From e89927e06e68a6cdd82a6a5603262eb622548ad0 Mon Sep 17 00:00:00 2001 From: Hasini Samarathunga Date: Thu, 19 Dec 2024 15:38:27 +0530 Subject: [PATCH] Update Applications yaml definition to match IS docs --- .../src/main/resources/applications.yaml | 610 ++++++------------ 1 file changed, 199 insertions(+), 411 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index fb429d2e80..0163fa0c18 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -1,8 +1,7 @@ openapi: 3.0.0 info: description: > - This document specifies an **Application Management RESTful API** for **WSO2 - Identity Server**. + This document specifies an **Application Management RESTful API** for **WSO2 Identity Server**. version: "v1" title: WSO2 Identity Server - Application Management Rest API termsOfService: 'http://swagger.io/terms/' @@ -13,7 +12,6 @@ info: license: name: Apache 2.0 url: 'http://www.apache.org/licenses/LICENSE-2.0.html' - security: - OAuth2: [] - BasicAuth: [] @@ -24,13 +22,10 @@ paths: - Applications operationId: getAllApplications summary: | - List applications + List applications. description: | - This API provides the capability to retrieve the list of applications.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve the list of applications.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - $ref: '#/components/parameters/limitQueryParam' - $ref: '#/components/parameters/offsetQueryParam' @@ -78,15 +73,11 @@ paths: tags: - Applications summary: | - Add application + Add application. operationId: createApplication description: > - This API provides the capability to store the application information - that is provided by users.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create + This API provides the capability to store the application information that is provided by users.
+ Scope(Permission) required: `internal_application_mgt_create` parameters: - in: query name: template @@ -143,15 +134,12 @@ paths: tags: - Applications summary: | - Create application from an exported XML file + Create application from an exported XML, YAML, or JSON file. operationId: importApplication description: > - This API provides the capability to store the application information, - provided as a file.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create + This API provides the capability to create an application based on the + information provided in an XML, YAML, or JSON file.
+ Scope(Permission) required: `internal_application_mgt_create` requestBody: content: multipart/form-data: @@ -192,14 +180,12 @@ paths: tags: - Applications summary: | - Update application from an exported XML file + Update application from an exported XML, YAML, or JSON file. operationId: importApplicationForUpdate description: > - This API provides the capability to update an application from information that has been exported as an XML file.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to update an application based on the + information provided in an XML, YAML, or JSON file.
+ Scope(Permission) required: `internal_application_mgt_update` requestBody: content: multipart/form-data: @@ -242,20 +228,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - '/applications/{applicationId}': + /applications/{applicationId}: get: tags: - Applications summary: | - Retrieve application by ID + Retrieve application by ID. operationId: getApplication description: > - This API provides the capability to retrieve the application information - by ID.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve the application information by ID.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - name: applicationId in: path @@ -301,19 +283,15 @@ paths: application/xml: schema: $ref: '#/components/schemas/Error' - patch: tags: - Applications summary: | - Partially update application by ID + Partially update application by ID. operationId: patchApplication description: | - This API provides the capability to partially update an application by ID.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to partially update an application by ID.
+ Scope(Permission) required: `internal_application_mgt_update` parameters: - name: applicationId in: path @@ -357,14 +335,11 @@ paths: tags: - Applications summary: | - Delete application by ID + Delete application by ID. operationId: deleteApplication description: | This API provides the capability to delete an application by ID.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete + Scope(Permission) required: `internal_application_mgt_delete` parameters: - name: applicationId in: path @@ -403,13 +378,10 @@ paths: - Applications operationId: exportApplication summary: | - Export application as an XML file + Export application as an XML file. description: | - This API provides the capability to retrieve the application as an XML file.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve the application as an XML file.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - name: applicationId in: path @@ -455,11 +427,8 @@ paths: summary: | Export application in XML, YAML, or JSON file formats. description: | - This API provides the capability to retrieve the application in XML, YAML, or JSON format.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve the application in XML, YAML, or JSON format.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - name: applicationId in: path @@ -517,13 +486,10 @@ paths: - Applications operationId: changeApplicationOwner summary: | - Change application owner + Change application owner. description: | - This API provides the capability to change the application owner.
- Permission required:
- * /permission/admin
- Scope required:
- * internal_organization_admin + This API provides the capability to change the application owner.
+ Scope(Permission) required: `internal_organization_admin` parameters: - name: applicationId in: path @@ -566,14 +532,11 @@ paths: tags: - Authenticators summary: | - Get configured authenticators + Get configured authenticators. operationId: getConfiguredAuthenticators description: | - This API provides the capability to retrieve the configured authenticators. - Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve the configured authenticators.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - name: applicationId in: path @@ -612,7 +575,6 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - /applications/{applicationId}/authorized-apis: get: tags: @@ -621,11 +583,8 @@ paths: Get authorized APIs of the application. operationId: getAuthorizedAPIs description: | - This API provides the capability to retrieve all the authorized APIs of the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve all the authorized APIs of the application.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - name: applicationId in: path @@ -658,14 +617,11 @@ paths: tags: - Authorized APIs summary: | - Authorized an API to the application + Authorized an API to the application. operationId: addAuthorizedAPI description: | - This API provides the capability to authorized an API to the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to authorized an API to the application.
+ Scope(Permission) required: `internal_application_mgt_update` parameters: - name: applicationId in: path @@ -699,21 +655,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - /applications/{applicationId}/authorized-apis/{apiId}: patch: tags: - Authorized APIs summary: | - Update authorized API scopes + Update authorized API scopes. operationId: patchAuthorizedAPI description: | - This API provides the capability to update an authorized API of the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to update an authorized API of the application.
+ Scope(Permission) required: `internal_application_mgt_update` parameters: - name: applicationId in: path @@ -753,19 +704,15 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - delete: tags: - Authorized APIs summary: | - Remove API authorization from the application + Remove API authorization from the application. operationId: deleteAuthorizedAPI description: | - This API provides the capability to delete an authorized API of the application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to delete an authorized API of the application.
+ Scope(Permission) required: `internal_application_mgt_update` parameters: - name: applicationId in: path @@ -792,22 +739,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - /applications/resident: get: tags: - Resident Application summary: | - Get Resident application + Get resident application. operationId: getResidentApplication description: | - This API provides the capability to retrieve the resident application information. -
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve the resident application information.
+ Scope(Permission) required: `internal_application_mgt_view` responses: '200': description: OK @@ -841,14 +782,11 @@ paths: tags: - Resident Application summary: | - Update Resident Application + Update resident application. operationId: updateResidentApplication description: > - This API provides the capability to update the Resident Application Configuration.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to update the resident application configuration.
+ Scope(Permission) required: `internal_application_mgt_update` responses: '200': description: Successful @@ -898,20 +836,16 @@ paths: This represents the provisioning configuration of the resident application. required: true - '/applications/{applicationId}/inbound-protocols/': + /applications/{applicationId}/inbound-protocols/: get: tags: - Inbound Protocols summary: | - Retrieve inbound protocol configurations of the application + Retrieve inbound protocol configurations. operationId: getInboundAuthenticationConfigurations description: > - This API provides the capability to retrieve authentication protocol - configurations of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve authentication protocol configurations of an application.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - name: applicationId in: path @@ -948,20 +882,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - '/applications/{applicationId}/inbound-protocols/saml': + /applications/{applicationId}/inbound-protocols/saml: get: tags: - Inbound Protocols - SAML summary: | - Retrieve SAML2 authentication protocol parameters of application + Retrieve SAML2 authentication protocol parameters. operationId: getInboundSAMLConfiguration description: > - This API provides the capability to retrieve SAML2 authentication - protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve SAML2 authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - name: applicationId in: path @@ -998,20 +928,15 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - put: tags: - Inbound Protocols - SAML summary: | - Update SAML2 authentication protocol parameters of application + Update SAML2 authentication protocol parameters. operationId: updateInboundSAMLConfiguration description: > - This API provides the capability to store SAML2 authentication protocol - parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to store SAML2 authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update` - There are three methods to create/update SAML2 authentication protocol configuration. 1. Metadata File (by sending the Base64 encoded content of the metadata file.) @@ -1073,15 +998,11 @@ paths: tags: - Inbound Protocols - SAML summary: | - Delete SAML2 authentication protocol parameters of application + Delete SAML2 authentication protocol parameters. operationId: deleteInboundSAMLConfiguration description: > - This API provides the capability to delete SAML2 authentication protocol - parameters of an application.
- Permissi on required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete + This API provides the capability to delete SAML2 authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_delete` parameters: - name: applicationId in: path @@ -1114,21 +1035,15 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - - '/applications/{applicationId}/inbound-protocols/oidc': + /applications/{applicationId}/inbound-protocols/oidc: get: tags: - Inbound Protocols - OAuth / OIDC summary: | - Retrieve OIDC authentication protocol parameters of application + Retrieve OIDC authentication protocol parameters. description: > - This API provides the capability to retrieve OIDC authentication - protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve OIDC authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_view` operationId: getInboundOAuthConfiguration parameters: - name: applicationId @@ -1170,14 +1085,10 @@ paths: tags: - Inbound Protocols - OAuth / OIDC summary: | - Update OIDC authentication protocol parameters of application + Update OIDC authentication protocol parameters. description: > - This API provides the capability to store OIDC authentication protocol - parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to store OIDC authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update` operationId: updateInboundOAuthConfiguration parameters: - name: applicationId @@ -1237,14 +1148,10 @@ paths: tags: - Inbound Protocols - OAuth / OIDC summary: | - Delete OIDC authentication protocol parameters of application + Delete OIDC authentication protocol parameters. description: > - This API provides the capability to delete OIDC authentication protocol - parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete + This API provides the capability to delete OIDC authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_delete` operationId: deleteInboundOAuthConfiguration parameters: - name: applicationId @@ -1278,20 +1185,15 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - - '/applications/{applicationId}/inbound-protocols/oidc/regenerate-secret': + /applications/{applicationId}/inbound-protocols/oidc/regenerate-secret: post: tags: - Inbound Protocols - OAuth / OIDC summary: | - Regenerate the OAuth2/OIDC client secret of application + Regenerate the OAuth2/OIDC client secret. description: | This API regenerates the OAuth2/OIDC client secret.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create + Scope(Permission) required: `internal_application_mgt_create` operationId: regenerateOAuthClientSecret parameters: - name: applicationId @@ -1329,19 +1231,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/{applicationId}/inbound-protocols/oidc/revoke': + /applications/{applicationId}/inbound-protocols/oidc/revoke: post: tags: - Inbound Protocols - OAuth / OIDC summary: | - Revoke the OAuth2/OIDC client of application + Revoke the OAuth2/OIDC client of application. description: | - This API revokes the OAuth2/OIDC client secret. To re-activate the client, the client secret needs to be regenerated.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/create
- Scope required:
- * internal_application_mgt_create + This API revokes the OAuth2/OIDC client secret. + To re-activate the client, the client secret needs to be regenerated.
+ Scope(Permission) required: `internal_application_mgt_create` operationId: revokeOAuthClient parameters: - name: applicationId @@ -1375,20 +1274,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/{applicationId}/inbound-protocols/passive-sts': + /applications/{applicationId}/inbound-protocols/passive-sts: get: tags: - Inbound Protocols - Passive STS summary: > - Retrieve Passive STS authentication protocol parameters of application + Retrieve Passive STS authentication protocol parameters. description: > This API provides the capability to retrieve Passive STS authentication protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + Scope(Permission) required: `internal_application_mgt_view` operationId: getPassiveStsConfiguration parameters: - name: applicationId @@ -1426,19 +1321,14 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - put: tags: - Inbound Protocols - Passive STS summary: | - Update Passive STS authentication protocol parameters of application + Update Passive STS authentication protocol parameters. description: > - This API provides the capability to store passive STS authentication - protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to store passive STS authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update` operationId: updatePassiveStsConfiguration parameters: - name: applicationId @@ -1487,7 +1377,6 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - requestBody: content: application/json: @@ -1501,14 +1390,11 @@ paths: tags: - Inbound Protocols - Passive STS summary: | - Delete Passive STS authentication protocol parameters of application + Delete Passive STS authentication protocol parameters. description: > This API provides the capability to delete Passive STS authentication protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete + Scope(Permission) required: `internal_application_mgt_delete` operationId: deletePassiveStsConfiguration parameters: - name: applicationId @@ -1542,20 +1428,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/{applicationId}/inbound-protocols/ws-trust': + /applications/{applicationId}/inbound-protocols/ws-trust: get: tags: - Inbound Protocols - WS Trust summary: | - Retrieve WS Trust authentication protocol parameters of application + Retrieve WS Trust authentication protocol parameters. description: > This API provides the capability to retrieve Passive STS authentication protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + Scope(Permission) required: `internal_application_mgt_view` operationId: getWSTrustConfiguration parameters: - name: applicationId @@ -1593,19 +1475,14 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - put: tags: - Inbound Protocols - WS Trust summary: | - Update WS Trust authentication protocol parameters of application + Update WS Trust authentication protocol parameters. description: > - This API provides the capability to store WS Trust authentication - protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to store WS Trust authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update` operationId: updateWSTrustConfiguration parameters: - name: applicationId @@ -1654,7 +1531,6 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - requestBody: content: application/json: @@ -1668,14 +1544,10 @@ paths: tags: - Inbound Protocols - WS Trust summary: | - Delete WS Trust authentication protocol parameters of application + Delete WS Trust authentication protocol parameters. description: > - This API provides the capability to delete WS Trust authentication - protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete + This API provides the capability to delete WS Trust authentication protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_delete` operationId: deleteWSTrustConfiguration parameters: - name: applicationId @@ -1709,20 +1581,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/{applicationId}/inbound-protocols/{inboundProtocolId}': + /applications/{applicationId}/inbound-protocols/{inboundProtocolId}: get: tags: - Inbound Protocols - Custom summary: > - Retrieve custom Inbound authentication protocol parameters of application. + Retrieve custom inbound authentication protocol parameters. description: > This API provides the capability to retrieve custom inbound authentication protocol parameters of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + Scope(Permission) required: `internal_application_mgt_view` operationId: getCustomInboundConfiguration parameters: - name: applicationId @@ -1770,14 +1638,11 @@ paths: tags: - Inbound Protocols - Custom summary: | - Update the custom inbound authentication protocol parameters of application + Update the custom inbound authentication protocol parameters. description: > - This API provides the capability to store custom inbound authentication protocol parameters of an application. -
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/update
- Scope required:
- * internal_application_mgt_update + This API provides the capability to store custom inbound authentication + protocol parameters of an application.
+ Scope(Permission) required: `internal_application_mgt_update` operationId: updateCustomInboundConfiguration parameters: - name: applicationId @@ -1845,13 +1710,10 @@ paths: tags: - Inbound Protocols - Custom summary: > - Delete custom inbound authentication protocol parameters of application + Delete custom inbound authentication protocol parameters. description: > This API provides the capability to delete custom inbound authentication protocol of an application.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/delete
- Scope required:
- * internal_application_mgt_delete + Scope(Permission) required: `internal_application_mgt_delete` operationId: deleteCustomInboundConfiguration parameters: - name: applicationId @@ -1891,21 +1753,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/meta/inbound-protocols': + /applications/meta/inbound-protocols: get: tags: - Application Metadata summary: | - Retrieve the list of inbound authentication protocols available + Retrieve the list of inbound authentication protocols available. description: > This API provides the capability to retrieve the list of inbound authentication protocols available. - If the query parameter 'customOnly' is set to true, only custom inbound protocols will be listed. -
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + If the query parameter 'customOnly' is set to true, only custom inbound protocols will be listed.
+ Scope(Permission) required: `internal_application_mgt_view` operationId: getInboundProtocols parameters: - $ref: '#/components/parameters/inboundProtocolsCustomOnly' @@ -1937,19 +1794,15 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/meta/inbound-protocols/saml': + /applications/meta/inbound-protocols/saml: get: tags: - Application Metadata summary: | - Retrieve all the metadata related to the auth protocol SAML + Retrieve all the metadata related to the auth protocol SAML. description: > This API provides the capability to retrieve all the metadata related to the auth protocol SAML.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + Scope(Permission) required: `internal_application_mgt_view` operationId: getSAMLMetadata responses: '200': @@ -1982,19 +1835,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/meta/inbound-protocols/oidc': + /applications/meta/inbound-protocols/oidc: get: tags: - Application Metadata summary: | - Retrieve all the metadata related to the authentication protocol OAuth / OIDC + Retrieve all the metadata related to the authentication protocol OAuth / OIDC. description: > - This API provides the capability to retrieve all the metadata related to the authentication protocol OAuth / OIDC.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + This API provides the capability to retrieve all the metadata related + to the authentication protocol OAuth / OIDC.
+ Scope(Permission) required: `internal_application_mgt_view` operationId: getOIDCMetadata responses: '200': @@ -2019,19 +1869,15 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/meta/inbound-protocols/ws-trust': + /applications/meta/inbound-protocols/ws-trust: get: tags: - Application Metadata summary: | - Retrieve all the metadata related to the auth protocol WS Trust + Retrieve all the metadata related to the auth protocol WS Trust. description: > This API provides the capability to retrieve all the metadata related to the auth protocol WS_Trust.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + Scope(Permission) required: `internal_application_mgt_view` operationId: getWSTrustMetadata responses: '200': @@ -2056,20 +1902,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/meta/inbound-protocols/{inboundProtocolId}': + /applications/meta/inbound-protocols/{inboundProtocolId}: get: tags: - Application Metadata summary: | - Retrieve all the metadata related to the custom auth protocol identified by the inboundProtocolId + Retrieve all the metadata related to the custom auth protocol identified by the inboundProtocolId. description: > This API provides the capability to retrieve all the metadata related to the custom auth protocol - identified by the inboundProtocolId. The URL encoded inbound protocol name is used as inboundProtocolId.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + identified by the inboundProtocolId. The URL encoded inbound protocol name is used as inboundProtocolId.
+ Scope(Permission) required: `internal_application_mgt_view` operationId: getCustomProtocolMetadata parameters: - name: inboundProtocolId @@ -2101,19 +1943,15 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - - '/applications/meta/adaptive-auth-templates': + /applications/meta/adaptive-auth-templates: get: tags: - Application Metadata summary: | - Retrieve the sample adaptive authentication templates. + Retrieve adaptive authentication sample templates. description: > This API provides the capability to retrieve the sample adaptive authentication templates.
- Permission required:
- * /permission/admin/manage/identity/applicationmgt/view
- Scope required:
- * internal_application_mgt_view + Scope(Permission) required: `internal_application_mgt_view` operationId: getAdaptiveAuthTemplates responses: '200': @@ -2138,16 +1976,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - /applications/templates: get: tags: - Application Templates operationId: getAllApplicationTemplates summary: | - List Application Templates + List application templates. description: | - This API provides the capability to retrieve the list of templates available. + This API provides the capability to retrieve the list of templates available.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - $ref: '#/components/parameters/limitWithoutDefaultQueryParam' - $ref: '#/components/parameters/offsetWithoutDefaultQueryParam' @@ -2191,10 +2029,11 @@ paths: tags: - Application Templates summary: | - Add application template + Add application template. operationId: createApplicationTemplate description: > - This API provides the capability to store the application template provided by users. + This API provides the capability to store the application template provided by users.
+ Scope(Permission) required: `internal_application_mgt_create` requestBody: content: application/json: @@ -2239,16 +2078,16 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - /applications/templates/{template-id}: get: tags: - Application Templates summary: | - Retrieve application template by ID + Retrieve application template by ID. operationId: getApplicationTemplate description: > - This API provides the capability to retrieve the application template from the template id. + This API provides the capability to retrieve the application template from the template id.
+ Scope(Permission) required: `internal_application_mgt_view` parameters: - $ref: '#/components/parameters/templateIdPathParam' responses: @@ -2289,7 +2128,6 @@ paths: application/xml: schema: $ref: '#/components/schemas/Error' - put: tags: - Application Templates @@ -2297,7 +2135,8 @@ paths: Update the application template by the template ID. operationId: updateApplicationTemplate description: | - This API provides the capability to update an application template by the template ID. + This API provides the capability to update an application template by the template ID.
+ Scope(Permission) required: `internal_application_mgt_update` parameters: - $ref: '#/components/parameters/templateIdPathParam' requestBody: @@ -2345,7 +2184,8 @@ paths: Delete application template by template ID. operationId: deleteApplicationTemplate description: | - This API provides the capability to delete an application template by template ID. + This API provides the capability to delete an application template by template ID.
+ Scope(Permission) required: `internal_application_mgt_delete` parameters: - $ref: '#/components/parameters/templateIdPathParam' responses: @@ -2376,16 +2216,13 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - /applications/{applicationId}/share: post: summary: | - Share the application from the root organization to the given organization. + Share the application from the root organization to the given organization(s). description: | - This API provides the capability to share an application with organizations. -

- Scope required: - * internal_shared_application_create + This API provides the capability to share an application with organizations.
+ Scope(Permission) required: `internal_shared_application_create` operationId: shareOrgApplication parameters: - name: applicationId @@ -2427,15 +2264,13 @@ paths: schema: $ref: '#/components/schemas/Error' tags: - - Organization Application Sharing + - Application Sharing get: summary: | List of organizations that the application is shared to. description: | - This API returns the list of organizations that the application is shared to. -

- Scope required: - * internal_shared_application_view + This API returns the list of organizations that the application is shared to.
+ Scope(Permission) required: `internal_shared_application_view` operationId: shareOrgApplicationGet parameters: - name: applicationId @@ -2474,16 +2309,14 @@ paths: schema: $ref: '#/components/schemas/Error' tags: - - Organization Application Sharing + - Application Sharing /applications/{applicationId}/shared-apps: get: summary: | List of shared applications along with its organization. description: | - This API returns the list of shared app ids along with the shared organization id. -

- Scope required: - * internal_shared_application_view + This API returns the list of shared app ids along with the shared organization id.
+ Scope(Permission) required: `internal_shared_application_view` operationId: sharedApplicationsGet parameters: - name: applicationId @@ -2522,13 +2355,12 @@ paths: schema: $ref: '#/components/schemas/Error' tags: - - Organization Application Sharing + - Application Sharing delete: description: | - This API provides the capability to stop sharing an application to all organizations the application is shared to. -

- Scope required: - * internal_shared_application_delete + This API provides the capability to stop sharing an application to all organizations + the application is shared to.
+ Scope(Permission) required: `internal_shared_application_delete` summary: | Stop sharing an application with all organizations. operationId: sharedApplicationsAllDelete @@ -2565,14 +2397,12 @@ paths: schema: $ref: '#/components/schemas/Error' tags: - - Organization Application Sharing + - Application Sharing /applications/{applicationId}/share/{shared-organization-id}: delete: description: | - This API provides the capability to stop sharing an application to an organization by providing its ID. -

- Scope required: - * internal_shared_application_delete + This API provides the capability to stop sharing an application to an organization by providing its ID.
+ Scope(Permission) required: `internal_shared_application_delete` summary: | Stop sharing an application to a organization. operationId: shareOrgApplicationDelete @@ -2615,8 +2445,7 @@ paths: schema: $ref: '#/components/schemas/Error' tags: - - Organization Application Sharing - + - Application Sharing components: parameters: limitQueryParam: @@ -2661,8 +2490,8 @@ components: description: | Condition to filter the retrieval of records. Supports 'sw', 'co', 'ew', and 'eq' operations with 'and', 'or' logical operators. - Please note that 'and' and 'or' operators in filters follow the general precedence of logical operators - ex: A and B or C and D = (A and B) or (C and D)). + Note that 'and' and 'or' operators in filters follow the general precedence of logical operators. + For example, A and B or C and D = (A and B) or (C and D)). Currently supports only filtering based on the 'name', the 'clientId', and the 'issuer' attributes. /applications?filter=name+eq+user_portal @@ -2697,9 +2526,11 @@ components: required: false description: | Specifies the required parameters in the response. - Currently supports for only 'advancedConfigurations', 'templateId', 'templateVersion', 'clientId', 'issuer', 'applicationEnabled' and 'associatedRoles.allowedAudience' attributes. + Only 'advancedConfigurations', 'templateId', 'templateVersion', 'clientId', 'issuer', + and 'associatedRoles.allowedAudience' attributes are currently supported. - /applications?attributes=advancedConfigurations,templateId,templateVersion,clientId,applicationEnabled,associatedRoles.allowedAudience + /applications?attributes=advancedConfigurations,templateId,templateVersion,clientId,issuer, + associatedRoles.allowedAudience schema: type: string excludeSystemPortalsQueryParam: @@ -2764,7 +2595,7 @@ components: flows: authorizationCode: authorizationUrl: 'https://localhost:9443/oauth2/authorize' - tokenUrl: 'http://localhost:9763/oauth2/token' + tokenUrl: 'http://localhost:9443/oauth2/token' scopes: {} schemas: Link: @@ -2776,7 +2607,6 @@ components: rel: type: string example: "next" - ApplicationListResponse: type: object properties: @@ -2800,7 +2630,6 @@ components: type: array items: $ref: '#/components/schemas/Link' - ApplicationListItem: type: object properties: @@ -2986,7 +2815,6 @@ components: - READ - WRITE default: READ - ApplicationPatchModel: type: object properties: @@ -3013,7 +2841,7 @@ components: example: "adwefi2429asdfdf94444rraf44" templateVersion: type: string - example: "v1.0.0" + example: "v1.0.1" description: Version of the template used to create the application. applicationEnabled: type: boolean @@ -3029,13 +2857,11 @@ components: $ref: '#/components/schemas/AdvancedApplicationConfiguration' provisioningConfigurations: $ref: '#/components/schemas/ProvisioningConfiguration' - ResidentApplication: type: object properties: provisioningConfigurations: $ref: '#/components/schemas/ProvisioningConfiguration' - ProvisioningConfiguration: type: object properties: @@ -3057,7 +2883,6 @@ components: description: >- This property becomes only applicable if the proxy-mode config is set to false - OutboundProvisioningConfiguration: type: object properties: @@ -3097,10 +2922,10 @@ components: properties: name: type: string - example: googleIdP + example: sampleIdP type: type: string - example: GoogleAuthenticator + example: SampleAuthenticator AdvancedApplicationConfiguration: type: object properties: @@ -3125,7 +2950,7 @@ components: useExternalConsentPage: type: boolean example: false - description: Decides whether user needs to use external consent page. + description: Decides whether users should be presented with an external consent page. returnAuthenticatedIdpList: type: boolean example: false @@ -3167,6 +2992,7 @@ components: $ref: '#/components/schemas/AdditionalProperties' AdditionalProperties: type: array + description: Denotes additional properties of the application. It is only supported by getApplication and getAllApplications request. items: $ref: "#/components/schemas/AdditionalSpProperty" AdditionalSpProperty: @@ -3238,12 +3064,10 @@ components: type: array items: $ref: '#/components/schemas/CustomInboundProtocolConfiguration' - InboundProtocolsListResponse: type: array items: $ref: '#/components/schemas/InboundProtocolListItem' - InboundProtocolListItem: type: object required: @@ -3259,8 +3083,7 @@ components: example: "SAML2 Inbound" self: type: string - example: "/t/carbon.super/api/server/v1/applications/29048810-1447-4ea0-a348-30d15ab65fa3/inbound-protocols/saml" - + example: "/api/server/v1/applications/29048810-1447-4ea0-a348-30d15ab65fa3/inbound-protocols/saml" ClaimConfiguration: type: object properties: @@ -3392,7 +3215,6 @@ components: type: string example: Username readOnly: true - SAML2Configuration: type: object properties: @@ -3404,7 +3226,6 @@ components: example: 'https://example.com/samlsso/meta' manualConfiguration: $ref: '#/components/schemas/SAML2ServiceProvider' - SingleSignOnProfile: type: object properties: @@ -3416,23 +3237,18 @@ components: - HTTP_POST - HTTP_REDIRECT - ARTIFACT - enableSignatureValidationForArtifactBinding: type: boolean description: Enables Signature validation for SAML Artifact Binding. Applicable only if SAML Artifact binding is enabled through the bindings option. default: false - attributeConsumingServiceIndex: type: string readOnly: true - enableIdpInitiatedSingleSignOn: type: boolean default: false - assertion: $ref: '#/components/schemas/SAMLAssertionConfiguration' - SAMLAttributeProfile: type: object properties: @@ -3442,7 +3258,6 @@ components: alwaysIncludeAttributesInResponse: type: boolean default: false - SingleLogoutProfile: type: object properties: @@ -3463,7 +3278,6 @@ components: - FRONTCHANNEL_HTTP_POST idpInitiatedSingleLogout: $ref: '#/components/schemas/IdpInitiatedSingleLogout' - IdpInitiatedSingleLogout: type: object properties: @@ -3474,7 +3288,6 @@ components: type: array items: type: string - SAMLAssertionConfiguration: type: object properties: @@ -3482,7 +3295,6 @@ components: type: string default: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified' example: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' - audiences: type: array description: Additional audience values to be added to the SAML Assertions @@ -3490,7 +3302,6 @@ components: - 'https://app.example.com/saml' items: type: string - recipients: type: array description: Additional recipient values to be added to the SAML Assertions @@ -3498,14 +3309,12 @@ components: - 'https://app.example.com/saml' items: type: string - digestAlgorithm: type: string default: "http://www.w3.org/2000/09/xmldsig#sha1" example: "http://www.w3.org/2000/09/xmldsig#sha1" encryption: $ref: '#/components/schemas/AssertionEncryptionConfiguration' - AssertionEncryptionConfiguration: type: object properties: @@ -3518,7 +3327,6 @@ components: keyEncryptionAlgorithm: type: string default: "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" - SAMLRequestValidation: type: object properties: @@ -3527,7 +3335,6 @@ components: default: true signatureValidationCertAlias: type: string - SAMLResponseSigning: type: object properties: @@ -3536,13 +3343,11 @@ components: default: true signingAlgorithm: type: string - SAML2ServiceProvider: type: object required: - issuer - assertionConsumerUrls - properties: issuer: type: string @@ -3559,26 +3364,19 @@ components: idpEntityIdAlias: type: string description: "Default value is the IdP Entity ID value specified in Resident IdP." - singleSignOnProfile: $ref: '#/components/schemas/SingleSignOnProfile' - attributeProfile: $ref: '#/components/schemas/SAMLAttributeProfile' - singleLogoutProfile: $ref: '#/components/schemas/SingleLogoutProfile' - requestValidation: $ref: '#/components/schemas/SAMLRequestValidation' - responseSigning: $ref: '#/components/schemas/SAMLResponseSigning' - enableAssertionQueryProfile: type: boolean default: false - OpenIDConnectConfiguration: type: object required: @@ -3904,7 +3702,6 @@ components: type: integer default: 1 example: 1 - AuthenticationStepModel: type: object required: @@ -3932,7 +3729,6 @@ components: authenticator: type: string example: basic - AuthProtocolMetadata: type: object properties: @@ -4112,14 +3908,12 @@ components: isConfidential: type: boolean default: false - AdaptiveAuthTemplates: type: object properties: templatesJSON: type: string example: 'Adaptive Auth Templates JSON' - FileUpload: type: object properties: @@ -4134,7 +3928,6 @@ components: type: array items: $ref: '#/components/schemas/ApplicationTemplatesListItem' - ApplicationTemplatesListItem: type: object properties: @@ -4173,7 +3966,6 @@ components: self: type: string example: "/t/wso2.com/api/server/v1/applications/templates/85e3f4b8-0d22-4181-b1e3-1651f71b88bd" - ApplicationTemplateModel: type: object properties: @@ -4223,13 +4015,12 @@ components: example: "85e3f4b8-0d22-4181-b1e3-1651f71b88bd" required: - id - AuthorizedAPIResponse: type: object properties: id: type: string - example: 012df-232gf-545fg-dff23 + example: 65b52595-9ca1-4539-aca2-56178643c58b identifier: type: string example: https://greetings.io/v1/greet @@ -4241,31 +4032,29 @@ components: example: RBAC type: type: string - example: TENANT_ADMIN + example: BUSINESS authorizedScopes: type: array items: $ref: '#/components/schemas/AuthorizedScope' - AuthorizedScope: type: object properties: id: type: string - example: 012df-232gf-545fg-dff23 + example: 65b52595-9ca1-4539-aca2-56178643c58b name: type: string example: bookings:read displayName: type: string example: Read Bookings - AuthorizedAPICreationModel: type: object properties: id : type: string - example: 012df-232gf-545fg-dff23 + example: 65b52595-9ca1-4539-aca2-56178643c58b policyIdentifier: type: string example: RBAC @@ -4274,7 +4063,6 @@ components: items: type: string example: bookings:read - AuthorizedAPIPatchModel: type: object properties: @@ -4282,13 +4070,27 @@ components: type: array items: type: string - example: bookings:edit + example: bookings:write removedScopes: type: array items: type: string - example: bookings:view - + example: bookings:read + Error: + type: object + properties: + code: + type: string + example: AAA-00000 + message: + type: string + example: Some error message. + description: + type: string + example: Some error description. + traceId: + type: string + example: e0fbcfeb-3617-43c4-8dd0-7b7d38e13047 ApplicationSharePOSTRequest: type: object properties: @@ -4299,6 +4101,9 @@ components: type: array items: type: string + example: + - 682edf68-4835-4bb8-961f-0a16bc6cc866 + - ghfbctgf-4318-46d4-8ee1-7t3s38e23098 SharedOrganizationsResponse: type: object properties: @@ -4345,23 +4150,6 @@ components: ref: type: string example: '/t/wso2.com/api/server/v1/organizations/b4526d91-a8bf-43d2-8b14-c548cf73065b' - - Error: - type: object - properties: - code: - type: string - example: AAA-00000 - message: - type: string - example: Some error message. - description: - type: string - example: Some error description. - traceId: - type: string - example: e0fbcfeb-3617-43c4-8dd0-7b7d38e13047 - servers: - url: 'https://{server-url}/t/{tenant-domain}/api/server/v1' variables: