opensource/supermq
1
0
Fork 0
mirror of https://github.com/absmach/supermq.git synced 2026-06-23 06:20:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
57c3ecb175dc82d005f454fc3a9e11c838b75063
supermq/api/openapi/auth.yml
T
Felix Gateru 8d4e752274 NOISSUE - Update API documentation (#2550) 
Signed-off-by: Felix Gateru <felix.gateru@gmail.com>
2024-11-26 09:36:27 +01:00

834 lines
24 KiB
YAML
Raw Blame History

# Copyright (c) Abstract Machines
# SPDX-License-Identifier: Apache-2.0
openapi: 3.0.3
info:
title: Magistrala Auth Service
description: |
This is the Auth Server based on the OpenAPI 3.0 specification. It is the HTTP API for managing platform users. You can now help us improve the API whether it's by making changes to the definition itself or to the code.
Some useful links:
- [The Magistrala repository](https://github.com/absmach/magistrala)
contact:
email: info@abstractmachines.fr
license:
name: Apache 2.0
url: https://github.com/absmach/magistrala/blob/main/LICENSE
version: 0.14.0
servers:
- url: http://localhost:8189
- url: https://localhost:8189
tags:
- name: Keys
description: Everything about your Keys.
externalDocs:
description: Find out more about keys
url: https://docs.magistrala.abstractmachines.fr/
- name: Domains
description: Everything about your Domains.
externalDocs:
description: Find out more about domains
url: https://docs.magistrala.abstractmachines.fr/
- name: Health
description: Service health check endpoint.
externalDocs:
description: Find out more about health check
url: https://docs.magistrala.abstractmachines.fr/
paths:
/domains:
post:
tags:
- Domains
summary: Adds new domain
description: |
Adds new domain.
requestBody:
$ref: "#/components/requestBodies/DomainCreateReq"
responses:
"201":
$ref: "#/components/responses/DomainCreateRes"
"400":
description: Failed due to malformed JSON.
"401":
description: Missing or invalid access token provided.
"409":
description: Failed due to using an existing alias.
"415":
description: Missing or invalid content type.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
get:
summary: Retrieves list of domains.
description: |
Retrieves list of domains that the user have access.
parameters:
- $ref: "#/components/parameters/Limit"
- $ref: "#/components/parameters/Offset"
- $ref: "#/components/parameters/Metadata"
- $ref: "#/components/parameters/Status"
- $ref: "#/components/parameters/DomainName"
- $ref: "#/components/parameters/Permission"
tags:
- Domains
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainsPageRes"
"400":
description: Failed due to malformed query parameters.
"401":
description: Missing or invalid access token provided.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}:
get:
summary: Retrieves domain information
description: |
Retrieves a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainRes"
"400":
description: Failed due to malformed query parameters.
"401":
description: Missing or invalid access token provided.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
patch:
summary: Updates name, metadata, tags and alias of the domain.
description: |
Updates name, metadata, tags and alias of the domain.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
requestBody:
$ref: "#/components/requestBodies/DomainUpdateReq"
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainRes"
"400":
description: Failed due to malformed JSON.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access to domain id.
"404":
description: Failed due to non existing domain.
"415":
description: Missing or invalid content type.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/permissions:
get:
summary: Retrieves user permissions on domain.
description: |
Retrieves user permissions on domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainPermissionRes"
"400":
description: Malformed entity specification.
"401":
description: Missing or invalid access token provided.
"403":
description: Failed authorization over the domain.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/enable:
post:
summary: Enables a domain
description: |
Enables a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
description: Successfully enabled domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/disable:
post:
summary: Disable a domain
description: |
Disable a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
description: Successfully disabled domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/freeze:
post:
summary: Freeze a domain
description: |
Freeze a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
description: Successfully freezed domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/users/assign:
post:
summary: Assign users to domain
description: |
Assign users to domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
requestBody:
$ref: "#/components/requestBodies/AssignUserReq"
security:
- bearerAuth: []
responses:
"200":
description: Users successfully assigned to domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"409":
description: Conflict of data.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/users/unassign:
post:
summary: Unassign user from domain
description: |
Unassign user from domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
requestBody:
$ref: "#/components/requestBodies/UnassignUsersReq"
security:
- bearerAuth: []
responses:
"204":
description: Users successfully unassigned from domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"409":
description: Conflict of data.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/keys:
post:
operationId: issueKey
tags:
- Keys
summary: Issue API key
description: |
Generates a new API key. Thew new API key will
be uniquely identified by its ID.
requestBody:
$ref: "#/components/requestBodies/KeyRequest"
responses:
"201":
description: Issued new key.
"400":
description: Failed due to malformed JSON.
"401":
description: Missing or invalid access token provided.
"409":
description: Failed due to using already existing ID.
"415":
description: Missing or invalid content type.
"500":
$ref: "#/components/responses/ServiceError"
/keys/{keyID}:
get:
operationId: getKey
summary: Gets API key details.
description: |
Gets API key details for the given key.
tags:
- Keys
parameters:
- $ref: "#/components/parameters/ApiKeyId"
responses:
"200":
$ref: "#/components/responses/KeyRes"
"400":
description: Failed due to malformed query parameters.
"401":
description: Missing or invalid access token provided.
"404":
description: A non-existent entity request.
"500":
$ref: "#/components/responses/ServiceError"
delete:
operationId: revokeKey
summary: Revoke API key
description: |
Revoke API key identified by the given ID.
tags:
- Keys
parameters:
- $ref: "#/components/parameters/ApiKeyId"
responses:
"204":
description: Key revoked.
"401":
description: Missing or invalid access token provided.
"404":
description: A non-existent entity request.
"500":
$ref: "#/components/responses/ServiceError"
/users/{userID}/domains:
get:
tags:
- Domains
summary: Lists domains associated with a user.
description: |
Retrieves a list of domains associated with a user. Due to performance concerns, data
is retrieved in subsets. The API must ensure that the entire
dataset is consumed either by making subsequent requests, or by
increasing the subset size of the initial request.
parameters:
- $ref: "users.yml#/components/parameters/UserID"
- $ref: "#/components/parameters/Limit"
- $ref: "#/components/parameters/Offset"
- $ref: "#/components/parameters/Metadata"
- $ref: "#/components/parameters/Status"
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainsPageRes"
"400":
description: Failed due to malformed query parameters.
"401":
description: |
Missing or invalid access token provided.
This endpoint is available only for administrators.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/health:
get:
summary: Retrieves service health check info.
tags:
- Health
security: []
responses:
"200":
$ref: "#/components/responses/HealthRes"
"500":
$ref: "#/components/responses/ServiceError"
components:
schemas:
DomainReqObj:
type: object
properties:
name:
type: string
example: domainName
description: Domain name.
tags:
type: array
minItems: 0
items:
type: string
example: ["tag1", "tag2"]
description: domain tags.
metadata:
type: object
example: { "domain": "example.com" }
description: Arbitrary, object-encoded domain's data.
alias:
type: string
example: domain alias
description: Domain alias.
required:
- name
- alias
Domain:
type: object
properties:
id:
type: string
format: uuid
example: bb7edb32-2eac-4aad-aebe-ed96fe073879
description: Domain unique identifier.
name:
type: string
example: domainName
description: Domain name.
tags:
type: array
minItems: 0
items:
type: string
example: ["tag1", "tag2"]
description: domain tags.
metadata:
type: object
example: { "domain": "example.com" }
description: Arbitrary, object-encoded domain's data.
alias:
type: string
example: domain alias
description: Domain alias.
status:
type: string
description: Domain Status
format: string
example: enabled
created_by:
type: string
format: uuid
example: "0d837f56-3f8a-4e2a-9359-6347d0fc9f06 "
description: User ID of the user who created the domain.
created_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the domain was created.
updated_by:
type: string
format: uuid
example: "80f66b77-ed74-4e74-9f88-6cce9a0a3049"
description: User ID of the user who last updated the domain.
updated_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the domain was last updated.
xml:
name: domain
DomainsPage:
type: object
properties:
domains:
type: array
minItems: 0
uniqueItems: true
items:
$ref: "#/components/schemas/Domain"
total:
type: integer
example: 1
description: Total number of items.
offset:
type: integer
description: Number of items to skip during retrieval.
limit:
type: integer
example: 10
description: Maximum number of items to return in one page.
required:
- domains
- total
- offset
DomainUpdate:
type: object
properties:
name:
type: string
example: domainName
description: Domain name.
tags:
type: array
minItems: 0
items:
type: string
example: ["tag1", "tag2"]
description: domain tags.
metadata:
type: object
example: { "domain": "example.com" }
description: Arbitrary, object-encoded thing's data.
alias:
type: string
example: domain alias
description: Domain alias.
Permissions:
type: object
properties:
permissions:
type: array
minItems: 0
items:
type: string
description: Permissions
AssignUserDomainRelationReq:
type: object
properties:
user_ids:
type: array
minItems: 1
items:
type: string
description: Users IDs
example:
[
"5dc1ce4b-7cc9-4f12-98a6-9d74cc4980bb",
"c01ed106-e52d-4aa4-bed3-39f360177cfa",
]
relation:
type: string
enum: ["administrator", "editor", "contributor", "member", "guest"]
example: "administrator"
description: Policy relations.
required:
- user_ids
- relation
UnassignUserDomainRelationReq:
type: object
properties:
user_id:
type: string
format: uuid
example: bb7edb32-2eac-4aad-aebe-ed96fe073879
description: User unique identifier.
required:
- user_id
Key:
type: object
properties:
id:
type: string
format: uuid
example: "c5747f2f-2a7c-4fe1-b41a-51a5ae290945"
description: API key unique identifier
issuer_id:
type: string
format: uuid
example: "9118de62-c680-46b7-ad0a-21748a52833a"
description: In ID of the entity that issued the token.
type:
type: integer
example: 0
description: API key type. Keys of different type are processed differently.
subject:
type: string
format: string
example: "test@example.com"
description: User's email or service identifier of API key subject.
issued_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the key is generated.
expires_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the Key expires. If this field is missing,
that means that Key is valid indefinitely.
parameters:
DomainID:
name: domainID
description: Unique domain identifier.
in: path
schema:
type: string
format: uuid
required: true
example: bb7edb32-2eac-4aad-aebe-ed96fe073879
Status:
name: status
description: Domain status.
in: query
schema:
type: string
default: enabled
required: false
example: enabled
DomainName:
name: name
description: Domain's name.
in: query
schema:
type: string
required: false
example: "domainName"
Permission:
name: permission
description: permission.
in: query
schema:
type: string
required: false
example: "edit"
ApiKeyId:
name: keyID
description: API Key ID.
in: path
schema:
type: string
format: uuid
required: true
Limit:
name: limit
description: Size of the subset to retrieve.
in: query
schema:
type: integer
default: 10
maximum: 100
minimum: 1
required: false
Offset:
name: offset
description: Number of items to skip during retrieval.
in: query
schema:
type: integer
default: 0
minimum: 0
required: false
Metadata:
name: metadata
description: Metadata filter. Filtering is performed matching the parameter with metadata on top level. Parameter is json.
in: query
required: false
schema:
type: object
additionalProperties: {}
Type:
name: type
description: The type of the API Key.
in: query
schema:
type: integer
default: 0
minimum: 0
required: false
Subject:
name: subject
description: The subject of an API Key
in: query
schema:
type: string
required: false
requestBodies:
DomainCreateReq:
description: JSON-formatted document describing the new domain to be registered
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/DomainReqObj"
DomainUpdateReq:
description: JSON-formated document describing the name, alias, tags, and metadata of the domain to be updated
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/DomainUpdate"
AssignUserReq:
description: JSON-formated document describing the policy related to assigning users to a domain
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/AssignUserDomainRelationReq"
UnassignUsersReq:
description: JSON-formated document describing the policy related to unassigning user from a domain
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/UnassignUserDomainRelationReq"
KeyRequest:
description: JSON-formatted document describing key request.
required: true
content:
application/json:
schema:
type: object
properties:
type:
type: integer
example: 0
description: API key type. Keys of different type are processed differently.
duration:
type: number
format: integer
example: 23456
description: Number of seconds issued token is valid for.
responses:
ServiceError:
description: Unexpected server-side error occurred.
DomainCreateRes:
description: Create new domain.
headers:
Location:
schema:
type: string
format: url
description: Registered domain relative URL in the format `/domains/<domainID_id>`
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
DomainRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
DomainPermissionRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/Permissions"
DomainsPageRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/DomainsPage"
KeyRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/Key"
links:
revoke:
operationId: revokeKey
parameters:
keyID: $response.body#/id
HealthRes:
description: Service Health Check.
content:
application/health+json:
schema:
$ref: "./schemas/HealthInfo.yml"
securitySchemes:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
description: |
* Users access: "Authorization: Bearer <user_token>"
security:
- bearerAuth: []
Reference in New Issue View Git Blame Copy Permalink