diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
index fb429d2e80..0163fa0c18 100644
--- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
+++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml
@@ -1,8 +1,7 @@
openapi: 3.0.0
info:
description: >
- This document specifies an **Application Management RESTful API** for **WSO2
- Identity Server**.
+ This document specifies an **Application Management RESTful API** for **WSO2 Identity Server**.
version: "v1"
title: WSO2 Identity Server - Application Management Rest API
termsOfService: 'http://swagger.io/terms/'
@@ -13,7 +12,6 @@ info:
license:
name: Apache 2.0
url: 'http://www.apache.org/licenses/LICENSE-2.0.html'
-
security:
- OAuth2: []
- BasicAuth: []
@@ -24,13 +22,10 @@ paths:
- Applications
operationId: getAllApplications
summary: |
- List applications
+ List applications.
description: |
- This API provides the capability to retrieve the list of applications.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve the list of applications.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- $ref: '#/components/parameters/limitQueryParam'
- $ref: '#/components/parameters/offsetQueryParam'
@@ -78,15 +73,11 @@ paths:
tags:
- Applications
summary: |
- Add application
+ Add application.
operationId: createApplication
description: >
- This API provides the capability to store the application information
- that is provided by users.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create
+ This API provides the capability to store the application information that is provided by users.
+ Scope(Permission) required: `internal_application_mgt_create`
parameters:
- in: query
name: template
@@ -143,15 +134,12 @@ paths:
tags:
- Applications
summary: |
- Create application from an exported XML file
+ Create application from an exported XML, YAML, or JSON file.
operationId: importApplication
description: >
- This API provides the capability to store the application information,
- provided as a file.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create
+ This API provides the capability to create an application based on the
+ information provided in an XML, YAML, or JSON file.
+ Scope(Permission) required: `internal_application_mgt_create`
requestBody:
content:
multipart/form-data:
@@ -192,14 +180,12 @@ paths:
tags:
- Applications
summary: |
- Update application from an exported XML file
+ Update application from an exported XML, YAML, or JSON file.
operationId: importApplicationForUpdate
description: >
- This API provides the capability to update an application from information that has been exported as an XML file.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to update an application based on the
+ information provided in an XML, YAML, or JSON file.
+ Scope(Permission) required: `internal_application_mgt_update`
requestBody:
content:
multipart/form-data:
@@ -242,20 +228,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
- '/applications/{applicationId}':
+ /applications/{applicationId}:
get:
tags:
- Applications
summary: |
- Retrieve application by ID
+ Retrieve application by ID.
operationId: getApplication
description: >
- This API provides the capability to retrieve the application information
- by ID.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve the application information by ID.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- name: applicationId
in: path
@@ -301,19 +283,15 @@ paths:
application/xml:
schema:
$ref: '#/components/schemas/Error'
-
patch:
tags:
- Applications
summary: |
- Partially update application by ID
+ Partially update application by ID.
operationId: patchApplication
description: |
- This API provides the capability to partially update an application by ID.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to partially update an application by ID.
+ Scope(Permission) required: `internal_application_mgt_update`
parameters:
- name: applicationId
in: path
@@ -357,14 +335,11 @@ paths:
tags:
- Applications
summary: |
- Delete application by ID
+ Delete application by ID.
operationId: deleteApplication
description: |
This API provides the capability to delete an application by ID.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete
+ Scope(Permission) required: `internal_application_mgt_delete`
parameters:
- name: applicationId
in: path
@@ -403,13 +378,10 @@ paths:
- Applications
operationId: exportApplication
summary: |
- Export application as an XML file
+ Export application as an XML file.
description: |
- This API provides the capability to retrieve the application as an XML file.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve the application as an XML file.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- name: applicationId
in: path
@@ -455,11 +427,8 @@ paths:
summary: |
Export application in XML, YAML, or JSON file formats.
description: |
- This API provides the capability to retrieve the application in XML, YAML, or JSON format.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve the application in XML, YAML, or JSON format.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- name: applicationId
in: path
@@ -517,13 +486,10 @@ paths:
- Applications
operationId: changeApplicationOwner
summary: |
- Change application owner
+ Change application owner.
description: |
- This API provides the capability to change the application owner.
- Permission required:
- * /permission/admin
- Scope required:
- * internal_organization_admin
+ This API provides the capability to change the application owner.
+ Scope(Permission) required: `internal_organization_admin`
parameters:
- name: applicationId
in: path
@@ -566,14 +532,11 @@ paths:
tags:
- Authenticators
summary: |
- Get configured authenticators
+ Get configured authenticators.
operationId: getConfiguredAuthenticators
description: |
- This API provides the capability to retrieve the configured authenticators.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve the configured authenticators.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- name: applicationId
in: path
@@ -612,7 +575,6 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
/applications/{applicationId}/authorized-apis:
get:
tags:
@@ -621,11 +583,8 @@ paths:
Get authorized APIs of the application.
operationId: getAuthorizedAPIs
description: |
- This API provides the capability to retrieve all the authorized APIs of the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve all the authorized APIs of the application.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- name: applicationId
in: path
@@ -658,14 +617,11 @@ paths:
tags:
- Authorized APIs
summary: |
- Authorized an API to the application
+ Authorized an API to the application.
operationId: addAuthorizedAPI
description: |
- This API provides the capability to authorized an API to the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to authorized an API to the application.
+ Scope(Permission) required: `internal_application_mgt_update`
parameters:
- name: applicationId
in: path
@@ -699,21 +655,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
-
/applications/{applicationId}/authorized-apis/{apiId}:
patch:
tags:
- Authorized APIs
summary: |
- Update authorized API scopes
+ Update authorized API scopes.
operationId: patchAuthorizedAPI
description: |
- This API provides the capability to update an authorized API of the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to update an authorized API of the application.
+ Scope(Permission) required: `internal_application_mgt_update`
parameters:
- name: applicationId
in: path
@@ -753,19 +704,15 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
delete:
tags:
- Authorized APIs
summary: |
- Remove API authorization from the application
+ Remove API authorization from the application.
operationId: deleteAuthorizedAPI
description: |
- This API provides the capability to delete an authorized API of the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to delete an authorized API of the application.
+ Scope(Permission) required: `internal_application_mgt_update`
parameters:
- name: applicationId
in: path
@@ -792,22 +739,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
-
/applications/resident:
get:
tags:
- Resident Application
summary: |
- Get Resident application
+ Get resident application.
operationId: getResidentApplication
description: |
- This API provides the capability to retrieve the resident application information.
-
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve the resident application information.
+ Scope(Permission) required: `internal_application_mgt_view`
responses:
'200':
description: OK
@@ -841,14 +782,11 @@ paths:
tags:
- Resident Application
summary: |
- Update Resident Application
+ Update resident application.
operationId: updateResidentApplication
description: >
- This API provides the capability to update the Resident Application Configuration.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to update the resident application configuration.
+ Scope(Permission) required: `internal_application_mgt_update`
responses:
'200':
description: Successful
@@ -898,20 +836,16 @@ paths:
This represents the provisioning configuration of the resident
application.
required: true
- '/applications/{applicationId}/inbound-protocols/':
+ /applications/{applicationId}/inbound-protocols/:
get:
tags:
- Inbound Protocols
summary: |
- Retrieve inbound protocol configurations of the application
+ Retrieve inbound protocol configurations.
operationId: getInboundAuthenticationConfigurations
description: >
- This API provides the capability to retrieve authentication protocol
- configurations of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve authentication protocol configurations of an application.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- name: applicationId
in: path
@@ -948,20 +882,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
- '/applications/{applicationId}/inbound-protocols/saml':
+ /applications/{applicationId}/inbound-protocols/saml:
get:
tags:
- Inbound Protocols - SAML
summary: |
- Retrieve SAML2 authentication protocol parameters of application
+ Retrieve SAML2 authentication protocol parameters.
operationId: getInboundSAMLConfiguration
description: >
- This API provides the capability to retrieve SAML2 authentication
- protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve SAML2 authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- name: applicationId
in: path
@@ -998,20 +928,15 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
put:
tags:
- Inbound Protocols - SAML
summary: |
- Update SAML2 authentication protocol parameters of application
+ Update SAML2 authentication protocol parameters.
operationId: updateInboundSAMLConfiguration
description: >
- This API provides the capability to store SAML2 authentication protocol
- parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to store SAML2 authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update`
- There are three methods to create/update SAML2 authentication protocol configuration.
1. Metadata File (by sending the Base64 encoded content of the metadata file.)
@@ -1073,15 +998,11 @@ paths:
tags:
- Inbound Protocols - SAML
summary: |
- Delete SAML2 authentication protocol parameters of application
+ Delete SAML2 authentication protocol parameters.
operationId: deleteInboundSAMLConfiguration
description: >
- This API provides the capability to delete SAML2 authentication protocol
- parameters of an application.
- Permissi on required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete
+ This API provides the capability to delete SAML2 authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_delete`
parameters:
- name: applicationId
in: path
@@ -1114,21 +1035,15 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
-
- '/applications/{applicationId}/inbound-protocols/oidc':
+ /applications/{applicationId}/inbound-protocols/oidc:
get:
tags:
- Inbound Protocols - OAuth / OIDC
summary: |
- Retrieve OIDC authentication protocol parameters of application
+ Retrieve OIDC authentication protocol parameters.
description: >
- This API provides the capability to retrieve OIDC authentication
- protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve OIDC authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getInboundOAuthConfiguration
parameters:
- name: applicationId
@@ -1170,14 +1085,10 @@ paths:
tags:
- Inbound Protocols - OAuth / OIDC
summary: |
- Update OIDC authentication protocol parameters of application
+ Update OIDC authentication protocol parameters.
description: >
- This API provides the capability to store OIDC authentication protocol
- parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to store OIDC authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update`
operationId: updateInboundOAuthConfiguration
parameters:
- name: applicationId
@@ -1237,14 +1148,10 @@ paths:
tags:
- Inbound Protocols - OAuth / OIDC
summary: |
- Delete OIDC authentication protocol parameters of application
+ Delete OIDC authentication protocol parameters.
description: >
- This API provides the capability to delete OIDC authentication protocol
- parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete
+ This API provides the capability to delete OIDC authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_delete`
operationId: deleteInboundOAuthConfiguration
parameters:
- name: applicationId
@@ -1278,20 +1185,15 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
-
- '/applications/{applicationId}/inbound-protocols/oidc/regenerate-secret':
+ /applications/{applicationId}/inbound-protocols/oidc/regenerate-secret:
post:
tags:
- Inbound Protocols - OAuth / OIDC
summary: |
- Regenerate the OAuth2/OIDC client secret of application
+ Regenerate the OAuth2/OIDC client secret.
description: |
This API regenerates the OAuth2/OIDC client secret.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create
+ Scope(Permission) required: `internal_application_mgt_create`
operationId: regenerateOAuthClientSecret
parameters:
- name: applicationId
@@ -1329,19 +1231,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/{applicationId}/inbound-protocols/oidc/revoke':
+ /applications/{applicationId}/inbound-protocols/oidc/revoke:
post:
tags:
- Inbound Protocols - OAuth / OIDC
summary: |
- Revoke the OAuth2/OIDC client of application
+ Revoke the OAuth2/OIDC client of application.
description: |
- This API revokes the OAuth2/OIDC client secret. To re-activate the client, the client secret needs to be regenerated.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create
+ This API revokes the OAuth2/OIDC client secret.
+ To re-activate the client, the client secret needs to be regenerated.
+ Scope(Permission) required: `internal_application_mgt_create`
operationId: revokeOAuthClient
parameters:
- name: applicationId
@@ -1375,20 +1274,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/{applicationId}/inbound-protocols/passive-sts':
+ /applications/{applicationId}/inbound-protocols/passive-sts:
get:
tags:
- Inbound Protocols - Passive STS
summary: >
- Retrieve Passive STS authentication protocol parameters of application
+ Retrieve Passive STS authentication protocol parameters.
description: >
This API provides the capability to retrieve Passive STS authentication
protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getPassiveStsConfiguration
parameters:
- name: applicationId
@@ -1426,19 +1321,14 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
put:
tags:
- Inbound Protocols - Passive STS
summary: |
- Update Passive STS authentication protocol parameters of application
+ Update Passive STS authentication protocol parameters.
description: >
- This API provides the capability to store passive STS authentication
- protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to store passive STS authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update`
operationId: updatePassiveStsConfiguration
parameters:
- name: applicationId
@@ -1487,7 +1377,6 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
requestBody:
content:
application/json:
@@ -1501,14 +1390,11 @@ paths:
tags:
- Inbound Protocols - Passive STS
summary: |
- Delete Passive STS authentication protocol parameters of application
+ Delete Passive STS authentication protocol parameters.
description: >
This API provides the capability to delete Passive STS authentication
protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete
+ Scope(Permission) required: `internal_application_mgt_delete`
operationId: deletePassiveStsConfiguration
parameters:
- name: applicationId
@@ -1542,20 +1428,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/{applicationId}/inbound-protocols/ws-trust':
+ /applications/{applicationId}/inbound-protocols/ws-trust:
get:
tags:
- Inbound Protocols - WS Trust
summary: |
- Retrieve WS Trust authentication protocol parameters of application
+ Retrieve WS Trust authentication protocol parameters.
description: >
This API provides the capability to retrieve Passive STS authentication
protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getWSTrustConfiguration
parameters:
- name: applicationId
@@ -1593,19 +1475,14 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
put:
tags:
- Inbound Protocols - WS Trust
summary: |
- Update WS Trust authentication protocol parameters of application
+ Update WS Trust authentication protocol parameters.
description: >
- This API provides the capability to store WS Trust authentication
- protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to store WS Trust authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update`
operationId: updateWSTrustConfiguration
parameters:
- name: applicationId
@@ -1654,7 +1531,6 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
requestBody:
content:
application/json:
@@ -1668,14 +1544,10 @@ paths:
tags:
- Inbound Protocols - WS Trust
summary: |
- Delete WS Trust authentication protocol parameters of application
+ Delete WS Trust authentication protocol parameters.
description: >
- This API provides the capability to delete WS Trust authentication
- protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete
+ This API provides the capability to delete WS Trust authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_delete`
operationId: deleteWSTrustConfiguration
parameters:
- name: applicationId
@@ -1709,20 +1581,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/{applicationId}/inbound-protocols/{inboundProtocolId}':
+ /applications/{applicationId}/inbound-protocols/{inboundProtocolId}:
get:
tags:
- Inbound Protocols - Custom
summary: >
- Retrieve custom Inbound authentication protocol parameters of application.
+ Retrieve custom inbound authentication protocol parameters.
description: >
This API provides the capability to retrieve custom inbound
authentication protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getCustomInboundConfiguration
parameters:
- name: applicationId
@@ -1770,14 +1638,11 @@ paths:
tags:
- Inbound Protocols - Custom
summary: |
- Update the custom inbound authentication protocol parameters of application
+ Update the custom inbound authentication protocol parameters.
description: >
- This API provides the capability to store custom inbound authentication protocol parameters of an application.
-
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update
+ This API provides the capability to store custom inbound authentication
+ protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update`
operationId: updateCustomInboundConfiguration
parameters:
- name: applicationId
@@ -1845,13 +1710,10 @@ paths:
tags:
- Inbound Protocols - Custom
summary: >
- Delete custom inbound authentication protocol parameters of application
+ Delete custom inbound authentication protocol parameters.
description: >
This API provides the capability to delete custom inbound authentication protocol of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete
+ Scope(Permission) required: `internal_application_mgt_delete`
operationId: deleteCustomInboundConfiguration
parameters:
- name: applicationId
@@ -1891,21 +1753,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/meta/inbound-protocols':
+ /applications/meta/inbound-protocols:
get:
tags:
- Application Metadata
summary: |
- Retrieve the list of inbound authentication protocols available
+ Retrieve the list of inbound authentication protocols available.
description: >
This API provides the capability to retrieve the list of inbound authentication protocols available.
- If the query parameter 'customOnly' is set to true, only custom inbound protocols will be listed.
-
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ If the query parameter 'customOnly' is set to true, only custom inbound protocols will be listed.
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getInboundProtocols
parameters:
- $ref: '#/components/parameters/inboundProtocolsCustomOnly'
@@ -1937,19 +1794,15 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/meta/inbound-protocols/saml':
+ /applications/meta/inbound-protocols/saml:
get:
tags:
- Application Metadata
summary: |
- Retrieve all the metadata related to the auth protocol SAML
+ Retrieve all the metadata related to the auth protocol SAML.
description: >
This API provides the capability to retrieve all the metadata related to the auth protocol SAML.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getSAMLMetadata
responses:
'200':
@@ -1982,19 +1835,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/meta/inbound-protocols/oidc':
+ /applications/meta/inbound-protocols/oidc:
get:
tags:
- Application Metadata
summary: |
- Retrieve all the metadata related to the authentication protocol OAuth / OIDC
+ Retrieve all the metadata related to the authentication protocol OAuth / OIDC.
description: >
- This API provides the capability to retrieve all the metadata related to the authentication protocol OAuth / OIDC.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ This API provides the capability to retrieve all the metadata related
+ to the authentication protocol OAuth / OIDC.
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getOIDCMetadata
responses:
'200':
@@ -2019,19 +1869,15 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/meta/inbound-protocols/ws-trust':
+ /applications/meta/inbound-protocols/ws-trust:
get:
tags:
- Application Metadata
summary: |
- Retrieve all the metadata related to the auth protocol WS Trust
+ Retrieve all the metadata related to the auth protocol WS Trust.
description: >
This API provides the capability to retrieve all the metadata related to the auth protocol WS_Trust.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getWSTrustMetadata
responses:
'200':
@@ -2056,20 +1902,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/meta/inbound-protocols/{inboundProtocolId}':
+ /applications/meta/inbound-protocols/{inboundProtocolId}:
get:
tags:
- Application Metadata
summary: |
- Retrieve all the metadata related to the custom auth protocol identified by the inboundProtocolId
+ Retrieve all the metadata related to the custom auth protocol identified by the inboundProtocolId.
description: >
This API provides the capability to retrieve all the metadata related to the custom auth protocol
- identified by the inboundProtocolId. The URL encoded inbound protocol name is used as inboundProtocolId.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ identified by the inboundProtocolId. The URL encoded inbound protocol name is used as inboundProtocolId.
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getCustomProtocolMetadata
parameters:
- name: inboundProtocolId
@@ -2101,19 +1943,15 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
- '/applications/meta/adaptive-auth-templates':
+ /applications/meta/adaptive-auth-templates:
get:
tags:
- Application Metadata
summary: |
- Retrieve the sample adaptive authentication templates.
+ Retrieve adaptive authentication sample templates.
description: >
This API provides the capability to retrieve the sample adaptive authentication templates.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view
+ Scope(Permission) required: `internal_application_mgt_view`
operationId: getAdaptiveAuthTemplates
responses:
'200':
@@ -2138,16 +1976,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
/applications/templates:
get:
tags:
- Application Templates
operationId: getAllApplicationTemplates
summary: |
- List Application Templates
+ List application templates.
description: |
- This API provides the capability to retrieve the list of templates available.
+ This API provides the capability to retrieve the list of templates available.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- $ref: '#/components/parameters/limitWithoutDefaultQueryParam'
- $ref: '#/components/parameters/offsetWithoutDefaultQueryParam'
@@ -2191,10 +2029,11 @@ paths:
tags:
- Application Templates
summary: |
- Add application template
+ Add application template.
operationId: createApplicationTemplate
description: >
- This API provides the capability to store the application template provided by users.
+ This API provides the capability to store the application template provided by users.
+ Scope(Permission) required: `internal_application_mgt_create`
requestBody:
content:
application/json:
@@ -2239,16 +2078,16 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
/applications/templates/{template-id}:
get:
tags:
- Application Templates
summary: |
- Retrieve application template by ID
+ Retrieve application template by ID.
operationId: getApplicationTemplate
description: >
- This API provides the capability to retrieve the application template from the template id.
+ This API provides the capability to retrieve the application template from the template id.
+ Scope(Permission) required: `internal_application_mgt_view`
parameters:
- $ref: '#/components/parameters/templateIdPathParam'
responses:
@@ -2289,7 +2128,6 @@ paths:
application/xml:
schema:
$ref: '#/components/schemas/Error'
-
put:
tags:
- Application Templates
@@ -2297,7 +2135,8 @@ paths:
Update the application template by the template ID.
operationId: updateApplicationTemplate
description: |
- This API provides the capability to update an application template by the template ID.
+ This API provides the capability to update an application template by the template ID.
+ Scope(Permission) required: `internal_application_mgt_update`
parameters:
- $ref: '#/components/parameters/templateIdPathParam'
requestBody:
@@ -2345,7 +2184,8 @@ paths:
Delete application template by template ID.
operationId: deleteApplicationTemplate
description: |
- This API provides the capability to delete an application template by template ID.
+ This API provides the capability to delete an application template by template ID.
+ Scope(Permission) required: `internal_application_mgt_delete`
parameters:
- $ref: '#/components/parameters/templateIdPathParam'
responses:
@@ -2376,16 +2216,13 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/Error'
-
/applications/{applicationId}/share:
post:
summary: |
- Share the application from the root organization to the given organization.
+ Share the application from the root organization to the given organization(s).
description: |
- This API provides the capability to share an application with organizations.
-
- Scope required:
- * internal_shared_application_create
+ This API provides the capability to share an application with organizations.
+ Scope(Permission) required: `internal_shared_application_create`
operationId: shareOrgApplication
parameters:
- name: applicationId
@@ -2427,15 +2264,13 @@ paths:
schema:
$ref: '#/components/schemas/Error'
tags:
- - Organization Application Sharing
+ - Application Sharing
get:
summary: |
List of organizations that the application is shared to.
description: |
- This API returns the list of organizations that the application is shared to.
-
- Scope required:
- * internal_shared_application_view
+ This API returns the list of organizations that the application is shared to.
+ Scope(Permission) required: `internal_shared_application_view`
operationId: shareOrgApplicationGet
parameters:
- name: applicationId
@@ -2474,16 +2309,14 @@ paths:
schema:
$ref: '#/components/schemas/Error'
tags:
- - Organization Application Sharing
+ - Application Sharing
/applications/{applicationId}/shared-apps:
get:
summary: |
List of shared applications along with its organization.
description: |
- This API returns the list of shared app ids along with the shared organization id.
-
- Scope required:
- * internal_shared_application_view
+ This API returns the list of shared app ids along with the shared organization id.
+ Scope(Permission) required: `internal_shared_application_view`
operationId: sharedApplicationsGet
parameters:
- name: applicationId
@@ -2522,13 +2355,12 @@ paths:
schema:
$ref: '#/components/schemas/Error'
tags:
- - Organization Application Sharing
+ - Application Sharing
delete:
description: |
- This API provides the capability to stop sharing an application to all organizations the application is shared to.
-
- Scope required:
- * internal_shared_application_delete
+ This API provides the capability to stop sharing an application to all organizations
+ the application is shared to.
+ Scope(Permission) required: `internal_shared_application_delete`
summary: |
Stop sharing an application with all organizations.
operationId: sharedApplicationsAllDelete
@@ -2565,14 +2397,12 @@ paths:
schema:
$ref: '#/components/schemas/Error'
tags:
- - Organization Application Sharing
+ - Application Sharing
/applications/{applicationId}/share/{shared-organization-id}:
delete:
description: |
- This API provides the capability to stop sharing an application to an organization by providing its ID.
-
- Scope required:
- * internal_shared_application_delete
+ This API provides the capability to stop sharing an application to an organization by providing its ID.
+ Scope(Permission) required: `internal_shared_application_delete`
summary: |
Stop sharing an application to a organization.
operationId: shareOrgApplicationDelete
@@ -2615,8 +2445,7 @@ paths:
schema:
$ref: '#/components/schemas/Error'
tags:
- - Organization Application Sharing
-
+ - Application Sharing
components:
parameters:
limitQueryParam:
@@ -2661,8 +2490,8 @@ components:
description: |
Condition to filter the retrieval of records.
Supports 'sw', 'co', 'ew', and 'eq' operations with 'and', 'or' logical operators.
- Please note that 'and' and 'or' operators in filters follow the general precedence of logical operators
- ex: A and B or C and D = (A and B) or (C and D)).
+ Note that 'and' and 'or' operators in filters follow the general precedence of logical operators.
+ For example, A and B or C and D = (A and B) or (C and D)).
Currently supports only filtering based on the 'name', the 'clientId', and the 'issuer' attributes.
/applications?filter=name+eq+user_portal
@@ -2697,9 +2526,11 @@ components:
required: false
description: |
Specifies the required parameters in the response.
- Currently supports for only 'advancedConfigurations', 'templateId', 'templateVersion', 'clientId', 'issuer', 'applicationEnabled' and 'associatedRoles.allowedAudience' attributes.
+ Only 'advancedConfigurations', 'templateId', 'templateVersion', 'clientId', 'issuer',
+ and 'associatedRoles.allowedAudience' attributes are currently supported.
- /applications?attributes=advancedConfigurations,templateId,templateVersion,clientId,applicationEnabled,associatedRoles.allowedAudience
+ /applications?attributes=advancedConfigurations,templateId,templateVersion,clientId,issuer,
+ associatedRoles.allowedAudience
schema:
type: string
excludeSystemPortalsQueryParam:
@@ -2764,7 +2595,7 @@ components:
flows:
authorizationCode:
authorizationUrl: 'https://localhost:9443/oauth2/authorize'
- tokenUrl: 'http://localhost:9763/oauth2/token'
+ tokenUrl: 'http://localhost:9443/oauth2/token'
scopes: {}
schemas:
Link:
@@ -2776,7 +2607,6 @@ components:
rel:
type: string
example: "next"
-
ApplicationListResponse:
type: object
properties:
@@ -2800,7 +2630,6 @@ components:
type: array
items:
$ref: '#/components/schemas/Link'
-
ApplicationListItem:
type: object
properties:
@@ -2986,7 +2815,6 @@ components:
- READ
- WRITE
default: READ
-
ApplicationPatchModel:
type: object
properties:
@@ -3013,7 +2841,7 @@ components:
example: "adwefi2429asdfdf94444rraf44"
templateVersion:
type: string
- example: "v1.0.0"
+ example: "v1.0.1"
description: Version of the template used to create the application.
applicationEnabled:
type: boolean
@@ -3029,13 +2857,11 @@ components:
$ref: '#/components/schemas/AdvancedApplicationConfiguration'
provisioningConfigurations:
$ref: '#/components/schemas/ProvisioningConfiguration'
-
ResidentApplication:
type: object
properties:
provisioningConfigurations:
$ref: '#/components/schemas/ProvisioningConfiguration'
-
ProvisioningConfiguration:
type: object
properties:
@@ -3057,7 +2883,6 @@ components:
description: >-
This property becomes only applicable if the proxy-mode config is
set to false
-
OutboundProvisioningConfiguration:
type: object
properties:
@@ -3097,10 +2922,10 @@ components:
properties:
name:
type: string
- example: googleIdP
+ example: sampleIdP
type:
type: string
- example: GoogleAuthenticator
+ example: SampleAuthenticator
AdvancedApplicationConfiguration:
type: object
properties:
@@ -3125,7 +2950,7 @@ components:
useExternalConsentPage:
type: boolean
example: false
- description: Decides whether user needs to use external consent page.
+ description: Decides whether users should be presented with an external consent page.
returnAuthenticatedIdpList:
type: boolean
example: false
@@ -3167,6 +2992,7 @@ components:
$ref: '#/components/schemas/AdditionalProperties'
AdditionalProperties:
type: array
+ description: Denotes additional properties of the application. It is only supported by getApplication and getAllApplications request.
items:
$ref: "#/components/schemas/AdditionalSpProperty"
AdditionalSpProperty:
@@ -3238,12 +3064,10 @@ components:
type: array
items:
$ref: '#/components/schemas/CustomInboundProtocolConfiguration'
-
InboundProtocolsListResponse:
type: array
items:
$ref: '#/components/schemas/InboundProtocolListItem'
-
InboundProtocolListItem:
type: object
required:
@@ -3259,8 +3083,7 @@ components:
example: "SAML2 Inbound"
self:
type: string
- example: "/t/carbon.super/api/server/v1/applications/29048810-1447-4ea0-a348-30d15ab65fa3/inbound-protocols/saml"
-
+ example: "/api/server/v1/applications/29048810-1447-4ea0-a348-30d15ab65fa3/inbound-protocols/saml"
ClaimConfiguration:
type: object
properties:
@@ -3392,7 +3215,6 @@ components:
type: string
example: Username
readOnly: true
-
SAML2Configuration:
type: object
properties:
@@ -3404,7 +3226,6 @@ components:
example: 'https://example.com/samlsso/meta'
manualConfiguration:
$ref: '#/components/schemas/SAML2ServiceProvider'
-
SingleSignOnProfile:
type: object
properties:
@@ -3416,23 +3237,18 @@ components:
- HTTP_POST
- HTTP_REDIRECT
- ARTIFACT
-
enableSignatureValidationForArtifactBinding:
type: boolean
description: Enables Signature validation for SAML Artifact Binding. Applicable only if SAML Artifact binding is enabled through the bindings option.
default: false
-
attributeConsumingServiceIndex:
type: string
readOnly: true
-
enableIdpInitiatedSingleSignOn:
type: boolean
default: false
-
assertion:
$ref: '#/components/schemas/SAMLAssertionConfiguration'
-
SAMLAttributeProfile:
type: object
properties:
@@ -3442,7 +3258,6 @@ components:
alwaysIncludeAttributesInResponse:
type: boolean
default: false
-
SingleLogoutProfile:
type: object
properties:
@@ -3463,7 +3278,6 @@ components:
- FRONTCHANNEL_HTTP_POST
idpInitiatedSingleLogout:
$ref: '#/components/schemas/IdpInitiatedSingleLogout'
-
IdpInitiatedSingleLogout:
type: object
properties:
@@ -3474,7 +3288,6 @@ components:
type: array
items:
type: string
-
SAMLAssertionConfiguration:
type: object
properties:
@@ -3482,7 +3295,6 @@ components:
type: string
default: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
example: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
-
audiences:
type: array
description: Additional audience values to be added to the SAML Assertions
@@ -3490,7 +3302,6 @@ components:
- 'https://app.example.com/saml'
items:
type: string
-
recipients:
type: array
description: Additional recipient values to be added to the SAML Assertions
@@ -3498,14 +3309,12 @@ components:
- 'https://app.example.com/saml'
items:
type: string
-
digestAlgorithm:
type: string
default: "http://www.w3.org/2000/09/xmldsig#sha1"
example: "http://www.w3.org/2000/09/xmldsig#sha1"
encryption:
$ref: '#/components/schemas/AssertionEncryptionConfiguration'
-
AssertionEncryptionConfiguration:
type: object
properties:
@@ -3518,7 +3327,6 @@ components:
keyEncryptionAlgorithm:
type: string
default: "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
-
SAMLRequestValidation:
type: object
properties:
@@ -3527,7 +3335,6 @@ components:
default: true
signatureValidationCertAlias:
type: string
-
SAMLResponseSigning:
type: object
properties:
@@ -3536,13 +3343,11 @@ components:
default: true
signingAlgorithm:
type: string
-
SAML2ServiceProvider:
type: object
required:
- issuer
- assertionConsumerUrls
-
properties:
issuer:
type: string
@@ -3559,26 +3364,19 @@ components:
idpEntityIdAlias:
type: string
description: "Default value is the IdP Entity ID value specified in Resident IdP."
-
singleSignOnProfile:
$ref: '#/components/schemas/SingleSignOnProfile'
-
attributeProfile:
$ref: '#/components/schemas/SAMLAttributeProfile'
-
singleLogoutProfile:
$ref: '#/components/schemas/SingleLogoutProfile'
-
requestValidation:
$ref: '#/components/schemas/SAMLRequestValidation'
-
responseSigning:
$ref: '#/components/schemas/SAMLResponseSigning'
-
enableAssertionQueryProfile:
type: boolean
default: false
-
OpenIDConnectConfiguration:
type: object
required:
@@ -3904,7 +3702,6 @@ components:
type: integer
default: 1
example: 1
-
AuthenticationStepModel:
type: object
required:
@@ -3932,7 +3729,6 @@ components:
authenticator:
type: string
example: basic
-
AuthProtocolMetadata:
type: object
properties:
@@ -4112,14 +3908,12 @@ components:
isConfidential:
type: boolean
default: false
-
AdaptiveAuthTemplates:
type: object
properties:
templatesJSON:
type: string
example: 'Adaptive Auth Templates JSON'
-
FileUpload:
type: object
properties:
@@ -4134,7 +3928,6 @@ components:
type: array
items:
$ref: '#/components/schemas/ApplicationTemplatesListItem'
-
ApplicationTemplatesListItem:
type: object
properties:
@@ -4173,7 +3966,6 @@ components:
self:
type: string
example: "/t/wso2.com/api/server/v1/applications/templates/85e3f4b8-0d22-4181-b1e3-1651f71b88bd"
-
ApplicationTemplateModel:
type: object
properties:
@@ -4223,13 +4015,12 @@ components:
example: "85e3f4b8-0d22-4181-b1e3-1651f71b88bd"
required:
- id
-
AuthorizedAPIResponse:
type: object
properties:
id:
type: string
- example: 012df-232gf-545fg-dff23
+ example: 65b52595-9ca1-4539-aca2-56178643c58b
identifier:
type: string
example: https://greetings.io/v1/greet
@@ -4241,31 +4032,29 @@ components:
example: RBAC
type:
type: string
- example: TENANT_ADMIN
+ example: BUSINESS
authorizedScopes:
type: array
items:
$ref: '#/components/schemas/AuthorizedScope'
-
AuthorizedScope:
type: object
properties:
id:
type: string
- example: 012df-232gf-545fg-dff23
+ example: 65b52595-9ca1-4539-aca2-56178643c58b
name:
type: string
example: bookings:read
displayName:
type: string
example: Read Bookings
-
AuthorizedAPICreationModel:
type: object
properties:
id :
type: string
- example: 012df-232gf-545fg-dff23
+ example: 65b52595-9ca1-4539-aca2-56178643c58b
policyIdentifier:
type: string
example: RBAC
@@ -4274,7 +4063,6 @@ components:
items:
type: string
example: bookings:read
-
AuthorizedAPIPatchModel:
type: object
properties:
@@ -4282,13 +4070,27 @@ components:
type: array
items:
type: string
- example: bookings:edit
+ example: bookings:write
removedScopes:
type: array
items:
type: string
- example: bookings:view
-
+ example: bookings:read
+ Error:
+ type: object
+ properties:
+ code:
+ type: string
+ example: AAA-00000
+ message:
+ type: string
+ example: Some error message.
+ description:
+ type: string
+ example: Some error description.
+ traceId:
+ type: string
+ example: e0fbcfeb-3617-43c4-8dd0-7b7d38e13047
ApplicationSharePOSTRequest:
type: object
properties:
@@ -4299,6 +4101,9 @@ components:
type: array
items:
type: string
+ example:
+ - 682edf68-4835-4bb8-961f-0a16bc6cc866
+ - ghfbctgf-4318-46d4-8ee1-7t3s38e23098
SharedOrganizationsResponse:
type: object
properties:
@@ -4345,23 +4150,6 @@ components:
ref:
type: string
example: '/t/wso2.com/api/server/v1/organizations/b4526d91-a8bf-43d2-8b14-c548cf73065b'
-
- Error:
- type: object
- properties:
- code:
- type: string
- example: AAA-00000
- message:
- type: string
- example: Some error message.
- description:
- type: string
- example: Some error description.
- traceId:
- type: string
- example: e0fbcfeb-3617-43c4-8dd0-7b7d38e13047
-
servers:
- url: 'https://{server-url}/t/{tenant-domain}/api/server/v1'
variables: