { },
- "property2": { }
}
}, - "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "permissions": [
- "Dial"
], - "postureQueries": [
- {
- "isPassing": true,
- "policyId": "string",
- "policyType": "Dial",
- "postureQueries": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isPassing": true,
- "process": {
- "osType": "Windows",
- "path": "string"
}, - "processes": [
- {
- "osType": "Windows",
- "path": "string"
}
], - "queryType": "OS",
- "timeout": 0,
- "timeoutRemaining": 0
}
]
}
], - "roleAttributes": [
- "string"
], - "terminatorStrategy": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List services
Retrieves a list of config resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
configTypes | Array of strings |
roleFilter | Array of strings |
roleSemantic | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "config": {
- "property1": {
- "property1": { },
- "property2": { }
}, - "property2": {
- "property1": { },
- "property2": { }
}
}, - "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "permissions": [
- "Dial"
], - "postureQueries": [
- {
- "isPassing": true,
- "policyId": "string",
- "policyType": "Dial",
- "postureQueries": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isPassing": true,
- "process": {
- "osType": "Windows",
- "path": "string"
}, - "processes": [
- {
- "osType": "Windows",
- "path": "string"
}
], - "queryType": "OS",
- "timeout": 0,
- "timeoutRemaining": 0
}
]
}
], - "roleAttributes": [
- "string"
], - "terminatorStrategy": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a services resource
Create a services resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A service to create
configs | Array of strings |
encryptionRequired required | boolean Describes whether connections must support end-to-end encryption on both sides of the connection. |
maxIdleTimeMillis | integer |
name required | string |
roleAttributes | Array of strings |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
terminatorStrategy | string |
Responses
Request samples
- Payload
{- "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "terminatorStrategy": "string"
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single service
Retrieves a single service by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "config": {
- "property1": {
- "property1": { },
- "property2": { }
}, - "property2": {
- "property1": { },
- "property2": { }
}
}, - "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "permissions": [
- "Dial"
], - "postureQueries": [
- {
- "isPassing": true,
- "policyId": "string",
- "policyType": "Dial",
- "postureQueries": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "isPassing": true,
- "process": {
- "osType": "Windows",
- "path": "string"
}, - "processes": [
- {
- "osType": "Windows",
- "path": "string"
}
], - "queryType": "OS",
- "timeout": 0,
- "timeoutRemaining": 0
}
]
}
], - "roleAttributes": [
- "string"
], - "terminatorStrategy": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a service
Update all fields on a service by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A service update object
configs | Array of strings |
encryptionRequired | boolean Describes whether connections must support end-to-end encryption on both sides of the connection. Read-only property, set at create. |
maxIdleTimeMillis | integer |
name required | string |
roleAttributes | Array of strings |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
terminatorStrategy | string |
Responses
Request samples
- Payload
{- "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "terminatorStrategy": "string"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a service
Delete a service by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a service
Update the supplied fields on a service. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A service patch object
configs | Array of strings |
encryptionRequired | boolean Describes whether connections must support end-to-end encryption on both sides of the connection. Read-only property, set at create. |
maxIdleTimeMillis | integer |
name | string |
roleAttributes | Array of strings |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean | |
terminatorStrategy | string |
Responses
Request samples
- Payload
{- "configs": [
- "string"
], - "encryptionRequired": true,
- "maxIdleTimeMillis": 0,
- "name": "string",
- "roleAttributes": [
- "string"
], - "tags": {
- "property1": { },
- "property2": { }
}, - "terminatorStrategy": "string"
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List configs associated to a specific service
Retrieves a list of config resources associated to a specific service; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "configType": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "configTypeId": "string",
- "data": { },
- "name": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List accessible edge-routers
Retrieves a list of edge-routers that may be used to access the given service. Supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
- "edge-router-policies": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d/edge-routers"
}, - "self": {
- "href": "./edge-routers/b0766b8d-bd1a-4d28-8415-639b29d3c83d"
}
}, - "cost": 0,
- "createdAt": "2020-03-16T17:13:31.5807454Z",
- "enrollmentCreatedAt": "2020-03-16T17:13:31.5777637Z",
- "enrollmentExpiresAt": "2020-03-16T17:18:31.5777637Z",
- "enrollmentJwt": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbSI6ImVyb3R0IiwiZXhwIjoxNTg0Mzc5MTExLCJpc3MiOiJodHRwczovL 2xvY2FsaG9zdDoxMjgwIiwianRpIjoiMzBhMWYwZWEtZDM5Yi00YWFlLWI4NTItMzA0Y2YxYzMwZDFmIiwic3ViIjoiYjA3NjZiOGQtYmQxYS00ZDI 4LTg0MTUtNjM5YjI5ZDNjODNkIn0.UsyQhCPORQ5tQnYWY7S88LNvV9iFS5Hy-P4aJaClZzEICobKgnQoyQblJcdMvk3cGKwyFqAnQtt0tDZkb8tHz Vqyv6bilHcAFuMRrdwXRqdXquabSN5geu2qBUnyzL7Mf2X85if8sbMida6snB4oLZsVRF3CRn4ODBJdeiVJ_Z4rgD-zW2IwtXPApT7ALyiiw2cN4EH 8pqQ7tpZKqztE0PGEbBQFPGKUFnm7oXyvSUo17EsFJUv5gUlBzfKKGolh5io4ptp22HZrqsqSnqDSOnYEZHonr5Yljuwiktrlh-JKiK6GGns5OAJMP dO9lgM4yHSpF2ILbqhWMV93Y3zMOg",
- "enrollmentToken": "30a1f0ea-d39b-4aae-b852-304cf1c30d1f",
- "fingerprint": null,
- "hostname": "",
- "id": "b0766b8d-bd1a-4d28-8415-639b29d3c83d",
- "isOnline": false,
- "isTunnelerEnabled": false,
- "isVerified": false,
- "name": "TestRouter-e33c837f-3222-4b40-bcd6-b3458fd5156e",
- "noTraversal": false,
- "roleAttributes": [
- "eastCoast",
- "sales",
- "test"
], - "supportedProtocols": { },
- "tags": { },
- "updatedAt": "2020-03-16T17:13:31.5807454Z"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List identities with access
Retrieves a list of identities that have access to this service. Supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
policyType | string Enum: "dial" "bind" |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "appData": {
- "property1": { },
- "property2": { }
}, - "authPolicy": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "authPolicyId": "string",
- "authenticators": {
- "cert": {
- "fingerprint": "string",
- "id": "string"
}, - "updb": {
- "id": "string",
- "username": "string"
}
}, - "defaultHostingCost": 65535,
- "defaultHostingPrecedence": "default",
- "disabled": true,
- "disabledAt": "2019-08-24T14:15:22Z",
- "disabledUntil": "2019-08-24T14:15:22Z",
- "edgeRouterConnectionStatus": "online",
- "enrollment": {
- "ott": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "ottca": {
- "ca": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "caId": "string",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}, - "updb": {
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "jwt": "string",
- "token": "string"
}
}, - "envInfo": {
- "arch": "string",
- "domain": "string",
- "hostname": "string",
- "os": "string",
- "osRelease": "string",
- "osVersion": "string"
}, - "externalId": "string",
- "hasApiSession": true,
- "hasEdgeRouterConnection": true,
- "isAdmin": true,
- "isDefaultAdmin": true,
- "isMfaEnabled": true,
- "name": "string",
- "roleAttributes": [
- "string"
], - "sdkInfo": {
- "appId": "string",
- "appVersion": "string",
- "branch": "string",
- "revision": "string",
- "type": "string",
- "version": "string"
}, - "serviceHostingCosts": {
- "property1": 65535,
- "property2": 65535
}, - "serviceHostingPrecedences": {
- "property1": "default",
- "property2": "default"
}, - "type": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "typeId": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List service edge router policies that affect a specific service
Retrieves a list of service edge router policy resources that affect a specific service; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "edgeRouterRoles": [
- "string"
], - "edgeRouterRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
]
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List service policies that affect a specific service
Retrieves a list of service policy resources that affect specific service; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "identityRoles": [
- "string"
], - "identityRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "name": "string",
- "postureCheckRoles": [
- "string"
], - "postureCheckRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "semantic": "AllOf",
- "serviceRoles": [
- "string"
], - "serviceRolesDisplay": [
- {
- "name": "string",
- "role": "string"
}
], - "type": "Dial"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List of terminators assigned to a service
Retrieves a list of terminator resources that are assigned specific service; supports filtering, sorting, and pagination.
Authorizations:
path Parameters
id required | string The id of the requested resource |
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "address": "string",
- "binding": "string",
- "cost": 65535,
- "dynamicCost": 65535,
- "identity": "string",
- "precedence": "default",
- "router": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "routerId": "string",
- "service": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "serviceId": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List sessions
Retrieves a list of active sessions resources; supports filtering, sorting, and pagination. Requires admin access.
Sessions are tied to an API session and are moved when an API session times out or logs out. Active sessions (i.e. Ziti SDK connected to an edge router) will keep the session and API session marked as active.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "apiSession": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "apiSessionId": "string",
- "edgeRouters": [
- {
- "appData": {
- "property1": { },
- "property2": { }
}, - "cost": 65535,
- "disabled": true,
- "hostname": "string",
- "isOnline": true,
- "name": "string",
- "noTraversal": true,
- "supportedProtocols": {
- "property1": "string",
- "property2": "string"
}, - "syncStatus": "string",
- "urls": {
- "property1": "string",
- "property2": "string"
}
}
], - "identityId": "string",
- "service": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "serviceId": "string",
- "token": "string",
- "type": "Dial",
- "servicePolicies": [
- {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}
]
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single session
Retrieves a single session by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "apiSession": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "apiSessionId": "string",
- "edgeRouters": [
- {
- "appData": {
- "property1": { },
- "property2": { }
}, - "cost": 65535,
- "disabled": true,
- "hostname": "string",
- "isOnline": true,
- "name": "string",
- "noTraversal": true,
- "supportedProtocols": {
- "property1": "string",
- "property2": "string"
}, - "syncStatus": "string",
- "urls": {
- "property1": "string",
- "property2": "string"
}
}
], - "identityId": "string",
- "service": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "serviceId": "string",
- "token": "string",
- "type": "Dial",
- "servicePolicies": [
- {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a session
Delete a session by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single session's router path
Retrieves a single session's route path by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "routePath": [
- "string"
]
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
List terminators
Retrieves a list of terminator resources; supports filtering, sorting, and pagination. Requires admin access.
Authorizations:
query Parameters
limit | integer |
offset | integer |
filter | string |
Responses
Response samples
- 200
- 400
- 401
- 429
- 503
{- "data": [
- {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "address": "string",
- "binding": "string",
- "cost": 65535,
- "dynamicCost": 65535,
- "identity": "string",
- "precedence": "default",
- "router": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "routerId": "string",
- "service": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "serviceId": "string"
}
], - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Create a terminator resource
Create a terminator resource. Requires admin access.
Authorizations:
Request Body schema: application/jsonrequired
A terminator to create
address required | string |
binding required | string |
cost | integer (terminatorCost) [ 0 .. 65535 ] |
identity | string |
identitySecret | string <byte> |
precedence | string (terminatorPrecedence) Enum: "default" "required" "failed" |
router required | string |
service required | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "address": "string",
- "binding": "string",
- "cost": 65535,
- "identity": "string",
- "identitySecret": "string",
- "precedence": "default",
- "router": "string",
- "service": "string",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 201
- 400
- 401
- 429
- 503
{- "data": {
- "_links": {
}, - "id": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Retrieves a single terminator
Retrieves a single terminator by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 401
- 404
- 429
- 503
{- "data": {
- "_links": {
}, - "createdAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "tags": {
- "property1": { },
- "property2": { }
}, - "updatedAt": "2019-08-24T14:15:22Z",
- "address": "string",
- "binding": "string",
- "cost": 65535,
- "dynamicCost": 65535,
- "identity": "string",
- "precedence": "default",
- "router": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "routerId": "string",
- "service": {
- "_links": {
}, - "entity": "string",
- "id": "string",
- "name": "string"
}, - "serviceId": "string"
}, - "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update all fields on a terminator
Update all fields on a terminator by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A terminator update object
address required | string |
binding required | string |
cost | integer (terminatorCost) [ 0 .. 65535 ] |
precedence | string (terminatorPrecedence) Enum: "default" "required" "failed" |
router required | string |
service required | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "address": "string",
- "binding": "string",
- "cost": 65535,
- "precedence": "default",
- "router": "string",
- "service": "string",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Delete a terminator
Delete a terminator by id. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Responses
Response samples
- 200
- 400
- 401
- 404
- 409
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}
Update the supplied fields on a terminator
Update the supplied fields on a terminator. Requires admin access.
Authorizations:
path Parameters
id required | string The id of the requested resource |
Request Body schema: application/jsonrequired
A terminator patch object
address | string |
binding | string |
cost | integer (terminatorCost) [ 0 .. 65535 ] |
precedence | string (terminatorPrecedence) Enum: "default" "required" "failed" |
router | string |
service | string |
object or null (tags) A map of user defined fields and values. The values are limited to the following types/values: null, string, boolean |
Responses
Request samples
- Payload
{- "address": "string",
- "binding": "string",
- "cost": 65535,
- "precedence": "default",
- "router": "string",
- "service": "string",
- "tags": {
- "property1": { },
- "property2": { }
}
}
Response samples
- 200
- 400
- 401
- 404
- 429
- 503
{- "data": { },
- "meta": {
- "apiEnrollmentVersion": "string",
- "apiVersion": "string",
- "filterableFields": [
- "string"
], - "pagination": {
- "limit": 0,
- "offset": 0,
- "totalCount": 0
}
}
}