diff --git a/openapi/openApi-doc-0.6.0-release.json b/openapi/openApi-doc-0.6.0-release.json
deleted file mode 100644
index b9a39e793d23cb2970f04507438b99ed70cc1c9e..0000000000000000000000000000000000000000
--- a/openapi/openApi-doc-0.6.0-release.json
+++ /dev/null
@@ -1,1732 +0,0 @@
-{
- "openapi": "3.0.1",
- "info": {
- "title": "OpenAPI definition",
- "version": "v0"
- },
- "servers": [
- {
- "url": "http://localhost:8080",
- "description": "Generated server url"
- }
- ],
- "paths": {
- "/user/{uuid}": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by UUID",
- "description": "Retrieves a user by its UUID",
- "operationId": "getUserByUuid",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user",
- "description": "Updates the details of an existing user by its UUID",
- "operationId": "updateUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The user details to update",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "delete": {
- "tags": [
- "user-controller"
- ],
- "summary": "Delete user",
- "description": "Deletes a user by its UUID",
- "operationId": "deleteUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "204": {
- "description": "User deleted successfully"
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/{uuid}/roles": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user roles",
- "description": "Retrieves the roles associated with a user by its UUID",
- "operationId": "getRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user roles",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user roles",
- "description": "Updates the roles associated with a user by its UUID",
- "operationId": "updateUserRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The list of roles to be assigned to the user",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User roles updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/role": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Update an existing role",
- "description": "Updates the details of an existing role in the system",
- "operationId": "update",
- "requestBody": {
- "description": "The details of the role to be updated",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict"
- },
- "200": {
- "description": "Successfully updated the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: Cannot modify role's name or User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- },
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Create a new role",
- "description": "Creates a new role in the system with the provided details",
- "operationId": "create",
- "requestBody": {
- "description": "The details of the role to be created",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: role already exists"
- },
- "201": {
- "description": "Successfully created the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/user/as-t1user": {
- "post": {
- "tags": [
- "user-controller"
- ],
- "summary": "Create a user",
- "description": "Creates a new tier-one user",
- "operationId": "createUserAsT1",
- "requestBody": {
- "description": "The user details",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: User already exists"
- },
- "201": {
- "description": "User created successfully",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string",
- "description": "The Id of the newly created user",
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/role/{id}/identity-attributes": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Assign identity attributes to a role",
- "description": "Assigns a list of identity attribute IDs to a specified role",
- "operationId": "assignIdentityAttributes",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role to which identity attributes will be assigned",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "requestBody": {
- "description": "List of identity attribute IDs to be assigned to the role",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully assigned identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/{id}/duplicate-identity-attribute": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Duplicate identity attributes to another role",
- "description": "Duplicates identity attributes from the source role to the destination role",
- "operationId": "duplicateIdentityAttributeToAnOtherRole",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the source role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- ],
- "requestBody": {
- "description": "The UUID of the destination role",
- "content": {
- "application/json": {
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully duplicated identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Source or destination role not found"
- }
- }
- }
- },
- "/role/assigned-identity-attributes": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Get identity attributes from role list",
- "description": "Retrieves a list of identity attributes associated with the provided roles",
- "operationId": "getIdentityAttributesFromRoleList",
- "requestBody": {
- "description": "List of roles from which to retrieve identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ephemeral-proof": {
- "post": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Store Ephemeral Proof",
- "description": "Stores the ephemeral proof for a participant identified by their UUID",
- "operationId": "storeCallerEphemeralProof",
- "parameters": [
- {
- "name": "Participant-Id",
- "in": "header",
- "description": "The UUID of the participant",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid",
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- }
- ],
- "requestBody": {
- "description": "The ephemeral proof to be stored",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Ephemeral proof successfully stored"
- },
- "400": {
- "description": "Invalid input data"
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/credential": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Check if a credential is present",
- "description": "Returns true if a credential is present, false otherwise",
- "operationId": "hasCredential",
- "responses": {
- "200": {
- "description": "Successfully checked credential presence",
- "content": {
- "application/json": {
- "schema": {
- "type": "boolean",
- "description": "Boolean indicating if a credential is present",
- "example": true
- }
- }
- }
- }
- }
- },
- "post": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Upload a credential file",
- "description": "Uploads a credential file to the server and returns the ID of the uploaded credential",
- "operationId": "uploadCredential",
- "parameters": [
- {
- "name": "file",
- "in": "query",
- "description": "The credential file to be uploaded",
- "required": true,
- "content": {
- "multipart/form-data": {}
- }
- }
- ],
- "requestBody": {
- "content": {
- "multipart/form-data": {
- "schema": {
- "required": [
- "file"
- ],
- "type": "object",
- "properties": {
- "file": {
- "type": "string",
- "format": "binary"
- }
- }
- }
- }
- }
- },
- "responses": {
- "201": {
- "description": "Successfully uploaded credential",
- "content": {
- "application/json": {
- "schema": {
- "type": "integer",
- "description": "The id of the uploaded credential",
- "example": 12345
- }
- }
- }
- },
- "400": {
- "description": "Invalid file format"
- }
- }
- },
- "delete": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Delete the credential",
- "description": "Deletes the existing credential from the server",
- "operationId": "delete_1",
- "responses": {
- "204": {
- "description": "Successfully deleted credential"
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/user": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by email",
- "description": "Retrieves a user by its email address",
- "operationId": "getUser",
- "parameters": [
- {
- "name": "email",
- "in": "query",
- "description": "The email of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "user@example.com"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid email format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/search": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Search users",
- "description": "Searches for users based on various filter criteria",
- "operationId": "search",
- "parameters": [
- {
- "name": "username",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "firstName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "lastName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "email",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "first",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- },
- {
- "name": "max",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved list of users",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter criteria"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/{participantId}": {
- "get": {
- "tags": [
- "session-controller"
- ],
- "summary": "Retrieve identity attributes of a participant",
- "description": "Fetches the identity attributes associated with the specified participant ID",
- "operationId": "getIdentityAttributesOfParticipant",
- "parameters": [
- {
- "name": "participantId",
- "in": "path",
- "description": "The UUID of the participant",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid",
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "404": {
- "description": "Ephemeral proof not found"
- }
- }
- }
- },
- "/role/{id}": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Find role by ID",
- "description": "Retrieves a role by its unique identifier (UUID)",
- "operationId": "findById",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/search": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Search roles",
- "description": "Searches for roles based on the provided filter criteria and pagination settings",
- "operationId": "search_1",
- "parameters": [
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "description",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "attributeId",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the list of roles",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PageResponseRoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter or pagination parameters"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ping": {
- "get": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Ping the participant",
- "description": "Performs a ping operation to check the participant's status using its UUID",
- "operationId": "ping",
- "parameters": [
- {
- "name": "Participant-Id",
- "in": "header",
- "description": "The UUID of the participant",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid",
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/identity-attribute/search": {
- "get": {
- "tags": [
- "identity-attribute-controller"
- ],
- "summary": "Search identity attributes with ownership",
- "description": "Searches for identity attributes with ownership based on the provided filter and pagination settings",
- "operationId": "search_2",
- "parameters": [
- {
- "name": "code",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "enabled",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "participantTypeIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "participantTypeNotIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "assignedToParticipant",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "updateTimestampFrom",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "updateTimestampTo",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PagedModelIdentityAttributeWithOwnershipDTO"
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/credential/public-key": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve the public key",
- "description": "Fetches the public key associated with the stored credential",
- "operationId": "getPublicKey",
- "responses": {
- "200": {
- "description": "Successfully retrieved public key",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/CredentialDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/credential/my-id": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve participant ID",
- "description": "Fetches the participant ID associated with the current user",
- "operationId": "getMyParticipantId",
- "responses": {
- "200": {
- "description": "Successfully retrieved participant ID",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/agent/ping": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Ping a participant",
- "description": "Pings a participant using the provided FQDN and returns identity attributes",
- "operationId": "ping_1",
- "parameters": [
- {
- "name": "fqdn",
- "in": "query",
- "description": "Fully Qualified Domain Name of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid FQDN provided"
- }
- }
- }
- },
- "/agent/identity-attributes": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getIdentityAttributesWithOwnership",
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/identity-attributes/{certificateId}": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getParticipantIdentityAttributes",
- "parameters": [
- {
- "name": "certificateId",
- "in": "path",
- "description": "The certificate ID of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/echo": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get echo information",
- "description": "Returns echo information including connection and MTLS status",
- "operationId": "echo",
- "responses": {
- "200": {
- "description": "Successfully retrieved echo information",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/EchoDTO"
- }
- }
- }
- }
- }
- }
- },
- "/role/{name}": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete a role by name",
- "description": "Removes a role from the system using its name",
- "operationId": "delete",
- "parameters": [
- {
- "name": "name",
- "in": "path",
- "description": "The name of the role to be deleted",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully deleted the role"
- },
- "400": {
- "description": "Invalid role name"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/delete-attribute": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete an identity attribute from a role",
- "description": "Removes an identity attribute from a specified role",
- "operationId": "deleteAttributeFromRole",
- "parameters": [
- {
- "name": "roleId",
- "in": "query",
- "description": "The UUID of the role from which the attribute will be removed",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- },
- {
- "name": "attributeId",
- "in": "query",
- "description": "The ID of the attribute to be removed",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully removed the attribute from the role"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role or attribute not found"
- }
- }
- }
- }
- },
- "components": {
- "schemas": {
- "ErrorDTO": {
- "type": "object",
- "properties": {
- "error": {
- "type": "string"
- },
- "elementName": {
- "type": "string"
- }
- }
- },
- "KeycloakUserDTO": {
- "required": [
- "email",
- "firstName",
- "lastName",
- "password",
- "username"
- ],
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "firstName": {
- "type": "string"
- },
- "lastName": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "password": {
- "type": "string"
- },
- "roles": {
- "type": "array",
- "readOnly": true,
- "items": {
- "type": "string"
- }
- }
- }
- },
- "KeycloakRoleDTO": {
- "required": [
- "name"
- ],
- "type": "object",
- "properties": {
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- }
- }
- },
- "RoleDTO": {
- "required": [
- "id",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- }
- }
- },
- "IdentityAttributeDTO": {
- "required": [
- "assignableToRoles",
- "code",
- "enabled",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "code": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignableToRoles": {
- "type": "boolean"
- },
- "enabled": {
- "type": "boolean"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "participantTypes": {
- "uniqueItems": true,
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "used": {
- "type": "boolean",
- "readOnly": true
- }
- }
- },
- "PageMetadata": {
- "type": "object",
- "properties": {
- "size": {
- "type": "integer",
- "format": "int64"
- },
- "number": {
- "type": "integer",
- "format": "int64"
- },
- "totalElements": {
- "type": "integer",
- "format": "int64"
- },
- "totalPages": {
- "type": "integer",
- "format": "int64"
- }
- }
- },
- "PageResponseRoleDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- },
- "empty": {
- "type": "boolean"
- }
- }
- },
- "ParticipantDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "certificateId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- }
- }
- },
- "ParticipantWithIdentityAttributesDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "certificateId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- },
- "identityAttributes": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- },
- "IdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "assignedToParticipant": {
- "type": "boolean"
- }
- }
- },
- "PagedModelIdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- }
- }
- },
- "CredentialDTO": {
- "type": "object",
- "properties": {
- "publicKey": {
- "type": "string"
- }
- }
- },
- "EchoDTO": {
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "connectionStatus": {
- "type": "string",
- "enum": [
- "CONNECTED",
- "NOT_CONNECTED"
- ]
- },
- "mtlsStatus": {
- "type": "string",
- "enum": [
- "SECURED",
- "NOT_SECURED"
- ]
- },
- "identityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- }
- }
-}
diff --git a/openapi/openApi-doc-0.6.5-release.json b/openapi/openApi-doc-0.6.5-release.json
deleted file mode 100644
index 7195f73dfbd369833c6796cad161619e60692a70..0000000000000000000000000000000000000000
--- a/openapi/openApi-doc-0.6.5-release.json
+++ /dev/null
@@ -1,1771 +0,0 @@
-{
- "openapi": "3.0.1",
- "info": {
- "title": "OpenAPI definition",
- "version": "v0"
- },
- "servers": [
- {
- "url": "http://localhost:8081",
- "description": "Generated server url"
- }
- ],
- "paths": {
- "/user/{uuid}": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by UUID",
- "description": "Retrieves a user by its UUID",
- "operationId": "getUserByUuid",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user",
- "description": "Updates the details of an existing user by its UUID",
- "operationId": "updateUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The user details to update",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "delete": {
- "tags": [
- "user-controller"
- ],
- "summary": "Delete user",
- "description": "Deletes a user by its UUID",
- "operationId": "deleteUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "204": {
- "description": "User deleted successfully"
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/{uuid}/roles": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user roles",
- "description": "Retrieves the roles associated with a user by its UUID",
- "operationId": "getRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user roles",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user roles",
- "description": "Updates the roles associated with a user by its UUID",
- "operationId": "updateUserRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The list of roles to be assigned to the user",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User roles updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/role": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Update an existing role",
- "description": "Updates the details of an existing role in the system",
- "operationId": "update",
- "requestBody": {
- "description": "The details of the role to be updated",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict"
- },
- "200": {
- "description": "Successfully updated the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: Cannot modify role's name or User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- },
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Create a new role",
- "description": "Creates a new role in the system with the provided details",
- "operationId": "create",
- "requestBody": {
- "description": "The details of the role to be created",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: role already exists"
- },
- "201": {
- "description": "Successfully created the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/user/as-t1user": {
- "post": {
- "tags": [
- "user-controller"
- ],
- "summary": "Create a user",
- "description": "Creates a new tier-one user",
- "operationId": "createUserAsT1",
- "requestBody": {
- "description": "The user details",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: User already exists"
- },
- "201": {
- "description": "User created successfully",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string",
- "description": "The Id of the newly created user",
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/credential": {
- "post": {
- "tags": [
- "session-controller"
- ],
- "summary": "Validate Tier 1 session",
- "description": "Validate the tier one session against the ephemeral proof stored in the agent",
- "operationId": "validateTierOneSession",
- "requestBody": {
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/TierOneSessionDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "204": {
- "description": "Tier 1 session validated successfully"
- },
- "422": {
- "description": "Invalid Tier 1 session"
- }
- }
- }
- },
- "/role/{id}/identity-attributes": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Assign identity attributes to a role",
- "description": "Assigns a list of identity attribute IDs to a specified role",
- "operationId": "assignIdentityAttributes",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role to which identity attributes will be assigned",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "requestBody": {
- "description": "List of identity attribute IDs to be assigned to the role",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully assigned identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/{id}/duplicate-identity-attribute": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Duplicate identity attributes to another role",
- "description": "Duplicates identity attributes from the source role to the destination role",
- "operationId": "duplicateIdentityAttributeToAnOtherRole",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the source role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- ],
- "requestBody": {
- "description": "The UUID of the destination role",
- "content": {
- "application/json": {
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully duplicated identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Source or destination role not found"
- }
- }
- }
- },
- "/role/assigned-identity-attributes": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Get identity attributes from role list",
- "description": "Retrieves a list of identity attributes associated with the provided roles",
- "operationId": "getIdentityAttributesFromRoleList",
- "requestBody": {
- "description": "List of roles from which to retrieve identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ephemeral-proof": {
- "post": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Store Ephemeral Proof",
- "description": "Stores the ephemeral proof for a participant identified by their UUID",
- "operationId": "storeCallerEphemeralProof",
- "parameters": [
- {
- "name": "Participant-Id",
- "in": "header",
- "description": "The UUID of the participant",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid",
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- }
- ],
- "requestBody": {
- "description": "The ephemeral proof to be stored",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Ephemeral proof successfully stored"
- },
- "400": {
- "description": "Invalid input data"
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/credential": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Check if a credential is present",
- "description": "Returns true if a credential is present, false otherwise",
- "operationId": "hasCredential",
- "responses": {
- "200": {
- "description": "Successfully checked credential presence",
- "content": {
- "application/json": {
- "schema": {
- "type": "boolean",
- "description": "Boolean indicating if a credential is present",
- "example": true
- }
- }
- }
- }
- }
- },
- "post": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Upload a credential file",
- "description": "Uploads a credential file to the server and returns the ID of the uploaded credential",
- "operationId": "uploadCredential",
- "parameters": [
- {
- "name": "file",
- "in": "query",
- "description": "The credential file to be uploaded",
- "required": true,
- "content": {
- "multipart/form-data": {}
- }
- }
- ],
- "requestBody": {
- "content": {
- "multipart/form-data": {
- "schema": {
- "required": [
- "file"
- ],
- "type": "object",
- "properties": {
- "file": {
- "type": "string",
- "format": "binary"
- }
- }
- }
- }
- }
- },
- "responses": {
- "201": {
- "description": "Successfully uploaded credential",
- "content": {
- "application/json": {
- "schema": {
- "type": "integer",
- "description": "The id of the uploaded credential",
- "example": 12345
- }
- }
- }
- },
- "400": {
- "description": "Invalid file format"
- }
- }
- },
- "delete": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Delete the credential",
- "description": "Deletes the existing credential from the server",
- "operationId": "delete_1",
- "responses": {
- "204": {
- "description": "Successfully deleted credential"
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/user": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by email",
- "description": "Retrieves a user by its email address",
- "operationId": "getUser",
- "parameters": [
- {
- "name": "email",
- "in": "query",
- "description": "The email of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "user@example.com"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid email format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/search": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Search users",
- "description": "Searches for users based on various filter criteria",
- "operationId": "search",
- "parameters": [
- {
- "name": "username",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "firstName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "lastName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "email",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "first",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- },
- {
- "name": "max",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved list of users",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter criteria"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/{participantId}": {
- "get": {
- "tags": [
- "session-controller"
- ],
- "summary": "Retrieve identity attributes of a participant",
- "description": "Fetches the identity attributes associated with the specified participant ID",
- "operationId": "getIdentityAttributesOfParticipant",
- "parameters": [
- {
- "name": "participantId",
- "in": "path",
- "description": "The UUID of the participant",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid",
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "404": {
- "description": "Ephemeral proof not found"
- }
- }
- }
- },
- "/role/{id}": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Find role by ID",
- "description": "Retrieves a role by its unique identifier (UUID)",
- "operationId": "findById",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/search": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Search roles",
- "description": "Searches for roles based on the provided filter criteria and pagination settings",
- "operationId": "search_1",
- "parameters": [
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "description",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "attributeId",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the list of roles",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PageResponseRoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter or pagination parameters"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ping": {
- "get": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Ping the participant",
- "description": "Performs a ping operation to check the participant's status using its UUID",
- "operationId": "ping",
- "parameters": [
- {
- "name": "Participant-Id",
- "in": "header",
- "description": "The UUID of the participant",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid",
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/identity-attribute/search": {
- "get": {
- "tags": [
- "identity-attribute-controller"
- ],
- "summary": "Search identity attributes with ownership",
- "description": "Searches for identity attributes with ownership based on the provided filter and pagination settings",
- "operationId": "search_2",
- "parameters": [
- {
- "name": "code",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "enabled",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "participantTypeIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "participantTypeNotIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "assignedToParticipant",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "updateTimestampFrom",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "updateTimestampTo",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PagedModelIdentityAttributeWithOwnershipDTO"
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/credential/public-key": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve the public key",
- "description": "Fetches the public key associated with the stored credential",
- "operationId": "getPublicKey",
- "responses": {
- "200": {
- "description": "Successfully retrieved public key",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/CredentialDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/credential/my-id": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve participant ID",
- "description": "Fetches the participant ID associated with the current user",
- "operationId": "getMyParticipantId",
- "responses": {
- "200": {
- "description": "Successfully retrieved participant ID",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/agent/ping": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Ping a participant",
- "description": "Pings a participant using the provided FQDN and returns identity attributes",
- "operationId": "ping_1",
- "parameters": [
- {
- "name": "fqdn",
- "in": "query",
- "description": "Fully Qualified Domain Name of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid FQDN provided"
- }
- }
- }
- },
- "/agent/identity-attributes": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getIdentityAttributesWithOwnership",
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/identity-attributes/{certificateId}": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getParticipantIdentityAttributes",
- "parameters": [
- {
- "name": "certificateId",
- "in": "path",
- "description": "The certificate ID of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/echo": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get echo information",
- "description": "Returns echo information including connection and MTLS status",
- "operationId": "echo",
- "responses": {
- "200": {
- "description": "Successfully retrieved echo information",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/EchoDTO"
- }
- }
- }
- }
- }
- }
- },
- "/role/{name}": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete a role by name",
- "description": "Removes a role from the system using its name",
- "operationId": "delete",
- "parameters": [
- {
- "name": "name",
- "in": "path",
- "description": "The name of the role to be deleted",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully deleted the role"
- },
- "400": {
- "description": "Invalid role name"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/delete-attribute": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete an identity attribute from a role",
- "description": "Removes an identity attribute from a specified role",
- "operationId": "deleteAttributeFromRole",
- "parameters": [
- {
- "name": "roleId",
- "in": "query",
- "description": "The UUID of the role from which the attribute will be removed",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- },
- {
- "name": "attributeId",
- "in": "query",
- "description": "The ID of the attribute to be removed",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully removed the attribute from the role"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role or attribute not found"
- }
- }
- }
- }
- },
- "components": {
- "schemas": {
- "ErrorDTO": {
- "type": "object",
- "properties": {
- "error": {
- "type": "string"
- },
- "elementName": {
- "type": "string"
- }
- }
- },
- "KeycloakUserDTO": {
- "required": [
- "email",
- "firstName",
- "lastName",
- "password",
- "username"
- ],
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "firstName": {
- "type": "string"
- },
- "lastName": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "password": {
- "type": "string"
- },
- "roles": {
- "type": "array",
- "readOnly": true,
- "items": {
- "type": "string"
- }
- }
- }
- },
- "KeycloakRoleDTO": {
- "required": [
- "name"
- ],
- "type": "object",
- "properties": {
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- }
- }
- },
- "RoleDTO": {
- "required": [
- "id",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- }
- }
- },
- "TierOneSessionDTO": {
- "required": [
- "jwt"
- ],
- "type": "object",
- "properties": {
- "jwt": {
- "type": "string"
- }
- }
- },
- "IdentityAttributeDTO": {
- "required": [
- "assignableToRoles",
- "code",
- "enabled",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "code": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignableToRoles": {
- "type": "boolean"
- },
- "enabled": {
- "type": "boolean"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "participantTypes": {
- "uniqueItems": true,
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "used": {
- "type": "boolean",
- "readOnly": true
- }
- }
- },
- "PageMetadata": {
- "type": "object",
- "properties": {
- "size": {
- "type": "integer",
- "format": "int64"
- },
- "number": {
- "type": "integer",
- "format": "int64"
- },
- "totalElements": {
- "type": "integer",
- "format": "int64"
- },
- "totalPages": {
- "type": "integer",
- "format": "int64"
- }
- }
- },
- "PageResponseRoleDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- },
- "empty": {
- "type": "boolean"
- }
- }
- },
- "ParticipantDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "certificateId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- }
- }
- },
- "ParticipantWithIdentityAttributesDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "certificateId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- },
- "identityAttributes": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- },
- "IdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "assignedToParticipant": {
- "type": "boolean"
- }
- }
- },
- "PagedModelIdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- }
- }
- },
- "CredentialDTO": {
- "type": "object",
- "properties": {
- "publicKey": {
- "type": "string"
- }
- }
- },
- "EchoDTO": {
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "connectionStatus": {
- "type": "string",
- "enum": [
- "CONNECTED",
- "NOT_CONNECTED"
- ]
- },
- "mtlsStatus": {
- "type": "string",
- "enum": [
- "SECURED",
- "NOT_SECURED"
- ]
- },
- "userIdentityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- }
- }
-}
\ No newline at end of file
diff --git a/openapi/openApi-doc-0.7.0-release.json b/openapi/openApi-doc-0.7.0-release.json
deleted file mode 100644
index a17a004cf9d580388a45644d080f11846b11bda7..0000000000000000000000000000000000000000
--- a/openapi/openApi-doc-0.7.0-release.json
+++ /dev/null
@@ -1,1797 +0,0 @@
-{
- "openapi": "3.0.1",
- "info": {
- "title": "OpenAPI definition",
- "version": "v0"
- },
- "servers": [
- {
- "url": "https://users-roles.authority.svc.cluster.local",
- "description": "Generated server url"
- }
- ],
- "paths": {
- "/user/{uuid}": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by UUID",
- "description": "Retrieves a user by its UUID",
- "operationId": "getUserByUuid",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user",
- "description": "Updates the details of an existing user by its UUID",
- "operationId": "updateUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The user details to update",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "delete": {
- "tags": [
- "user-controller"
- ],
- "summary": "Delete user",
- "description": "Deletes a user by its UUID",
- "operationId": "deleteUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "204": {
- "description": "User deleted successfully"
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/{uuid}/roles": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user roles",
- "description": "Retrieves the roles associated with a user by its UUID",
- "operationId": "getRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user roles",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user roles",
- "description": "Updates the roles associated with a user by its UUID",
- "operationId": "updateUserRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The list of roles to be assigned to the user",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User roles updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/role": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Update an existing role",
- "description": "Updates the details of an existing role in the system",
- "operationId": "update",
- "requestBody": {
- "description": "The details of the role to be updated",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict"
- },
- "200": {
- "description": "Successfully updated the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: Cannot modify role's name or User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- },
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Create a new role",
- "description": "Creates a new role in the system with the provided details",
- "operationId": "create",
- "requestBody": {
- "description": "The details of the role to be created",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: role already exists"
- },
- "201": {
- "description": "Successfully created the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/role/{id}/identity-attributes": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Assign identity attributes to a role",
- "description": "Assigns a list of identity attribute IDs to a specified role",
- "operationId": "assignIdentityAttributes",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role to which identity attributes will be assigned",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "requestBody": {
- "description": "List of identity attribute IDs to be assigned to the role",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully assigned identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/user/as-t1user": {
- "post": {
- "tags": [
- "user-controller"
- ],
- "summary": "Create a user",
- "description": "Creates a new tier-one user",
- "operationId": "createUserAsT1",
- "requestBody": {
- "description": "The user details",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: User already exists"
- },
- "201": {
- "description": "User created successfully",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string",
- "description": "The Id of the newly created user",
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/credential": {
- "post": {
- "tags": [
- "session-controller"
- ],
- "summary": "Validate Tier 1 session",
- "description": "Validate the tier one session against the ephemeral proof stored in the agent",
- "operationId": "validateTierOneSession",
- "requestBody": {
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/TierOneSessionDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "204": {
- "description": "Tier 1 session validated successfully"
- },
- "422": {
- "description": "Invalid Tier 1 session"
- }
- }
- }
- },
- "/role/{id}/duplicate-identity-attribute": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Duplicate identity attributes to another role",
- "description": "Duplicates identity attributes from the source role to the destination role",
- "operationId": "duplicateIdentityAttributeToAnOtherRole",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the source role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- ],
- "requestBody": {
- "description": "The UUID of the destination role",
- "content": {
- "application/json": {
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully duplicated identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Source or destination role not found"
- }
- }
- }
- },
- "/role/assigned-identity-attributes": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Get identity attributes from role list",
- "description": "Retrieves a list of identity attributes associated with the provided roles",
- "operationId": "getIdentityAttributesFromRoleList",
- "requestBody": {
- "description": "List of roles from which to retrieve identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ephemeral-proof": {
- "post": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Store Ephemeral Proof",
- "description": "Stores the ephemeral proof for a participant identified by their UUID",
- "operationId": "storeCallerEphemeralProof",
- "parameters": [
- {
- "name": "Credential-Id",
- "in": "header",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "requestBody": {
- "description": "The ephemeral proof to be stored",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Ephemeral proof successfully stored"
- },
- "400": {
- "description": "Invalid input data"
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/credential": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Check if a credential is present",
- "description": "Returns true if a credential is present, false otherwise",
- "operationId": "hasCredential",
- "responses": {
- "200": {
- "description": "Successfully checked credential presence",
- "content": {
- "application/json": {
- "schema": {
- "type": "boolean",
- "description": "Boolean indicating if a credential is present",
- "example": true
- }
- }
- }
- }
- }
- },
- "post": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Upload a credential file",
- "description": "Uploads a credential file to the server and returns the ID of the uploaded credential",
- "operationId": "uploadCredential",
- "parameters": [
- {
- "name": "file",
- "in": "query",
- "description": "The credential file to be uploaded",
- "required": true,
- "content": {
- "multipart/form-data": {}
- }
- }
- ],
- "requestBody": {
- "content": {
- "multipart/form-data": {
- "schema": {
- "required": [
- "file"
- ],
- "type": "object",
- "properties": {
- "file": {
- "type": "string",
- "format": "binary"
- }
- }
- }
- }
- }
- },
- "responses": {
- "201": {
- "description": "Successfully uploaded credential",
- "content": {
- "application/json": {
- "schema": {
- "type": "integer",
- "description": "The id of the uploaded credential",
- "example": 12345
- }
- }
- }
- },
- "400": {
- "description": "Invalid file format"
- }
- }
- },
- "delete": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Delete the credential",
- "description": "Deletes the existing credential from the server",
- "operationId": "delete_1",
- "responses": {
- "204": {
- "description": "Successfully deleted credential"
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/user": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by email",
- "description": "Retrieves a user by its email address",
- "operationId": "getUser",
- "parameters": [
- {
- "name": "email",
- "in": "query",
- "description": "The email of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "user@example.com"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid email format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/search": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Search users",
- "description": "Searches for users based on various filter criteria",
- "operationId": "search",
- "parameters": [
- {
- "name": "username",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "firstName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "lastName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "email",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "first",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- },
- {
- "name": "max",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved list of users",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter criteria"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/{credentialId}": {
- "get": {
- "tags": [
- "session-controller"
- ],
- "summary": "Retrieve identity attributes of a participant",
- "description": "Fetches the identity attributes associated with the specified participant ID",
- "operationId": "getIdentityAttributesOfParticipant",
- "parameters": [
- {
- "name": "credentialId",
- "in": "path",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "404": {
- "description": "Ephemeral proof not found"
- }
- }
- }
- },
- "/role/{id}": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Find role by ID",
- "description": "Retrieves a role by its unique identifier (UUID)",
- "operationId": "findById",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/search": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Search roles",
- "description": "Searches for roles based on the provided filter criteria and pagination settings",
- "operationId": "search_1",
- "parameters": [
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "description",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "attributeId",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the list of roles",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PageResponseRoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter or pagination parameters"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ping": {
- "get": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Ping the participant",
- "description": "Performs a ping operation to check the participant's status using its credential id",
- "operationId": "ping",
- "parameters": [
- {
- "name": "Credential-Id",
- "in": "header",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/identity-attribute/search": {
- "get": {
- "tags": [
- "identity-attribute-controller"
- ],
- "summary": "Search identity attributes with ownership",
- "description": "Searches for identity attributes with ownership based on the provided filter and pagination settings",
- "operationId": "search_2",
- "parameters": [
- {
- "name": "code",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "enabled",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "participantTypeIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "participantTypeNotIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "assignedToParticipant",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "updateTimestampFrom",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "updateTimestampTo",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PagedModelIdentityAttributeWithOwnershipDTO"
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/credential/public-key": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve the public key",
- "description": "Fetches the public key associated with the stored credential",
- "operationId": "getPublicKey",
- "responses": {
- "200": {
- "description": "Successfully retrieved public key",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/CredentialDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/credential/my-id": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve participant ID",
- "description": "Fetches the participant ID associated with the current user",
- "operationId": "getMyParticipantId",
- "responses": {
- "200": {
- "description": "Successfully retrieved participant ID",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/agent/ping": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Ping a participant",
- "description": "Pings a participant using the provided FQDN and returns identity attributes",
- "operationId": "ping_1",
- "parameters": [
- {
- "name": "fqdn",
- "in": "query",
- "description": "Fully Qualified Domain Name of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid FQDN provided"
- }
- }
- }
- },
- "/agent/identity-attributes": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getIdentityAttributesWithOwnership",
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/identity-attributes/{credentialId}": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getParticipantIdentityAttributes",
- "parameters": [
- {
- "name": "certificateId",
- "in": "query",
- "description": "The certificate ID of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "credentialId",
- "in": "path",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/echo": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get echo information",
- "description": "Returns echo information including connection and MTLS status",
- "operationId": "echo",
- "responses": {
- "200": {
- "description": "Successfully retrieved echo information",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/EchoDTO"
- }
- }
- }
- }
- }
- }
- },
- "/session/current": {
- "delete": {
- "tags": [
- "session-controller"
- ],
- "summary": "Current User Logout",
- "description": "End the session for the current user",
- "operationId": "deleteCurrentSession",
- "responses": {
- "204": {
- "description": "Successfully deleted user session"
- },
- "400": {
- "description": "Communication error with Keycloak admin"
- }
- }
- }
- },
- "/role/{name}": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete a role by name",
- "description": "Removes a role from the system using its name",
- "operationId": "delete",
- "parameters": [
- {
- "name": "name",
- "in": "path",
- "description": "The name of the role to be deleted",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully deleted the role"
- },
- "400": {
- "description": "Invalid role name"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/delete-attribute": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete an identity attribute from a role",
- "description": "Removes an identity attribute from a specified role",
- "operationId": "deleteAttributeFromRole",
- "parameters": [
- {
- "name": "roleId",
- "in": "query",
- "description": "The UUID of the role from which the attribute will be removed",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- },
- {
- "name": "attributeId",
- "in": "query",
- "description": "The ID of the attribute to be removed",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully removed the attribute from the role"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role or attribute not found"
- }
- }
- }
- }
- },
- "components": {
- "schemas": {
- "ErrorDTO": {
- "type": "object",
- "properties": {
- "error": {
- "type": "string"
- },
- "elementName": {
- "type": "string"
- }
- }
- },
- "KeycloakUserDTO": {
- "required": [
- "email",
- "firstName",
- "lastName",
- "password",
- "username"
- ],
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "firstName": {
- "type": "string"
- },
- "lastName": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "password": {
- "type": "string"
- },
- "roles": {
- "type": "array",
- "readOnly": true,
- "items": {
- "type": "string"
- }
- }
- }
- },
- "KeycloakRoleDTO": {
- "required": [
- "name"
- ],
- "type": "object",
- "properties": {
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- }
- }
- },
- "RoleDTO": {
- "required": [
- "id",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignedIdentityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "TierOneSessionDTO": {
- "required": [
- "jwt"
- ],
- "type": "object",
- "properties": {
- "jwt": {
- "type": "string"
- }
- }
- },
- "IdentityAttributeDTO": {
- "required": [
- "assignableToRoles",
- "code",
- "enabled",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "code": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignableToRoles": {
- "type": "boolean"
- },
- "enabled": {
- "type": "boolean"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "participantTypes": {
- "uniqueItems": true,
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "used": {
- "type": "boolean",
- "readOnly": true
- }
- }
- },
- "PageMetadata": {
- "type": "object",
- "properties": {
- "size": {
- "type": "integer",
- "format": "int64"
- },
- "number": {
- "type": "integer",
- "format": "int64"
- },
- "totalElements": {
- "type": "integer",
- "format": "int64"
- },
- "totalPages": {
- "type": "integer",
- "format": "int64"
- }
- }
- },
- "PageResponseRoleDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- },
- "empty": {
- "type": "boolean"
- }
- }
- },
- "ParticipantDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "credentialId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- }
- }
- },
- "ParticipantWithIdentityAttributesDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "credentialId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- },
- "identityAttributes": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- },
- "IdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "assignedToParticipant": {
- "type": "boolean"
- }
- }
- },
- "PagedModelIdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- }
- }
- },
- "CredentialDTO": {
- "type": "object",
- "properties": {
- "publicKey": {
- "type": "string"
- }
- }
- },
- "EchoDTO": {
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "connectionStatus": {
- "type": "string",
- "enum": [
- "CONNECTED",
- "NOT_CONNECTED"
- ]
- },
- "mtlsStatus": {
- "type": "string",
- "enum": [
- "SECURED",
- "NOT_SECURED"
- ]
- },
- "userIdentityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- }
- }
-}
diff --git a/openapi/openApi-doc-0.8.0-release.json b/openapi/openApi-doc-0.8.0-release.json
deleted file mode 100644
index d8b0ffcf9d8c75364938cf73761e0eb3801e611b..0000000000000000000000000000000000000000
--- a/openapi/openApi-doc-0.8.0-release.json
+++ /dev/null
@@ -1,1823 +0,0 @@
-{
- "openapi": "3.0.1",
- "info": {
- "title": "OpenAPI definition",
- "version": "v0"
- },
- "servers": [
- {
- "url": "https://users-roles.authority.svc.cluster.local",
- "description": "Generated server url"
- }
- ],
- "paths": {
- "/user/{uuid}": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by UUID",
- "description": "Retrieves a user by its UUID",
- "operationId": "getUserByUuid",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user",
- "description": "Updates the details of an existing user by its UUID",
- "operationId": "updateUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The user details to update",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "delete": {
- "tags": [
- "user-controller"
- ],
- "summary": "Delete user",
- "description": "Deletes a user by its UUID",
- "operationId": "deleteUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "204": {
- "description": "User deleted successfully"
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/{uuid}/roles": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user roles",
- "description": "Retrieves the roles associated with a user by its UUID",
- "operationId": "getRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user roles",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user roles",
- "description": "Updates the roles associated with a user by its UUID",
- "operationId": "updateUserRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The list of roles to be assigned to the user",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User roles updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/role": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Update an existing role",
- "description": "Updates the details of an existing role in the system",
- "operationId": "update",
- "requestBody": {
- "description": "The details of the role to be updated",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict"
- },
- "200": {
- "description": "Successfully updated the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: Cannot modify role's name or User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- },
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Create a new role",
- "description": "Creates a new role in the system with the provided details",
- "operationId": "create",
- "requestBody": {
- "description": "The details of the role to be created",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: role already exists"
- },
- "201": {
- "description": "Successfully created the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/role/{id}/identity-attributes": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Assign identity attributes to a role",
- "description": "Assigns a list of identity attribute IDs to a specified role",
- "operationId": "assignIdentityAttributes",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role to which identity attributes will be assigned",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "requestBody": {
- "description": "List of identity attribute IDs to be assigned to the role",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully assigned identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/user/as-t1user": {
- "post": {
- "tags": [
- "user-controller"
- ],
- "summary": "Create a user",
- "description": "Creates a new tier-one user",
- "operationId": "createUserAsT1",
- "requestBody": {
- "description": "The user details",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: User already exists"
- },
- "201": {
- "description": "User created successfully",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string",
- "description": "The Id of the newly created user",
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/credential": {
- "post": {
- "tags": [
- "session-controller"
- ],
- "summary": "Validate Tier 1 session",
- "description": "Validate the tier one session against the ephemeral proof stored in the agent",
- "operationId": "validateTierOneSession",
- "requestBody": {
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/TierOneSessionDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "204": {
- "description": "Tier 1 session validated successfully"
- },
- "422": {
- "description": "Invalid Tier 1 session"
- }
- }
- }
- },
- "/role/{id}/duplicate-identity-attribute": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Duplicate identity attributes to another role",
- "description": "Duplicates identity attributes from the source role to the destination role",
- "operationId": "duplicateIdentityAttributeToAnOtherRole",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the source role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- ],
- "requestBody": {
- "description": "The UUID of the destination role",
- "content": {
- "application/json": {
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully duplicated identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Source or destination role not found"
- }
- }
- }
- },
- "/role/assigned-identity-attributes": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Get identity attributes from role list",
- "description": "Retrieves a list of identity attributes associated with the provided roles",
- "operationId": "getIdentityAttributesFromRoleList",
- "requestBody": {
- "description": "List of role names from which to retrieve identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ephemeral-proof": {
- "post": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Store Ephemeral Proof",
- "description": "Stores the ephemeral proof for a participant identified by their UUID",
- "operationId": "storeCallerEphemeralProof",
- "parameters": [
- {
- "name": "Credential-Id",
- "in": "header",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "requestBody": {
- "description": "The ephemeral proof to be stored",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Ephemeral proof successfully stored"
- },
- "400": {
- "description": "Invalid input data"
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/credential": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Check if a credential is present",
- "description": "Returns true if a credential is present, false otherwise",
- "operationId": "hasCredential",
- "responses": {
- "200": {
- "description": "Successfully checked credential presence",
- "content": {
- "application/json": {
- "schema": {
- "type": "boolean",
- "description": "Boolean indicating if a credential is present",
- "example": true
- }
- }
- }
- }
- }
- },
- "post": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Upload a credential file",
- "description": "Uploads a credential file to the server and returns the ID of the uploaded credential",
- "operationId": "uploadCredential",
- "parameters": [
- {
- "name": "file",
- "in": "query",
- "description": "The credential file to be uploaded",
- "required": true,
- "content": {
- "multipart/form-data": {}
- }
- }
- ],
- "requestBody": {
- "content": {
- "multipart/form-data": {
- "schema": {
- "required": [
- "file"
- ],
- "type": "object",
- "properties": {
- "file": {
- "type": "string",
- "format": "binary"
- }
- }
- }
- }
- }
- },
- "responses": {
- "201": {
- "description": "Successfully uploaded credential",
- "content": {
- "application/json": {
- "schema": {
- "type": "integer",
- "description": "The id of the uploaded credential",
- "example": 12345
- }
- }
- }
- },
- "400": {
- "description": "Invalid file format"
- }
- }
- },
- "delete": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Delete the credential",
- "description": "Deletes the existing credential from the server",
- "operationId": "delete_1",
- "responses": {
- "204": {
- "description": "Successfully deleted credential"
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/user": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by email",
- "description": "Retrieves a user by its email address",
- "operationId": "getUser",
- "parameters": [
- {
- "name": "email",
- "in": "query",
- "description": "The email of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "user@example.com"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid email format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/search": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Search users",
- "description": "Searches for users based on various filter criteria",
- "operationId": "search",
- "parameters": [
- {
- "name": "username",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "firstName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "lastName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "email",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "first",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- },
- {
- "name": "max",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved list of users",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter criteria"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/{credentialId}": {
- "get": {
- "tags": [
- "session-controller"
- ],
- "summary": "Retrieve identity attributes of a participant",
- "description": "Fetches the identity attributes associated with the specified participant ID",
- "operationId": "getIdentityAttributesOfParticipant",
- "parameters": [
- {
- "name": "credentialId",
- "in": "path",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "404": {
- "description": "Ephemeral proof not found"
- }
- }
- }
- },
- "/role/{id}": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Find role by ID",
- "description": "Retrieves a role by its unique identifier (UUID)",
- "operationId": "findById",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/search": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Search roles",
- "description": "Searches for roles based on the provided filter criteria and pagination settings",
- "operationId": "search_1",
- "parameters": [
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "description",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "attributeName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the list of roles",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PageResponseRoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter or pagination parameters"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ping": {
- "get": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Ping the participant",
- "description": "Performs a ping operation to check the participant's status using its credential id",
- "operationId": "ping",
- "parameters": [
- {
- "name": "Credential-Id",
- "in": "header",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/identity-attribute/search": {
- "get": {
- "tags": [
- "identity-attribute-controller"
- ],
- "summary": "Search identity attributes with ownership",
- "description": "Searches for identity attributes with ownership based on the provided filter and pagination settings",
- "operationId": "search_2",
- "parameters": [
- {
- "name": "code",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "enabled",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "participantTypeIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "participantTypeNotIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "assignedToParticipant",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "updateTimestampFrom",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "updateTimestampTo",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PagedModelIdentityAttributeWithOwnershipDTO"
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/credential/public-key": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve the public key",
- "description": "Fetches the public key associated with the stored credential",
- "operationId": "getPublicKey",
- "responses": {
- "200": {
- "description": "Successfully retrieved public key",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/CredentialDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/credential/my-id": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve participant ID",
- "description": "Fetches the participant ID associated with the current participant",
- "operationId": "getMyParticipantId",
- "responses": {
- "200": {
- "description": "Successfully retrieved participant ID",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/credential/credential-id": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve credential ID",
- "description": "Fetches the credential ID associated with the current participant",
- "operationId": "getCredentialId",
- "responses": {
- "200": {
- "description": "Successfully retrieved credential ID",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/agent/ping": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Ping a participant",
- "description": "Pings a participant using the provided FQDN and returns identity attributes",
- "operationId": "ping_1",
- "parameters": [
- {
- "name": "fqdn",
- "in": "query",
- "description": "Fully Qualified Domain Name of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid FQDN provided"
- }
- }
- }
- },
- "/agent/identity-attributes": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getIdentityAttributesWithOwnership",
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/identity-attributes/{credentialId}": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getParticipantIdentityAttributes",
- "parameters": [
- {
- "name": "certificateId",
- "in": "query",
- "description": "The certificate ID of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "credentialId",
- "in": "path",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/echo": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get echo information",
- "description": "Returns echo information including connection and MTLS status",
- "operationId": "echo",
- "responses": {
- "200": {
- "description": "Successfully retrieved echo information",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/EchoDTO"
- }
- }
- }
- }
- }
- }
- },
- "/session/current": {
- "delete": {
- "tags": [
- "session-controller"
- ],
- "summary": "Current User Logout",
- "description": "End the session for the current user",
- "operationId": "deleteCurrentSession",
- "responses": {
- "204": {
- "description": "Successfully deleted user session"
- },
- "400": {
- "description": "Communication error with Keycloak admin"
- }
- }
- }
- },
- "/role/{roleId}": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete a role by id",
- "description": "Removes a role from the system using its id",
- "operationId": "delete",
- "parameters": [
- {
- "name": "roleId",
- "in": "path",
- "description": "The name of the role to be deleted",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully deleted the role"
- },
- "400": {
- "description": "Invalid role name"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/delete-attribute": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete an identity attribute from a role",
- "description": "Removes an identity attribute from a specified role",
- "operationId": "deleteAttributeFromRole",
- "parameters": [
- {
- "name": "roleId",
- "in": "query",
- "description": "The UUID of the role from which the attribute will be removed",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- },
- {
- "name": "attributeCode",
- "in": "query",
- "description": "The code of the attribute to be removed",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully removed the attribute from the role"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- }
- },
- "components": {
- "schemas": {
- "ErrorDTO": {
- "type": "object",
- "properties": {
- "error": {
- "type": "string"
- },
- "elementName": {
- "type": "string"
- }
- }
- },
- "KeycloakUserDTO": {
- "required": [
- "email",
- "firstName",
- "lastName",
- "password",
- "username"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "readOnly": true
- },
- "username": {
- "type": "string"
- },
- "firstName": {
- "type": "string"
- },
- "lastName": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "password": {
- "type": "string"
- },
- "roles": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "KeycloakRoleDTO": {
- "required": [
- "name"
- ],
- "type": "object",
- "properties": {
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- }
- }
- },
- "RoleDTO": {
- "required": [
- "id",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignedIdentityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "TierOneSessionDTO": {
- "required": [
- "jwt"
- ],
- "type": "object",
- "properties": {
- "jwt": {
- "type": "string"
- }
- }
- },
- "IdentityAttributeDTO": {
- "required": [
- "assignableToRoles",
- "code",
- "enabled",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "code": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignableToRoles": {
- "type": "boolean"
- },
- "enabled": {
- "type": "boolean"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "participantTypes": {
- "uniqueItems": true,
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "used": {
- "type": "boolean",
- "readOnly": true
- }
- }
- },
- "PageMetadata": {
- "type": "object",
- "properties": {
- "size": {
- "type": "integer",
- "format": "int64"
- },
- "number": {
- "type": "integer",
- "format": "int64"
- },
- "totalElements": {
- "type": "integer",
- "format": "int64"
- },
- "totalPages": {
- "type": "integer",
- "format": "int64"
- }
- }
- },
- "PageResponseRoleDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- },
- "empty": {
- "type": "boolean"
- }
- }
- },
- "ParticipantDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "credentialId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- }
- }
- },
- "ParticipantWithIdentityAttributesDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "credentialId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- },
- "identityAttributes": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- },
- "IdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "assignedToParticipant": {
- "type": "boolean"
- }
- }
- },
- "PagedModelIdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- }
- }
- },
- "CredentialDTO": {
- "type": "object",
- "properties": {
- "publicKey": {
- "type": "string"
- }
- }
- },
- "EchoDTO": {
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "connectionStatus": {
- "type": "string",
- "enum": [
- "CONNECTED",
- "NOT_CONNECTED"
- ]
- },
- "mtlsStatus": {
- "type": "string",
- "enum": [
- "SECURED",
- "NOT_SECURED"
- ]
- },
- "userIdentityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- }
- }
-}
diff --git a/openapi/openApi-doc-1.0.0-release.json b/openapi/openApi-doc-1.0.0-release.json
deleted file mode 100644
index fc8e74128ab6f084f7967d6dd5a785ab9c15b53e..0000000000000000000000000000000000000000
--- a/openapi/openApi-doc-1.0.0-release.json
+++ /dev/null
@@ -1,1902 +0,0 @@
-{
- "openapi": "3.0.1",
- "info": {
- "title": "OpenAPI definition",
- "version": "v0"
- },
- "servers": [
- {
- "url": "https://users-roles.authority.svc.cluster.local",
- "description": "Generated server url"
- }
- ],
- "paths": {
- "/user/{uuid}": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by UUID",
- "description": "Retrieves a user by its UUID",
- "operationId": "getUserByUuid",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user",
- "description": "Updates the details of an existing user by its UUID",
- "operationId": "updateUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The user details to update",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "delete": {
- "tags": [
- "user-controller"
- ],
- "summary": "Delete user",
- "description": "Deletes a user by its UUID",
- "operationId": "deleteUser",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "204": {
- "description": "User deleted successfully"
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/{uuid}/roles": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user roles",
- "description": "Retrieves the roles associated with a user by its UUID",
- "operationId": "getRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user roles",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- },
- "put": {
- "tags": [
- "user-controller"
- ],
- "summary": "Update user roles",
- "description": "Updates the roles associated with a user by its UUID",
- "operationId": "updateUserRoles",
- "parameters": [
- {
- "name": "uuid",
- "in": "path",
- "description": "The UUID of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- ],
- "requestBody": {
- "description": "The list of roles to be assigned to the user",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "User roles updated successfully"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/role": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Update an existing role",
- "description": "Updates the details of an existing role in the system",
- "operationId": "update",
- "requestBody": {
- "description": "The details of the role to be updated",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict"
- },
- "200": {
- "description": "Successfully updated the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: Cannot modify role's name or User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- },
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Create a new role",
- "description": "Creates a new role in the system with the provided details",
- "operationId": "create",
- "requestBody": {
- "description": "The details of the role to be created",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakRoleDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: role already exists"
- },
- "201": {
- "description": "Successfully created the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/role/{id}/identity-attributes": {
- "put": {
- "tags": [
- "role-controller"
- ],
- "summary": "Assign identity attributes to a role",
- "description": "Assigns a list of identity attribute IDs to a specified role",
- "operationId": "replaceIdentityAttributes",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role to which identity attributes will be assigned",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "requestBody": {
- "description": "List of identity attribute codes to be assigned to the role",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully assigned identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/user/as-t1user": {
- "post": {
- "tags": [
- "user-controller"
- ],
- "summary": "Create a user",
- "description": "Creates a new tier-one user",
- "operationId": "createUserAsT1",
- "requestBody": {
- "description": "The user details",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "409": {
- "description": "Conflict: User already exists"
- },
- "201": {
- "description": "User created successfully",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string",
- "description": "The Id of the newly created user",
- "example": "01929051-2adb-7ee5-994a-b36f64fbb4dd"
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/credential": {
- "post": {
- "tags": [
- "session-controller"
- ],
- "summary": "Validate Tier 1 session",
- "description": "Validate the tier one session against the ephemeral proof stored in the agent",
- "operationId": "validateTierOneSession",
- "requestBody": {
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/TierOneSessionDTO"
- }
- }
- },
- "required": true
- },
- "responses": {
- "204": {
- "description": "Tier 1 session validated successfully"
- },
- "422": {
- "description": "Invalid Tier 1 session"
- }
- }
- }
- },
- "/role/{id}/duplicate-identity-attribute": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Duplicate identity attributes to another role",
- "description": "Duplicates identity attributes from the source role to the destination role",
- "operationId": "duplicateIdentityAttributeToAnOtherRole",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the source role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- ],
- "requestBody": {
- "description": "The UUID of the destination role",
- "content": {
- "application/json": {
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully duplicated identity attributes"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Source or destination role not found"
- }
- }
- }
- },
- "/role/assigned-identity-attributes": {
- "post": {
- "tags": [
- "role-controller"
- ],
- "summary": "Get identity attributes from role list",
- "description": "Retrieves a list of identity attributes associated with the provided roles",
- "operationId": "getIdentityAttributesFromRoleList",
- "requestBody": {
- "description": "List of role names from which to retrieve identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ephemeral-proof": {
- "post": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Store Ephemeral Proof",
- "description": "Stores the ephemeral proof for a participant identified by their UUID",
- "operationId": "storeCallerEphemeralProof",
- "parameters": [
- {
- "name": "Credential-Id",
- "in": "header",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "requestBody": {
- "description": "The ephemeral proof to be stored",
- "content": {
- "text/plain": {
- "schema": {
- "type": "string"
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "Ephemeral proof successfully stored"
- },
- "400": {
- "description": "Invalid input data"
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/credential": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Check if a credential is present",
- "description": "Returns true if a credential is present, false otherwise",
- "operationId": "hasCredential",
- "responses": {
- "200": {
- "description": "Successfully checked credential presence",
- "content": {
- "application/json": {
- "schema": {
- "type": "boolean",
- "description": "Boolean indicating if a credential is present",
- "example": true
- }
- }
- }
- }
- }
- },
- "post": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Upload a credential file",
- "description": "Uploads a credential file to the server and returns the ID of the uploaded credential",
- "operationId": "uploadCredential",
- "parameters": [
- {
- "name": "file",
- "in": "query",
- "description": "The credential file to be uploaded",
- "required": true,
- "content": {
- "multipart/form-data": {}
- }
- }
- ],
- "requestBody": {
- "content": {
- "multipart/form-data": {
- "schema": {
- "required": [
- "file"
- ],
- "type": "object",
- "properties": {
- "file": {
- "type": "string",
- "format": "binary"
- }
- }
- }
- }
- }
- },
- "responses": {
- "201": {
- "description": "Successfully uploaded credential",
- "content": {
- "application/json": {
- "schema": {
- "type": "integer",
- "description": "The id of the uploaded credential",
- "example": 12345
- }
- }
- }
- },
- "400": {
- "description": "Invalid file format"
- }
- }
- },
- "delete": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Delete the credential",
- "description": "Deletes the existing credential from the server",
- "operationId": "delete",
- "responses": {
- "204": {
- "description": "Successfully deleted credential"
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/user": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Get user by email",
- "description": "Retrieves a user by its email address",
- "operationId": "getUser",
- "parameters": [
- {
- "name": "email",
- "in": "query",
- "description": "The email of the user",
- "required": true,
- "schema": {
- "type": "string"
- },
- "example": "user@example.com"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved user",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid email format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "User not found"
- }
- }
- }
- },
- "/user/search": {
- "get": {
- "tags": [
- "user-controller"
- ],
- "summary": "Search users",
- "description": "Searches for users based on various filter criteria",
- "operationId": "search",
- "parameters": [
- {
- "name": "username",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "firstName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "lastName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "email",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "first",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- },
- {
- "name": "max",
- "in": "query",
- "required": false,
- "schema": {
- "type": "integer",
- "format": "int32"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved list of users",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/KeycloakUserDTO"
- }
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter criteria"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/session/{credentialId}": {
- "get": {
- "tags": [
- "session-controller"
- ],
- "summary": "Retrieve identity attributes of a participant",
- "description": "Fetches the identity attributes associated with the specified participant ID",
- "operationId": "getIdentityAttributesOfParticipant",
- "parameters": [
- {
- "name": "credentialId",
- "in": "path",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "404": {
- "description": "Ephemeral proof not found"
- }
- }
- }
- },
- "/role/{id}": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Find role by ID",
- "description": "Retrieves a role by its unique identifier (UUID)",
- "operationId": "findById",
- "parameters": [
- {
- "name": "id",
- "in": "path",
- "description": "The UUID of the role",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- },
- "example": "123e4567-e89b-12d3-a456-426614174000"
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the role",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid UUID format"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/search": {
- "get": {
- "tags": [
- "role-controller"
- ],
- "summary": "Search roles",
- "description": "Searches for roles based on the provided filter criteria and pagination settings",
- "operationId": "search_1",
- "parameters": [
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "description",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "attributeName",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the list of roles",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PageResponseRoleDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid filter or pagination parameters"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/mtls/ping": {
- "get": {
- "tags": [
- "mtls-controller"
- ],
- "summary": "Ping the participant",
- "description": "Performs a ping operation to check the participant's status using its credential id",
- "operationId": "ping",
- "parameters": [
- {
- "name": "Credential-Id",
- "in": "header",
- "description": "The Public Key Hash of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "404": {
- "description": "Participant not found"
- }
- }
- }
- },
- "/identity-attribute/search": {
- "get": {
- "tags": [
- "identity-attribute-controller"
- ],
- "summary": "Search identity attributes with ownership",
- "description": "Searches for identity attributes with ownership based on the provided filter and pagination settings",
- "operationId": "search_2",
- "parameters": [
- {
- "name": "code",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "name",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "enabled",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "participantTypeIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "participantTypeNotIn",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "assignedToParticipant",
- "in": "query",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- },
- {
- "name": "updateTimestampFrom",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "updateTimestampTo",
- "in": "query",
- "required": false,
- "schema": {
- "type": "string",
- "format": "date-time"
- }
- },
- {
- "name": "page",
- "in": "query",
- "description": "Zero-based page index (0..N)",
- "required": false,
- "schema": {
- "minimum": 0,
- "type": "integer",
- "default": 0
- }
- },
- {
- "name": "size",
- "in": "query",
- "description": "The size of the page to be returned",
- "required": false,
- "schema": {
- "minimum": 1,
- "type": "integer",
- "default": 10
- }
- },
- {
- "name": "sort",
- "in": "query",
- "description": "Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.",
- "required": false,
- "schema": {
- "type": "array",
- "items": {
- "type": "string"
- },
- "default": [
- "id,ASC"
- ]
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved the identity attributes",
- "content": {
- "*/*": {
- "schema": {
- "$ref": "#/components/schemas/PagedModelIdentityAttributeWithOwnershipDTO"
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/credential/public-key": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve the public key",
- "description": "Fetches the public key associated with the stored credential",
- "operationId": "getPublicKey",
- "responses": {
- "200": {
- "description": "Successfully retrieved public key",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/CredentialDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/credential/my-id": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve participant ID",
- "description": "Fetches the participant ID associated with the current participant",
- "operationId": "getMyParticipantId",
- "responses": {
- "200": {
- "description": "Successfully retrieved participant ID",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/credential/credential-id": {
- "get": {
- "tags": [
- "credential-controller"
- ],
- "summary": "Retrieve credential ID",
- "description": "Fetches the credential ID associated with the current participant",
- "operationId": "getCredentialId",
- "responses": {
- "200": {
- "description": "Successfully retrieved credential ID",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantDTO"
- }
- }
- }
- },
- "404": {
- "description": "Credential not found"
- }
- }
- }
- },
- "/agent/ping": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Ping a participant",
- "description": "Pings a participant using the provided FQDN and returns identity attributes",
- "operationId": "ping_1",
- "parameters": [
- {
- "name": "fqdn",
- "in": "query",
- "description": "Fully Qualified Domain Name of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully pinged the participant",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ParticipantWithIdentityAttributesDTO"
- }
- }
- }
- },
- "400": {
- "description": "Invalid FQDN provided"
- }
- }
- }
- },
- "/agent/identity-attributes": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getIdentityAttributesWithOwnership",
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/identity-attributes/{credentialId}": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get identity attributes with ownership",
- "description": "Returns a list of identity attributes with ownership details",
- "operationId": "getParticipantIdentityAttributes",
- "parameters": [
- {
- "name": "certificateId",
- "in": "query",
- "description": "The certificate ID of the participant",
- "required": true,
- "schema": {
- "type": "string"
- }
- },
- {
- "name": "credentialId",
- "in": "path",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Successfully retrieved identity attributes with ownership",
- "content": {
- "application/json": {
- "schema": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- },
- "/agent/echo": {
- "get": {
- "tags": [
- "agent-controller"
- ],
- "summary": "Get echo information",
- "description": "Returns echo information including connection and MTLS status",
- "operationId": "echo",
- "responses": {
- "200": {
- "description": "Successfully retrieved echo information",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/EchoDTO"
- }
- }
- }
- }
- }
- }
- },
- "/session/current": {
- "delete": {
- "tags": [
- "session-controller"
- ],
- "summary": "Current User Logout",
- "description": "End the session for the current user",
- "operationId": "deleteCurrentSession",
- "responses": {
- "204": {
- "description": "Successfully deleted user session"
- },
- "400": {
- "description": "Communication error with Keycloak admin"
- }
- }
- }
- },
- "/role/{roleId}": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete a role by id",
- "description": "Removes a role from the system using its id",
- "operationId": "delete_1",
- "parameters": [
- {
- "name": "roleId",
- "in": "path",
- "description": "The name of the role to be deleted",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully deleted the role"
- },
- "400": {
- "description": "Invalid role name"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- },
- "404": {
- "description": "Role not found"
- }
- }
- }
- },
- "/role/delete-attribute": {
- "delete": {
- "tags": [
- "role-controller"
- ],
- "summary": "Delete an identity attribute from a role",
- "description": "Removes an identity attribute from a specified role",
- "operationId": "deleteAttributeFromRole",
- "parameters": [
- {
- "name": "roleId",
- "in": "query",
- "description": "The UUID of the role from which the attribute will be removed",
- "required": true,
- "schema": {
- "type": "string",
- "format": "uuid"
- }
- },
- {
- "name": "attributeCode",
- "in": "query",
- "description": "The code of the attribute to be removed",
- "required": true,
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "204": {
- "description": "Successfully removed the attribute from the role"
- },
- "400": {
- "description": "Invalid input data"
- },
- "401": {
- "description": "Access denied"
- },
- "403": {
- "description": "Forbidden: User does not have the required role"
- }
- }
- }
- }
- },
- "components": {
- "schemas": {
- "ErrorDTO": {
- "type": "object",
- "properties": {
- "error": {
- "type": "string"
- },
- "elementName": {
- "type": "string"
- }
- }
- },
- "KeycloakUserDTO": {
- "required": [
- "email",
- "firstName",
- "lastName",
- "password",
- "username"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "readOnly": true
- },
- "username": {
- "type": "string"
- },
- "firstName": {
- "type": "string"
- },
- "lastName": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "password": {
- "type": "string"
- },
- "roles": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "KeycloakRoleDTO": {
- "required": [
- "name"
- ],
- "type": "object",
- "properties": {
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- }
- }
- },
- "RoleDTO": {
- "required": [
- "id",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignedIdentityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- },
- "TierOneSessionDTO": {
- "required": [
- "jwt"
- ],
- "type": "object",
- "properties": {
- "jwt": {
- "type": "string"
- }
- }
- },
- "IdentityAttributeDTO": {
- "required": [
- "assignableToRoles",
- "code",
- "enabled",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "code": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignableToRoles": {
- "type": "boolean"
- },
- "enabled": {
- "type": "boolean"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "participantTypes": {
- "uniqueItems": true,
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "used": {
- "type": "boolean",
- "readOnly": true
- }
- }
- },
- "PageMetadata": {
- "type": "object",
- "properties": {
- "size": {
- "type": "integer",
- "format": "int64"
- },
- "number": {
- "type": "integer",
- "format": "int64"
- },
- "totalElements": {
- "type": "integer",
- "format": "int64"
- },
- "totalPages": {
- "type": "integer",
- "format": "int64"
- }
- }
- },
- "PageResponseRoleDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/RoleDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- },
- "empty": {
- "type": "boolean"
- }
- }
- },
- "ParticipantDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "credentialId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- }
- }
- },
- "ParticipantWithIdentityAttributesDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "credentialId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- },
- "identityAttributes": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- },
- "IdentityAttributeWithOwnershipDTO": {
- "required": [
- "assignableToRoles",
- "code",
- "enabled",
- "name"
- ],
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "code": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "description": {
- "type": "string"
- },
- "assignableToRoles": {
- "type": "boolean"
- },
- "enabled": {
- "type": "boolean"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "participantTypes": {
- "uniqueItems": true,
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "used": {
- "type": "boolean",
- "readOnly": true
- },
- "assignedToParticipant": {
- "type": "boolean"
- }
- }
- },
- "PagedModelIdentityAttributeWithOwnershipDTO": {
- "type": "object",
- "properties": {
- "content": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeWithOwnershipDTO"
- }
- },
- "page": {
- "$ref": "#/components/schemas/PageMetadata"
- }
- }
- },
- "CredentialDTO": {
- "type": "object",
- "properties": {
- "publicKey": {
- "type": "string"
- }
- }
- },
- "EchoDTO": {
- "required": [
- "organization",
- "participantType"
- ],
- "type": "object",
- "properties": {
- "username": {
- "type": "string"
- },
- "email": {
- "type": "string"
- },
- "connectionStatus": {
- "type": "string",
- "enum": [
- "CONNECTED",
- "NOT_CONNECTED"
- ]
- },
- "mtlsStatus": {
- "type": "string",
- "enum": [
- "SECURED",
- "NOT_SECURED"
- ]
- },
- "userIdentityAttributes": {
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "id": {
- "type": "string",
- "format": "uuid"
- },
- "participantType": {
- "type": "string"
- },
- "organization": {
- "type": "string"
- },
- "creationTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "updateTimestamp": {
- "type": "string",
- "format": "date-time"
- },
- "credentialId": {
- "type": "string"
- },
- "expiryDate": {
- "type": "string",
- "format": "date-time"
- },
- "identityAttributes": {
- "type": "array",
- "items": {
- "$ref": "#/components/schemas/IdentityAttributeDTO"
- }
- }
- }
- }
- }
- }
-}
diff --git a/openapi/openApi-doc-1.1.0-release.json b/openapi/openApi-doc-1.1.0-release.json
deleted file mode 100644
index 3a5a9039d81fd6379487158bfcd4689cf8dd121a..0000000000000000000000000000000000000000
--- a/openapi/openApi-doc-1.1.0-release.json
+++ /dev/null
@@ -1 +0,0 @@
-{"openapi":"3.0.1","info":{"title":"OpenAPI definition","version":"v0"},"servers":[{"url":"http://localhost:8081","description":"Generated server url"}],"tags":[{"name":"Credential API","description":"API for managing credentials"},{"name":"User API","description":"API for managing users"},{"name":"Agent API","description":"API for perform agent operations"},{"name":"Role API","description":"API for managing roles"}],"paths":{"/user/{uuid}":{"get":{"tags":["User API"],"summary":"Get user by UUID","description":"Retrieves a user by its UUID","operationId":"getUserByUuid","parameters":[{"name":"uuid","in":"path","description":"The UUID of the user","required":true,"schema":{"type":"string"},"example":"01929051-2adb-7ee5-994a-b36f64fbb4dd"}],"responses":{"200":{"description":"Successfully retrieved user","content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeycloakUserDTO"}}}},"400":{"description":"Invalid UUID format"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"User not found"}}},"put":{"tags":["User API"],"summary":"Update user","description":"Updates the details of an existing user by its UUID","operationId":"updateUser","parameters":[{"name":"uuid","in":"path","description":"The UUID of the user","required":true,"schema":{"type":"string"},"example":"01929051-2adb-7ee5-994a-b36f64fbb4dd"}],"requestBody":{"description":"The user details to update","content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeycloakUserDTO"}}},"required":true},"responses":{"200":{"description":"User updated successfully"},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"User not found"}}},"delete":{"tags":["User API"],"summary":"Delete user","description":"Deletes a user by its UUID","operationId":"deleteUser","parameters":[{"name":"uuid","in":"path","description":"The UUID of the user","required":true,"schema":{"type":"string"},"example":"01929051-2adb-7ee5-994a-b36f64fbb4dd"}],"responses":{"204":{"description":"User deleted successfully"},"400":{"description":"Invalid UUID format"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"User not found"}}}},"/user/{uuid}/roles":{"get":{"tags":["User API"],"summary":"Get user roles","description":"Retrieves the roles associated with a user by its UUID","operationId":"getRoles","parameters":[{"name":"uuid","in":"path","description":"The UUID of the user","required":true,"schema":{"type":"string"},"example":"01929051-2adb-7ee5-994a-b36f64fbb4dd"}],"responses":{"200":{"description":"Successfully retrieved user roles","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/KeycloakRoleDTO"}}}}},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"User not found"}}},"put":{"tags":["User API"],"summary":"Update user roles","description":"Updates the roles associated with a user by its UUID","operationId":"updateUserRoles","parameters":[{"name":"uuid","in":"path","description":"The UUID of the user","required":true,"schema":{"type":"string"},"example":"01929051-2adb-7ee5-994a-b36f64fbb4dd"}],"requestBody":{"description":"The list of roles to be assigned to the user","content":{"application/json":{"schema":{"type":"array","items":{"type":"string"}}}},"required":true},"responses":{"200":{"description":"User roles updated successfully"},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"User not found"}}}},"/role":{"put":{"tags":["Role API"],"summary":"Update an existing role","description":"Updates the details of an existing role in the system","operationId":"update","requestBody":{"description":"The details of the role to be updated","content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeycloakRoleDTO"}}},"required":true},"responses":{"409":{"description":"Conflict"},"200":{"description":"Successfully updated the role","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleDTO"}}}},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: Cannot modify role's name or User does not have the required role"},"404":{"description":"Role not found"}}},"post":{"tags":["Role API"],"summary":"Create a new role","description":"Creates a new role in the system with the provided details","operationId":"create","requestBody":{"description":"The details of the role to be created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeycloakRoleDTO"}}},"required":true},"responses":{"409":{"description":"Conflict: role already exists"},"201":{"description":"Successfully created the role","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleDTO"}}}},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/role/{id}/identity-attributes":{"put":{"tags":["Role API"],"summary":"Assign identity attributes to a role","description":"Assigns a list of identity attribute IDs to a specified role","operationId":"replaceIdentityAttributes","parameters":[{"name":"id","in":"path","description":"The UUID of the role to which identity attributes will be assigned","required":true,"schema":{"type":"string","format":"uuid"},"example":"123e4567-e89b-12d3-a456-426614174000"}],"requestBody":{"description":"List of identity attribute codes to be assigned to the role","content":{"application/json":{"schema":{"type":"array","items":{"type":"string"}}}},"required":true},"responses":{"200":{"description":"Successfully assigned identity attributes"},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"Role not found"}}}},"/user":{"get":{"tags":["User API"],"summary":"Get user by email","description":"Retrieves a user by its email address","operationId":"getUser","parameters":[{"name":"email","in":"query","description":"The email of the user","required":true,"schema":{"type":"string"},"example":"user@example.com"}],"responses":{"200":{"description":"Successfully retrieved user","content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeycloakUserDTO"}}}},"400":{"description":"Invalid email format"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"User not found"}}},"post":{"tags":["User API"],"operationId":"createUser","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeycloakUserDTO"}}},"required":true},"responses":{"201":{"description":"Created","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/user/import":{"post":{"tags":["User API"],"operationId":"importUsers","requestBody":{"content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/KeycloakUserDTO"}}}},"required":true},"responses":{"201":{"description":"Created"}}}},"/user/as-t1user":{"post":{"tags":["User API"],"summary":"Create a user","description":"Creates a new tier-one user","operationId":"createUserAsT1","requestBody":{"description":"The user details","content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeycloakUserDTO"}}},"required":true},"responses":{"409":{"description":"Conflict: User already exists"},"201":{"description":"User created successfully","content":{"text/plain":{"schema":{"type":"string","description":"The Id of the newly created user","example":"01929051-2adb-7ee5-994a-b36f64fbb4dd"}}}},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/session/credential":{"post":{"tags":["session-controller"],"summary":"Validate Tier 1 session","description":"Validate the tier one session against the ephemeral proof stored in the agent","operationId":"validateTierOneSession","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TierOneSessionDTO"}}},"required":true},"responses":{"204":{"description":"Tier 1 session validated successfully"},"422":{"description":"Invalid Tier 1 session"}}}},"/role/{id}/duplicate-identity-attribute":{"post":{"tags":["Role API"],"summary":"Duplicate identity attributes to another role","description":"Duplicates identity attributes from the source role to the destination role","operationId":"duplicateIdentityAttributeToAnOtherRole","parameters":[{"name":"id","in":"path","description":"The UUID of the source role","required":true,"schema":{"type":"string","format":"uuid"}}],"requestBody":{"description":"The UUID of the destination role","content":{"application/json":{"schema":{"type":"string","format":"uuid"}}},"required":true},"responses":{"200":{"description":"Successfully duplicated identity attributes"},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"Source or destination role not found"}}}},"/role/import":{"post":{"tags":["Role API"],"operationId":"importRoles","requestBody":{"content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/KeycloakRoleDTO"}}}},"required":true},"responses":{"201":{"description":"Created"}}}},"/role/assigned-identity-attributes":{"post":{"tags":["Role API"],"summary":"Get identity attributes from role list","description":"Retrieves a list of identity attributes associated with the provided roles","operationId":"getIdentityAttributesFromRoleList","requestBody":{"description":"List of role names from which to retrieve identity attributes","content":{"application/json":{"schema":{"type":"array","items":{"type":"string"}}}},"required":true},"responses":{"200":{"description":"Successfully retrieved identity attributes","content":{"*/*":{"schema":{"type":"array","items":{"type":"string"}}}}},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/mtls/ephemeral-proof":{"post":{"tags":["mtls-controller"],"summary":"Store Ephemeral Proof","description":"Stores the ephemeral proof for a participant identified by their UUID","operationId":"storeCallerEphemeralProof","parameters":[{"name":"Credential-Id","in":"header","description":"The Public Key Hash of the participant","required":true,"schema":{"type":"string"}}],"requestBody":{"description":"The ephemeral proof to be stored","content":{"text/plain":{"schema":{"type":"string"}}},"required":true},"responses":{"200":{"description":"Ephemeral proof successfully stored"},"400":{"description":"Invalid input data"},"404":{"description":"Participant not found"}}}},"/credential":{"get":{"tags":["Credential API"],"summary":"Check if a credential is present","description":"Returns true if a credential is present, false otherwise","operationId":"hasCredential","responses":{"200":{"description":"Successfully checked credential presence","content":{"application/json":{"schema":{"type":"boolean","description":"Boolean indicating if a credential is present","example":true}}}}}},"post":{"tags":["Credential API"],"summary":"Upload a credential file","description":"Uploads a credential file to the server and returns the ID of the uploaded credential","operationId":"uploadCredential","parameters":[{"name":"file","in":"query","description":"The credential file to be uploaded","required":true,"content":{"multipart/form-data":{}}}],"requestBody":{"content":{"multipart/form-data":{"schema":{"required":["file"],"type":"object","properties":{"file":{"type":"string","format":"binary"}}}}}},"responses":{"201":{"description":"Successfully uploaded credential","content":{"application/json":{"schema":{"type":"integer","description":"The id of the uploaded credential","example":12345}}}},"400":{"description":"Invalid file format"}}},"delete":{"tags":["Credential API"],"summary":"Delete the credential","description":"Deletes the existing credential from the server","operationId":"delete","responses":{"204":{"description":"Successfully deleted credential"},"404":{"description":"Credential not found"}}}},"/user/search":{"get":{"tags":["User API"],"summary":"Search users","description":"Searches for users based on various filter criteria","operationId":"search","parameters":[{"name":"username","in":"query","required":false,"schema":{"type":"string"}},{"name":"firstName","in":"query","required":false,"schema":{"type":"string"}},{"name":"lastName","in":"query","required":false,"schema":{"type":"string"}},{"name":"email","in":"query","required":false,"schema":{"type":"string"}},{"name":"first","in":"query","required":false,"schema":{"type":"integer","format":"int32"}},{"name":"max","in":"query","required":false,"schema":{"type":"integer","format":"int32"}}],"responses":{"200":{"description":"Successfully retrieved list of users","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/KeycloakUserDTO"}}}}},"400":{"description":"Invalid filter criteria"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/session/{credentialId}":{"get":{"tags":["session-controller"],"summary":"Retrieve identity attributes of a participant","description":"Fetches the identity attributes associated with the specified participant ID","operationId":"getIdentityAttributesOfParticipant","parameters":[{"name":"credentialId","in":"path","description":"The Public Key Hash of the participant","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"Successfully retrieved identity attributes","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/IdentityAttributeDTO"}}}}},"404":{"description":"Ephemeral proof not found"}}}},"/role/{id}":{"get":{"tags":["Role API"],"summary":"Find role by ID","description":"Retrieves a role by its unique identifier (UUID)","operationId":"findById","parameters":[{"name":"id","in":"path","description":"The UUID of the role","required":true,"schema":{"type":"string","format":"uuid"},"example":"123e4567-e89b-12d3-a456-426614174000"}],"responses":{"200":{"description":"Successfully retrieved the role","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleDTO"}}}},"400":{"description":"Invalid UUID format"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"Role not found"}}}},"/role/search":{"get":{"tags":["Role API"],"summary":"Search roles","description":"Searches for roles based on the provided filter criteria and pagination settings","operationId":"search_1","parameters":[{"name":"name","in":"query","required":false,"schema":{"type":"string"}},{"name":"description","in":"query","required":false,"schema":{"type":"string"}},{"name":"attributeName","in":"query","required":false,"schema":{"type":"string"}},{"name":"page","in":"query","description":"Zero-based page index (0..N)","required":false,"schema":{"minimum":0,"type":"integer","default":0}},{"name":"size","in":"query","description":"The size of the page to be returned","required":false,"schema":{"minimum":1,"type":"integer","default":10}},{"name":"sort","in":"query","description":"Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.","required":false,"schema":{"type":"array","items":{"type":"string"},"default":["id,ASC"]}}],"responses":{"200":{"description":"Successfully retrieved the list of roles","content":{"*/*":{"schema":{"$ref":"#/components/schemas/PageResponseRoleDTO"}}}},"400":{"description":"Invalid filter or pagination parameters"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/mtls/ping":{"get":{"tags":["mtls-controller"],"summary":"Ping the participant","description":"Performs a ping operation to check the participant's status using its credential id","operationId":"ping","parameters":[{"name":"Credential-Id","in":"header","description":"The Public Key Hash of the participant","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"Successfully pinged the participant","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ParticipantWithIdentityAttributesDTO"}}}},"404":{"description":"Participant not found"}}}},"/identity-attribute/search":{"get":{"tags":["identity-attribute-controller"],"summary":"Search identity attributes with ownership","description":"Searches for identity attributes with ownership based on the provided filter and pagination settings","operationId":"search_2","parameters":[{"name":"code","in":"query","required":false,"schema":{"type":"string"}},{"name":"name","in":"query","required":false,"schema":{"type":"string"}},{"name":"enabled","in":"query","required":false,"schema":{"type":"boolean"}},{"name":"participantTypeIn","in":"query","required":false,"schema":{"type":"string"}},{"name":"participantTypeNotIn","in":"query","required":false,"schema":{"type":"string"}},{"name":"assignedToParticipant","in":"query","required":false,"schema":{"type":"boolean"}},{"name":"updateTimestampFrom","in":"query","required":false,"schema":{"type":"string","format":"date-time"}},{"name":"updateTimestampTo","in":"query","required":false,"schema":{"type":"string","format":"date-time"}},{"name":"page","in":"query","description":"Zero-based page index (0..N)","required":false,"schema":{"minimum":0,"type":"integer","default":0}},{"name":"size","in":"query","description":"The size of the page to be returned","required":false,"schema":{"minimum":1,"type":"integer","default":10}},{"name":"sort","in":"query","description":"Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.","required":false,"schema":{"type":"array","items":{"type":"string"},"default":["id,ASC"]}}],"responses":{"200":{"description":"Successfully retrieved the identity attributes","content":{"*/*":{"schema":{"$ref":"#/components/schemas/PagedModelIdentityAttributeWithOwnershipDTO"}}}},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/credential/public-key":{"get":{"tags":["Credential API"],"summary":"Retrieve the public key","description":"Fetches the public key associated with the stored credential","operationId":"getPublicKey","responses":{"200":{"description":"Successfully retrieved public key","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CredentialDTO"}}}},"404":{"description":"Credential not found"}}}},"/credential/my-id":{"get":{"tags":["Credential API"],"summary":"Retrieve participant ID","description":"Fetches the participant ID associated with the current participant","operationId":"getMyParticipantId","responses":{"200":{"description":"Successfully retrieved participant ID","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ParticipantDTO"}}}},"404":{"description":"Credential not found"}}}},"/credential/download":{"get":{"tags":["Credential API"],"operationId":"downloadInstalledCredentials","responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"$ref":"#/components/schemas/StreamingResponseBody"}}}}}}},"/credential/credential-id":{"get":{"tags":["Credential API"],"summary":"Retrieve credential ID","description":"Fetches the credential ID associated with the current participant","operationId":"getCredentialId","responses":{"200":{"description":"Successfully retrieved credential ID","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ParticipantDTO"}}}},"404":{"description":"Credential not found"}}}},"/agent/ping":{"get":{"tags":["Agent API"],"summary":"Ping a participant","description":"Pings a participant using the provided FQDN and returns identity attributes","operationId":"ping_1","parameters":[{"name":"fqdn","in":"query","description":"Fully Qualified Domain Name of the participant","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"Successfully pinged the participant","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ParticipantWithIdentityAttributesDTO"}}}},"400":{"description":"Invalid FQDN provided"}}}},"/agent/identity-attributes":{"get":{"tags":["Agent API"],"summary":"Get identity attributes with ownership","description":"Returns a list of identity attributes with ownership details","operationId":"getIdentityAttributesWithOwnership","responses":{"200":{"description":"Successfully retrieved identity attributes with ownership","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/IdentityAttributeWithOwnershipDTO"}}}}},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/agent/identity-attributes/{credentialId}":{"get":{"tags":["Agent API"],"summary":"Get identity attributes with ownership","description":"Returns a list of identity attributes with ownership details","operationId":"getParticipantIdentityAttributes","parameters":[{"name":"certificateId","in":"query","description":"The certificate ID of the participant","required":true,"schema":{"type":"string"}},{"name":"credentialId","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"Successfully retrieved identity attributes with ownership","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/IdentityAttributeDTO"}}}}},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}},"/agent/echo":{"get":{"tags":["Agent API"],"summary":"Get echo information","description":"Returns echo information including connection and MTLS status","operationId":"echo","responses":{"200":{"description":"Successfully retrieved echo information","content":{"application/json":{"schema":{"$ref":"#/components/schemas/EchoDTO"}}}}}}},"/session/current":{"delete":{"tags":["session-controller"],"summary":"Current User Logout","description":"End the session for the current user","operationId":"deleteCurrentSession","responses":{"204":{"description":"Successfully deleted user session"},"400":{"description":"Communication error with Keycloak admin"}}}},"/role/{roleId}":{"delete":{"tags":["Role API"],"summary":"Delete a role by id","description":"Removes a role from the system using its id","operationId":"delete_1","parameters":[{"name":"roleId","in":"path","description":"The name of the role to be deleted","required":true,"schema":{"type":"string","format":"uuid"}}],"responses":{"204":{"description":"Successfully deleted the role"},"400":{"description":"Invalid role name"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"},"404":{"description":"Role not found"}}}},"/role/delete-attribute":{"delete":{"tags":["Role API"],"summary":"Delete an identity attribute from a role","description":"Removes an identity attribute from a specified role","operationId":"deleteAttributeFromRole","parameters":[{"name":"roleId","in":"query","description":"The UUID of the role from which the attribute will be removed","required":true,"schema":{"type":"string","format":"uuid"}},{"name":"attributeCode","in":"query","description":"The code of the attribute to be removed","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Successfully removed the attribute from the role"},"400":{"description":"Invalid input data"},"401":{"description":"Access denied"},"403":{"description":"Forbidden: User does not have the required role"}}}}},"components":{"schemas":{"ErrorDTO":{"type":"object","properties":{"error":{"type":"string"},"elementName":{"type":"string"}}},"KeycloakUserDTO":{"required":["email","firstName","lastName","password","username"],"type":"object","properties":{"id":{"type":"string","readOnly":true},"username":{"type":"string"},"firstName":{"type":"string"},"lastName":{"type":"string"},"email":{"type":"string"},"password":{"type":"string"},"roles":{"type":"array","items":{"type":"string"}}}},"KeycloakRoleDTO":{"required":["name"],"type":"object","properties":{"name":{"type":"string"},"description":{"type":"string"}}},"RoleDTO":{"required":["id","name"],"type":"object","properties":{"id":{"type":"string","format":"uuid"},"name":{"type":"string"},"description":{"type":"string"},"assignedIdentityAttributes":{"type":"array","items":{"type":"string"}}}},"TierOneSessionDTO":{"required":["jwt"],"type":"object","properties":{"jwt":{"type":"string"}}},"IdentityAttributeDTO":{"required":["assignableToRoles","code","enabled","name"],"type":"object","properties":{"id":{"type":"string","format":"uuid"},"code":{"type":"string"},"name":{"type":"string"},"description":{"type":"string"},"assignableToRoles":{"type":"boolean"},"enabled":{"type":"boolean"},"creationTimestamp":{"type":"string","format":"date-time"},"updateTimestamp":{"type":"string","format":"date-time"},"participantTypes":{"uniqueItems":true,"type":"array","items":{"type":"string"}},"used":{"type":"boolean","readOnly":true}}},"PageMetadata":{"type":"object","properties":{"size":{"type":"integer","format":"int64"},"number":{"type":"integer","format":"int64"},"totalElements":{"type":"integer","format":"int64"},"totalPages":{"type":"integer","format":"int64"}}},"PageResponseRoleDTO":{"type":"object","properties":{"content":{"type":"array","items":{"$ref":"#/components/schemas/RoleDTO"}},"page":{"$ref":"#/components/schemas/PageMetadata"},"empty":{"type":"boolean"}}},"ParticipantDTO":{"required":["organization","participantType"],"type":"object","properties":{"id":{"type":"string","format":"uuid"},"participantType":{"type":"string"},"organization":{"type":"string"},"creationTimestamp":{"type":"string","format":"date-time"},"updateTimestamp":{"type":"string","format":"date-time"},"credentialId":{"type":"string"},"expiryDate":{"type":"string","format":"date-time"}}},"ParticipantWithIdentityAttributesDTO":{"required":["organization","participantType"],"type":"object","properties":{"id":{"type":"string","format":"uuid"},"participantType":{"type":"string"},"organization":{"type":"string"},"creationTimestamp":{"type":"string","format":"date-time"},"updateTimestamp":{"type":"string","format":"date-time"},"credentialId":{"type":"string"},"expiryDate":{"type":"string","format":"date-time"},"identityAttributes":{"type":"array","items":{"$ref":"#/components/schemas/IdentityAttributeDTO"}}}},"IdentityAttributeWithOwnershipDTO":{"required":["assignableToRoles","code","enabled","name"],"type":"object","properties":{"id":{"type":"string","format":"uuid"},"code":{"type":"string"},"name":{"type":"string"},"description":{"type":"string"},"assignableToRoles":{"type":"boolean"},"enabled":{"type":"boolean"},"creationTimestamp":{"type":"string","format":"date-time"},"updateTimestamp":{"type":"string","format":"date-time"},"participantTypes":{"uniqueItems":true,"type":"array","items":{"type":"string"}},"used":{"type":"boolean","readOnly":true},"assignedToParticipant":{"type":"boolean"}}},"PagedModelIdentityAttributeWithOwnershipDTO":{"type":"object","properties":{"content":{"type":"array","items":{"$ref":"#/components/schemas/IdentityAttributeWithOwnershipDTO"}},"page":{"$ref":"#/components/schemas/PageMetadata"}}},"CredentialDTO":{"type":"object","properties":{"publicKey":{"type":"string"}}},"StreamingResponseBody":{"type":"object"},"ConnectionStatus":{"type":"string","enum":["CONNECTED","NOT_CONNECTED"]},"EchoDTO":{"required":["organization","participantType"],"type":"object","properties":{"username":{"type":"string"},"email":{"type":"string"},"connectionStatus":{"$ref":"#/components/schemas/ConnectionStatus"},"mtlsStatus":{"$ref":"#/components/schemas/MTLSStatus"},"userIdentityAttributes":{"type":"array","items":{"type":"string"}},"id":{"type":"string","format":"uuid"},"participantType":{"type":"string"},"organization":{"type":"string"},"creationTimestamp":{"type":"string","format":"date-time"},"updateTimestamp":{"type":"string","format":"date-time"},"credentialId":{"type":"string"},"expiryDate":{"type":"string","format":"date-time"},"identityAttributes":{"type":"array","items":{"$ref":"#/components/schemas/IdentityAttributeDTO"}}}},"MTLSStatus":{"type":"string","enum":["SECURED","NOT_SECURED"]}}}}
\ No newline at end of file
diff --git a/openapi/usersroles-v1.yaml b/openapi/usersroles-v1.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..4a32460c1b9e04fef67d2e2ee7a55271b3f1bccd
--- /dev/null
+++ b/openapi/usersroles-v1.yaml
@@ -0,0 +1,1844 @@
+openapi: 3.0.1
+info:
+ title: OpenAPI definition
+ version: 1.1.0
+servers:
+- description: usersroles
+ url: /v1
+tags:
+- description: API for managing Users
+ name: Users
+- description: API for managing Roles
+ name: Roles
+- description: API for managing Sessions
+ name: Sessions
+- description: API for managing Mtls
+ name: Mtls
+- description: API for managing Credentials
+ name: Credentials
+- description: API for managing Identity Attributes
+ name: Identity Attributes
+- description: API for managing Agents
+ name: Agents
+- description: API for managing Public Keys of the Identity and Access Manager
+ name: Public Keys
+paths:
+ /users/{userId}:
+ delete:
+ description: Deletes a user by its UUID
+ operationId: deleteUser
+ parameters:
+ - description: The UUID of the user
+ example: 01929051-2adb-7ee5-994a-b36f64fbb4dd
+ explode: false
+ in: path
+ name: userId
+ required: true
+ schema:
+ type: string
+ style: simple
+ responses:
+ "204":
+ description: User deleted successfully
+ "400":
+ description: Invalid UUID format
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: User not found
+ security:
+ - oauth2AuthCode: []
+ summary: Delete user
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ get:
+ description: Retrieves a user by its UUID
+ operationId: getUserByUuid
+ parameters:
+ - description: The UUID of the user
+ example: 01929051-2adb-7ee5-994a-b36f64fbb4dd
+ explode: false
+ in: path
+ name: userId
+ required: true
+ schema:
+ type: string
+ style: simple
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KeycloakUser'
+ description: Successfully retrieved user
+ "400":
+ description: Invalid UUID format
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: User not found
+ security:
+ - oauth2AuthCode: []
+ summary: Get user by UUID
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ put:
+ description: Updates the details of an existing user by its UUID
+ operationId: updateUser
+ parameters:
+ - description: The UUID of the user
+ example: 01929051-2adb-7ee5-994a-b36f64fbb4dd
+ explode: false
+ in: path
+ name: userId
+ required: true
+ schema:
+ type: string
+ style: simple
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KeycloakUser'
+ description: The user details to update
+ required: true
+ responses:
+ "200":
+ description: User updated successfully
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: User not found
+ security:
+ - oauth2AuthCode: []
+ summary: Update user
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ /users/{userId}/roles:
+ get:
+ description: Retrieves the roles associated with a user by its UUID
+ operationId: getRoles
+ parameters:
+ - description: The UUID of the user
+ example: 01929051-2adb-7ee5-994a-b36f64fbb4dd
+ explode: false
+ in: path
+ name: userId
+ required: true
+ schema:
+ type: string
+ style: simple
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: '#/components/schemas/KeycloakRole'
+ type: array
+ description: Successfully retrieved user roles
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: User not found
+ security:
+ - oauth2AuthCode: []
+ summary: Get user roles
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ put:
+ description: Updates the roles associated with a user by its UUID
+ operationId: updateUserRoles
+ parameters:
+ - description: The UUID of the user
+ example: 01929051-2adb-7ee5-994a-b36f64fbb4dd
+ explode: false
+ in: path
+ name: userId
+ required: true
+ schema:
+ type: string
+ style: simple
+ requestBody:
+ content:
+ application/json:
+ schema:
+ items:
+ type: string
+ type: array
+ description: The list of roles to be assigned to the user
+ required: true
+ responses:
+ "200":
+ description: User roles updated successfully
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: User not found
+ security:
+ - oauth2AuthCode: []
+ summary: Update user roles
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ /roles:
+ get:
+ description: Searches for roles based on the provided filter criteria and pagination
+ settings
+ operationId: searchRoles
+ parameters:
+ - description: Zero-based page index (0..N)
+ explode: true
+ in: query
+ name: page
+ required: false
+ schema:
+ default: 0
+ minimum: 0
+ type: integer
+ style: form
+ - description: The size of the page to be returned
+ explode: true
+ in: query
+ name: size
+ required: false
+ schema:
+ default: 10
+ minimum: 1
+ type: integer
+ style: form
+ - description: "Sorting criteria in the format: property,(asc|desc). Default\
+ \ sort order is ascending. Multiple sort criteria are supported."
+ explode: true
+ in: query
+ name: sort
+ required: false
+ schema:
+ default:
+ - "id,ASC"
+ items:
+ type: string
+ type: array
+ style: form
+ - in: query
+ name: filter
+ schema:
+ $ref: '#/components/schemas/searchRoles_filter_parameter'
+ x-parameter-object: true
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PageResponseRole'
+ description: Successfully retrieved the list of roles
+ "400":
+ description: Invalid filter or pagination parameters
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2AuthCode: []
+ summary: Search roles
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ - T1UAR_M
+ post:
+ description: Creates a new role in the system with the provided details
+ operationId: create
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KeycloakRole'
+ description: The details of the role to be created
+ required: true
+ responses:
+ "201":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Role'
+ description: Successfully created the role
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "409":
+ description: "Conflict: role already exists"
+ security:
+ - oauth2AuthCode: []
+ summary: Create a new role
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ /roles/{roleId}/identityAttributes:
+ delete:
+ description: Removes an identity attribute from a specified role
+ operationId: deleteAttributeFromRole
+ parameters:
+ - description: The UUID of the role
+ explode: false
+ in: path
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: simple
+ - description: The code of the attribute to be removed
+ explode: true
+ in: query
+ name: attributeCode
+ required: true
+ schema:
+ type: string
+ style: form
+ responses:
+ "204":
+ description: Successfully removed the attribute from the role
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2AuthCode: []
+ summary: Delete an identity attribute from a role
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ - T1UAR_M
+ put:
+ description: Assigns a list of identity attribute IDs to a specified role
+ operationId: replaceIdentityAttributes
+ parameters:
+ - description: The UUID of the role to which identity attributes will be assigned
+ example: 123e4567-e89b-12d3-a456-426614174000
+ explode: false
+ in: path
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: simple
+ requestBody:
+ content:
+ application/json:
+ schema:
+ items:
+ type: string
+ type: array
+ description: List of identity attribute codes to be assigned to the role
+ required: true
+ responses:
+ "200":
+ description: Successfully assigned identity attributes
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: Role not found
+ security:
+ - oauth2AuthCode: []
+ summary: Assign identity attributes to a role
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ /roles/{roleId}/identityAttributes/duplicate:
+ post:
+ description: Duplicates identity attributes from the source role to the destination
+ role
+ operationId: duplicateIdentityAttributeToAnOtherRole
+ parameters:
+ - description: The UUID of the source role
+ explode: false
+ in: path
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: simple
+ requestBody:
+ content:
+ application/json:
+ schema:
+ type: string
+ description: The UUID of the destination role
+ required: true
+ responses:
+ "200":
+ description: Successfully duplicated identity attributes
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: Source or destination role not found
+ security:
+ - oauth2AuthCode: []
+ summary: Duplicate identity attributes to another role
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ /users:
+ get:
+ description: Searches for users based on various filter criteria
+ operationId: search
+ parameters:
+ - explode: true
+ in: query
+ name: username
+ required: false
+ schema:
+ type: string
+ style: form
+ - explode: true
+ in: query
+ name: firstName
+ required: false
+ schema:
+ type: string
+ style: form
+ - explode: true
+ in: query
+ name: lastName
+ required: false
+ schema:
+ type: string
+ style: form
+ - explode: true
+ in: query
+ name: email
+ required: false
+ schema:
+ type: string
+ style: form
+ - explode: true
+ in: query
+ name: first
+ required: false
+ schema:
+ format: int32
+ type: integer
+ style: form
+ - explode: true
+ in: query
+ name: max
+ required: false
+ schema:
+ format: int32
+ type: integer
+ style: form
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: '#/components/schemas/KeycloakUser'
+ type: array
+ description: Successfully retrieved list of users
+ "400":
+ description: Invalid filter criteria
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2AuthCode: []
+ summary: Search users (replaces getUserByEmail)
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ post:
+ operationId: createUser
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KeycloakUser'
+ required: true
+ responses:
+ "201":
+ content:
+ application/json:
+ schema:
+ type: string
+ description: Created
+ security:
+ - oauth2AuthCode: []
+ tags:
+ - Users
+ /users/import:
+ post:
+ operationId: importUsers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: '#/components/schemas/KeycloakUser'
+ type: array
+ required: true
+ responses:
+ "201":
+ description: Created
+ security:
+ - oauth2AuthCode: []
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ /users/asT1users:
+ post:
+ deprecated: true
+ description: Creates a new tier-one user
+ operationId: createUserAsT1
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KeycloakUser'
+ description: The user details
+ required: true
+ responses:
+ "201":
+ content:
+ text/plain:
+ schema:
+ description: The Id of the newly created user
+ example: 01929051-2adb-7ee5-994a-b36f64fbb4dd
+ type: string
+ description: User created successfully
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "409":
+ description: "Conflict: User already exists"
+ security:
+ - oauth2AuthCode: []
+ summary: POST /users will be protected both with scopes and roles
+ tags:
+ - Users
+ x-simpl-roles:
+ - T1UAR_M
+ /sessions/credentials:
+ post:
+ description: Validate the tier one session against the ephemeral proof stored
+ in the agent
+ operationId: validateTierOneSession
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TierOneSession'
+ required: true
+ responses:
+ "204":
+ description: Tier 1 session validated successfully
+ "422":
+ description: Invalid Tier 1 session
+ security:
+ - oauth2ClientCredentials: []
+ summary: Validate Tier 1 session
+ tags:
+ - Sessions
+ /roles/{roleId}/duplicateIdentityAttributes:
+ post:
+ deprecated: true
+ description: Duplicates identity attributes from the source role to the destination
+ role
+ operationId: duplicateIdentityAttributeToAnOtherRoleDeprecated
+ parameters:
+ - description: The UUID of the source role
+ explode: false
+ in: path
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: simple
+ requestBody:
+ content:
+ application/json:
+ schema:
+ type: string
+ description: The UUID of the destination role
+ required: true
+ responses:
+ "200":
+ description: Successfully duplicated identity attributes
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: Source or destination role not found
+ security:
+ - oauth2AuthCode: []
+ summary: "Use POST /roles/{roleId}/identityAttributes/duplicate"
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ /roles/import:
+ post:
+ operationId: importRoles
+ requestBody:
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: '#/components/schemas/KeycloakRole'
+ type: array
+ required: true
+ responses:
+ "201":
+ description: Created
+ security:
+ - oauth2AuthCode: []
+ tags:
+ - Roles
+ /roles/assignedIdentityAttributes:
+ post:
+ deprecated: true
+ description: Retrieves a list of identity attributes associated with the provided
+ roles
+ operationId: getIdentityAttributesFromRoleList
+ requestBody:
+ content:
+ application/json:
+ schema:
+ items:
+ type: string
+ type: array
+ description: List of role names from which to retrieve identity attributes
+ required: true
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ items:
+ type: string
+ type: array
+ description: Successfully retrieved identity attributes
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2ClientCredentials: []
+ summary: "Use GET /roles/{roleId}"
+ tags:
+ - Roles
+ /mtls/ephemeralProof:
+ post:
+ description: Stores the ephemeral proof for a participant identified by their
+ UUID
+ operationId: storeCallerEphemeralProof
+ parameters:
+ - description: The Public Key Hash of the participant
+ explode: false
+ in: header
+ name: Credential-Id
+ required: true
+ schema:
+ type: string
+ style: simple
+ requestBody:
+ content:
+ text/plain:
+ schema:
+ type: string
+ description: The ephemeral proof to be stored
+ required: true
+ responses:
+ "200":
+ description: Ephemeral proof successfully stored
+ "400":
+ description: Invalid input data
+ "404":
+ description: Participant not found
+ security:
+ - mtls: []
+ summary: Store Ephemeral Proof
+ tags:
+ - Mtls
+ /credentials:
+ delete:
+ description: Deletes the existing credential from the server
+ operationId: delete
+ responses:
+ "204":
+ description: Successfully deleted credential
+ "404":
+ description: Credential not found
+ security:
+ - oauth2AuthCode: []
+ summary: Delete the credential
+ tags:
+ - Credentials
+ x-simpl-roles:
+ - ONBOARDER_M
+ get:
+ description: "Returns true if a credential is present, false otherwise"
+ operationId: hasCredential
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ description: Boolean indicating if a credential is present
+ example: true
+ type: boolean
+ description: Successfully checked credential presence
+ security:
+ - oauth2AuthCode: []
+ summary: Check if a credential is present
+ tags:
+ - Credentials
+ post:
+ description: Uploads a credential file to the server and returns the ID of the
+ uploaded credential
+ operationId: uploadCredential
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ $ref: '#/components/schemas/uploadCredential_request'
+ responses:
+ "201":
+ content:
+ application/json:
+ schema:
+ description: The id of the uploaded credential
+ example: 12345
+ type: integer
+ description: Successfully uploaded credential
+ "400":
+ description: Invalid file format
+ security:
+ - oauth2AuthCode: []
+ summary: Upload a credential file
+ tags:
+ - Credentials
+ x-simpl-roles:
+ - ONBOARDER_M
+ /sessions/{credentialId}:
+ get:
+ description: Fetches the identity attributes associated with the specified participant
+ ID
+ operationId: getIdentityAttributesOfParticipant
+ parameters:
+ - description: The Public Key Hash of the participant
+ explode: false
+ in: path
+ name: credentialId
+ required: true
+ schema:
+ type: string
+ style: simple
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: '#/components/schemas/IdentityAttribute'
+ type: array
+ description: Successfully retrieved identity attributes
+ "404":
+ description: Ephemeral proof not found
+ security:
+ - oauth2ClientCredentials: []
+ summary: Retrieve identity attributes of a participant
+ tags:
+ - Sessions
+ /mtls/ping:
+ get:
+ description: Performs a ping operation to check the participant's status using
+ its credential id
+ operationId: ping
+ parameters:
+ - description: The Public Key Hash of the participant
+ explode: false
+ in: header
+ name: Credential-Id
+ required: true
+ schema:
+ type: string
+ style: simple
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ParticipantWithIdentityAttributes'
+ description: Successfully pinged the participant
+ "404":
+ description: Participant not found
+ security:
+ - mtls: []
+ summary: Ping the participant
+ tags:
+ - Mtls
+ /identityAttributes:
+ get:
+ description: Searches for identity attributes with ownership based on the provided
+ filter and pagination settings
+ operationId: searchIdentityAttributesWithOwnership
+ parameters:
+ - description: Zero-based page index (0..N)
+ explode: true
+ in: query
+ name: page
+ required: false
+ schema:
+ default: 0
+ minimum: 0
+ type: integer
+ style: form
+ - description: The size of the page to be returned
+ explode: true
+ in: query
+ name: size
+ required: false
+ schema:
+ default: 10
+ minimum: 1
+ type: integer
+ style: form
+ - description: "Sorting criteria in the format: property,(asc|desc). Default\
+ \ sort order is ascending. Multiple sort criteria are supported."
+ explode: true
+ in: query
+ name: sort
+ required: false
+ schema:
+ default:
+ - "id,ASC"
+ items:
+ type: string
+ type: array
+ style: form
+ - in: query
+ name: filter
+ schema:
+ $ref: '#/components/schemas/searchIdentityAttributesWithOwnership_filter_parameter'
+ x-parameter-object: true
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PagedModelIdentityAttributeWithOwnership'
+ description: Successfully retrieved the identity attributes
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2AuthCode: []
+ summary: Search identity attributes with ownership
+ tags:
+ - Identity Attributes
+ x-simpl-roles:
+ - T1UAR_M
+ - NOTARY
+ - IATTR_M
+ - NOTARY
+ /identityAttributes/updateAssignments:
+ put:
+ description: Enables a list of identity attribute codes received in the request
+ body as a JSON array of strings. Each provided ID is activated.
+ operationId: updateAssignmentsIdentityAttributeRoles
+ requestBody:
+ content:
+ application/json:
+ schema:
+ items:
+ type: string
+ type: array
+ description: List of identity attribute codes
+ required: true
+ responses:
+ "204":
+ description: Successfully update identity attributes
+ "401":
+ description: Access denied
+ summary: Update Assignments Identity Attribute Roles Service
+ tags:
+ - Identity Attributes
+ /credentials/publicKey:
+ get:
+ description: Fetches the public key associated with the stored credential
+ operationId: getPublicKey
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Credential'
+ description: Successfully retrieved public key
+ "404":
+ description: Credential not found
+ summary: Retrieve the public key
+ tags:
+ - Credentials
+ /credentials/myId:
+ get:
+ description: Fetches the participant ID associated with the current participant
+ operationId: getMyParticipantId
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Participant'
+ description: Successfully retrieved participant ID
+ "404":
+ description: Credential not found
+ security:
+ - oauth2ClientCredentials: []
+ summary: Retrieve participant ID
+ tags:
+ - Credentials
+ /credentials/download:
+ get:
+ operationId: downloadInstalledCredentials
+ responses:
+ "200":
+ content:
+ application/octet-stream:
+ schema:
+ format: stream
+ type: string
+ description: OK
+ security:
+ - oauth2AuthCode: []
+ tags:
+ - Credentials
+ /credentials/credentialId:
+ get:
+ description: Fetches the credential ID associated with the current participant
+ operationId: getCredentialId
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Participant'
+ description: Successfully retrieved credential ID
+ "404":
+ description: Credential not found
+ security:
+ - oauth2ClientCredentials: []
+ summary: Retrieve credential ID
+ tags:
+ - Credentials
+ /agent/ping:
+ get:
+ description: Pings a participant using the provided FQDN and returns identity
+ attributes
+ operationId: pingAgent
+ parameters:
+ - description: Fully Qualified Domain Name of the participant
+ explode: true
+ in: query
+ name: fqdn
+ required: true
+ schema:
+ type: string
+ style: form
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ParticipantWithIdentityAttributes'
+ description: Successfully pinged the participant
+ "400":
+ description: Invalid FQDN provided
+ security:
+ - oauth2AuthCode: []
+ summary: Ping a participant
+ tags:
+ - Agents
+ /agent/identityAttributes:
+ get:
+ description: Returns a list of identity attributes with ownership details
+ operationId: getIdentityAttributesWithOwnership
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: '#/components/schemas/IdentityAttributeWithOwnership'
+ type: array
+ description: Successfully retrieved identity attributes with ownership
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2AuthCode: []
+ summary: Get identity attributes with ownership
+ tags:
+ - Agents
+ x-simpl-roles:
+ - T1UAR_M
+ /agent/identityAttributes/{credentialId}:
+ get:
+ description: Returns a list of identity attributes with ownership details
+ operationId: getParticipantIdentityAttributes
+ parameters:
+ - description: The certificate ID of the participant
+ explode: true
+ in: query
+ name: certificateId
+ required: true
+ schema:
+ type: string
+ style: form
+ - explode: false
+ in: path
+ name: credentialId
+ required: true
+ schema:
+ type: string
+ style: simple
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: '#/components/schemas/IdentityAttribute'
+ type: array
+ description: Successfully retrieved identity attributes with ownership
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2AuthCode: []
+ summary: Get identity attributes with ownership
+ tags:
+ - Agents
+ x-simpl-roles:
+ - T1UAR_M
+ /agent/echo:
+ get:
+ description: Returns echo information including connection and MTLS status
+ operationId: echo
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Echo'
+ description: Successfully retrieved echo information
+ security:
+ - oauth2AuthCode: []
+ summary: Get echo information
+ tags:
+ - Agents
+ /sessions/current:
+ delete:
+ description: End the session for the current user
+ operationId: deleteCurrentSession
+ responses:
+ "204":
+ description: Successfully deleted user session
+ "400":
+ description: Communication error with Keycloak admin
+ security:
+ - oauth2AuthCode: []
+ summary: Current User Logout
+ tags:
+ - Sessions
+ /roles/{roleId}:
+ delete:
+ description: Removes a role from the system using its id
+ operationId: deleteCredential
+ parameters:
+ - description: The name of the role to be deleted
+ explode: false
+ in: path
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: simple
+ responses:
+ "204":
+ description: Successfully deleted the role
+ "400":
+ description: Invalid role name
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: Role not found
+ security:
+ - oauth2AuthCode: []
+ summary: Delete a role by id
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ get:
+ description: Retrieves a role by its unique identifier (UUID)
+ operationId: findById
+ parameters:
+ - description: The UUID of the role
+ example: 123e4567-e89b-12d3-a456-426614174000
+ explode: false
+ in: path
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: simple
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Role'
+ description: Successfully retrieved the role
+ "400":
+ description: Invalid UUID format
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ "404":
+ description: Role not found
+ security:
+ - oauth2AuthCode: []
+ summary: Find role by ID
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ put:
+ description: Updates the details of an existing role in the system
+ operationId: update
+ parameters:
+ - description: The UUID of the role
+ example: 123e4567-e89b-12d3-a456-426614174000
+ explode: false
+ in: path
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: simple
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Role'
+ description: The details of the role to be updated
+ required: true
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Role'
+ description: Successfully updated the role
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: Cannot modify role's name or User does not have\
+ \ the required role"
+ "404":
+ description: Role not found
+ "409":
+ description: Conflict
+ security:
+ - oauth2AuthCode: []
+ summary: Update an existing role
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ /roles/deleteAttributes:
+ delete:
+ deprecated: true
+ description: Removes an identity attribute from a specified role
+ operationId: deleteAttributeFromRoleDeprecated
+ parameters:
+ - description: The UUID of the role from which the attribute will be removed
+ explode: true
+ in: query
+ name: roleId
+ required: true
+ schema:
+ format: uuid
+ type: string
+ style: form
+ - description: The code of the attribute to be removed
+ explode: true
+ in: query
+ name: attributeCode
+ required: true
+ schema:
+ type: string
+ style: form
+ responses:
+ "204":
+ description: Successfully removed the attribute from the role
+ "400":
+ description: Invalid input data
+ "401":
+ description: Access denied
+ "403":
+ description: "Forbidden: User does not have the required role"
+ security:
+ - oauth2AuthCode: []
+ summary: Delete an identity attribute from a role
+ tags:
+ - Roles
+ x-simpl-roles:
+ - T1UAR_M
+ - T1UAR_M
+ /signPublicKeys:
+ get:
+ description: "This endpoint allows retrieving the public key by contacting the\
+ \ Identity and Access Manager server. \nThe service queries the server, filters\
+ \ the available keys using the attribute \"use\": \"sig\", \nand returns the\
+ \ corresponding public key.\n"
+ operationId: getSignPublicKey
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PublicKey'
+ description: Successfully retrieved public key.
+ "404":
+ content:
+ application/problem+json:
+ schema:
+ $ref: '#/components/schemas/ProblemDetail'
+ description: No public key found for sign purpose.
+ summary: Retrieves the public key associated with a sign purpose from the Identity
+ and Access Manager server.
+ tags:
+ - Public Keys
+components:
+ schemas:
+ PageMetadata:
+ example:
+ number: 6
+ size: 0
+ totalPages: 5
+ totalElements: 1
+ properties:
+ size:
+ format: int64
+ type: integer
+ number:
+ format: int64
+ type: integer
+ totalElements:
+ format: int64
+ type: integer
+ totalPages:
+ format: int64
+ type: integer
+ type: object
+ Credential:
+ example:
+ publicKey: publicKey
+ properties:
+ publicKey:
+ type: string
+ type: object
+ PagedModelIdentityAttributeWithOwnership:
+ example:
+ page:
+ number: 6
+ size: 0
+ totalPages: 5
+ totalElements: 1
+ content:
+ - code: code
+ assignedToParticipant: true
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ - code: code
+ assignedToParticipant: true
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ properties:
+ content:
+ items:
+ $ref: '#/components/schemas/IdentityAttributeWithOwnership'
+ type: array
+ page:
+ $ref: '#/components/schemas/PageMetadata'
+ type: object
+ KeycloakUser:
+ example:
+ firstName: firstName
+ lastName: lastName
+ password: password
+ roles:
+ - roles
+ - roles
+ id: id
+ email: email
+ username: username
+ properties:
+ id:
+ readOnly: true
+ type: string
+ username:
+ type: string
+ firstName:
+ type: string
+ lastName:
+ type: string
+ email:
+ type: string
+ password:
+ type: string
+ roles:
+ items:
+ type: string
+ type: array
+ required:
+ - email
+ - firstName
+ - lastName
+ - password
+ - username
+ type: object
+ StreamingResponseBody:
+ type: object
+ Echo:
+ example:
+ mtlsStatus: SECURED
+ participantType: participantType
+ userIdentityAttributes:
+ - userIdentityAttributes
+ - userIdentityAttributes
+ identityAttributes:
+ - code: code
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ - code: code
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ expiryDate: 2000-01-23T04:56:07.000+00:00
+ organization: organization
+ connectionStatus: CONNECTED
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ credentialId: credentialId
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ email: email
+ username: username
+ properties:
+ username:
+ type: string
+ email:
+ type: string
+ connectionStatus:
+ $ref: '#/components/schemas/ConnectionStatus'
+ mtlsStatus:
+ $ref: '#/components/schemas/MTLSStatus'
+ userIdentityAttributes:
+ items:
+ type: string
+ type: array
+ id:
+ format: uuid
+ type: string
+ participantType:
+ type: string
+ organization:
+ type: string
+ creationTimestamp:
+ format: date-time
+ type: string
+ updateTimestamp:
+ format: date-time
+ type: string
+ credentialId:
+ type: string
+ expiryDate:
+ format: date-time
+ type: string
+ identityAttributes:
+ items:
+ $ref: '#/components/schemas/IdentityAttribute'
+ type: array
+ required:
+ - organization
+ - participantType
+ type: object
+ IdentityAttributeWithOwnership:
+ example:
+ code: code
+ assignedToParticipant: true
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ properties:
+ id:
+ format: uuid
+ type: string
+ code:
+ type: string
+ name:
+ type: string
+ description:
+ type: string
+ assignableToRoles:
+ type: boolean
+ enabled:
+ type: boolean
+ creationTimestamp:
+ format: date-time
+ type: string
+ updateTimestamp:
+ format: date-time
+ type: string
+ participantTypes:
+ items:
+ type: string
+ type: array
+ uniqueItems: true
+ used:
+ readOnly: true
+ type: boolean
+ assignedToParticipant:
+ type: boolean
+ required:
+ - assignableToRoles
+ - code
+ - enabled
+ - name
+ type: object
+ Error:
+ properties:
+ error:
+ type: string
+ elementName:
+ type: string
+ type: object
+ IdentityAttribute:
+ example:
+ code: code
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ properties:
+ id:
+ format: uuid
+ type: string
+ code:
+ type: string
+ name:
+ type: string
+ description:
+ type: string
+ assignableToRoles:
+ type: boolean
+ enabled:
+ type: boolean
+ creationTimestamp:
+ format: date-time
+ type: string
+ updateTimestamp:
+ format: date-time
+ type: string
+ participantTypes:
+ items:
+ type: string
+ type: array
+ uniqueItems: true
+ used:
+ readOnly: true
+ type: boolean
+ required:
+ - assignableToRoles
+ - code
+ - enabled
+ - name
+ type: object
+ Role:
+ example:
+ assignedIdentityAttributes:
+ - assignedIdentityAttributes
+ - assignedIdentityAttributes
+ name: name
+ description: description
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ properties:
+ id:
+ format: uuid
+ type: string
+ name:
+ type: string
+ description:
+ type: string
+ assignedIdentityAttributes:
+ items:
+ type: string
+ type: array
+ required:
+ - id
+ - name
+ type: object
+ KeycloakRole:
+ example:
+ name: name
+ description: description
+ properties:
+ name:
+ type: string
+ description:
+ type: string
+ required:
+ - name
+ type: object
+ TierOneSession:
+ example:
+ jwt: jwt
+ properties:
+ jwt:
+ type: string
+ required:
+ - jwt
+ type: object
+ Participant:
+ example:
+ expiryDate: 2000-01-23T04:56:07.000+00:00
+ organization: organization
+ participantType: participantType
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ credentialId: credentialId
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ properties:
+ id:
+ format: uuid
+ type: string
+ participantType:
+ type: string
+ organization:
+ type: string
+ creationTimestamp:
+ format: date-time
+ type: string
+ updateTimestamp:
+ format: date-time
+ type: string
+ credentialId:
+ type: string
+ expiryDate:
+ format: date-time
+ type: string
+ required:
+ - organization
+ - participantType
+ type: object
+ ConnectionStatus:
+ enum:
+ - CONNECTED
+ - NOT_CONNECTED
+ type: string
+ MTLSStatus:
+ enum:
+ - SECURED
+ - NOT_SECURED
+ type: string
+ ParticipantWithIdentityAttributes:
+ example:
+ expiryDate: 2000-01-23T04:56:07.000+00:00
+ organization: organization
+ participantType: participantType
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ credentialId: credentialId
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ identityAttributes:
+ - code: code
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ - code: code
+ name: name
+ creationTimestamp: 2000-01-23T04:56:07.000+00:00
+ description: description
+ assignableToRoles: true
+ participantTypes:
+ - participantTypes
+ - participantTypes
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ used: true
+ enabled: true
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ updateTimestamp: 2000-01-23T04:56:07.000+00:00
+ properties:
+ id:
+ format: uuid
+ type: string
+ participantType:
+ type: string
+ organization:
+ type: string
+ creationTimestamp:
+ format: date-time
+ type: string
+ updateTimestamp:
+ format: date-time
+ type: string
+ credentialId:
+ type: string
+ expiryDate:
+ format: date-time
+ type: string
+ identityAttributes:
+ items:
+ $ref: '#/components/schemas/IdentityAttribute'
+ type: array
+ required:
+ - organization
+ - participantType
+ type: object
+ PageResponseRole:
+ example:
+ page:
+ number: 6
+ size: 0
+ totalPages: 5
+ totalElements: 1
+ content:
+ - assignedIdentityAttributes:
+ - assignedIdentityAttributes
+ - assignedIdentityAttributes
+ name: name
+ description: description
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ - assignedIdentityAttributes:
+ - assignedIdentityAttributes
+ - assignedIdentityAttributes
+ name: name
+ description: description
+ id: 046b6c7f-0b8a-43b9-b35d-6489e6daee91
+ empty: true
+ properties:
+ content:
+ items:
+ $ref: '#/components/schemas/Role'
+ type: array
+ page:
+ $ref: '#/components/schemas/PageMetadata'
+ empty:
+ type: boolean
+ type: object
+ PublicKey:
+ example:
+ publicKey: publicKey
+ properties:
+ publicKey:
+ type: string
+ type: object
+ ProblemDetail:
+ properties:
+ type:
+ format: uri
+ type: string
+ title:
+ type: string
+ status:
+ format: int32
+ type: integer
+ detail:
+ type: string
+ instance:
+ format: uri
+ type: string
+ properties:
+ additionalProperties:
+ type: object
+ type: object
+ type: object
+ searchRoles_filter_parameter:
+ properties:
+ name:
+ type: string
+ description:
+ type: string
+ attributeName:
+ type: string
+ type: object
+ uploadCredential_request:
+ properties:
+ credential:
+ format: binary
+ type: string
+ required:
+ - credential
+ type: object
+ searchIdentityAttributesWithOwnership_filter_parameter:
+ properties:
+ code:
+ type: string
+ participantTypeIn:
+ type: string
+ updateTimestampFrom:
+ format: date-time
+ type: string
+ assignedToParticipant:
+ type: boolean
+ name:
+ type: string
+ updateTimestampTo:
+ format: date-time
+ type: string
+ enabled:
+ type: boolean
+ participantTypeNotIn:
+ type: string
+ type: object
+ securitySchemes:
+ oauth2AuthCode:
+ flows:
+ authorizationCode:
+ authorizationUrl: ""
+ scopes: {}
+ tokenUrl: ""
+ type: oauth2
+ oauth2ClientCredentials:
+ flows:
+ clientCredentials:
+ scopes: {}
+ tokenUrl: ""
+ type: oauth2