diff --git a/config/pelion/pelion_dm_public_openapi.yaml b/config/pelion/pelion_dm_public_openapi.yaml
index 300c6e804..5718a52e3 100644
--- a/config/pelion/pelion_dm_public_openapi.yaml
+++ b/config/pelion/pelion_dm_public_openapi.yaml
@@ -1,4 +1,148 @@
definitions:
+ AccessKey:
+ description: Represents an application in Device Management.
+ properties:
+ account_id:
+ description: The ID of the account.
+ example: 01619571e2e90242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ readOnly: true
+ type: string
+ application_id:
+ description: The ID of the application.
+ example: 01705c6383f6c85b76f92f4e00000000
+ pattern: '[a-f0-9]{32}'
+ readOnly: true
+ type: string
+ created_at:
+ description: Creation UTC time RFC3339.
+ example: '2020-02-13T09:35:20Z'
+ format: date-time
+ readOnly: true
+ type: string
+ description:
+ description: The description of the access key.
+ example: Access key to control the warp drive
+ maxLength: 500
+ type: string
+ etag:
+ description: API resource entity version.
+ example: '1'
+ readOnly: true
+ type: string
+ expiration:
+ description: 'Expiration time of the access key, as UTC time RFC3339.
+
+ Expiration makes the access key inoperative and the status will be EXPIRED.
+
+ The client using the expired access key is no longer able to use the REST
+ API.
+
+ The access key expiration does not invalidate existing configurations meaning
+ that subscribed events will continue to flow on existing channels.'
+ format: date-time
+ type: string
+ id:
+ description: The ID of the access key.
+ example: 01619571f7020242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ readOnly: true
+ type: string
+ key:
+ description: The access key. The full key including the secret part is visible
+ in the response for create only
+ example: ak_2MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000
+ readOnly: true
+ type: string
+ last_used_at:
+ description: The time of the latest access key usage.
+ example: '2020-02-14T15:24:14Z'
+ format: date-time
+ readOnly: true
+ type: string
+ name:
+ description: The display name for the access key.
+ example: Access key warp
+ maxLength: 100
+ type: string
+ object:
+ description: 'Entity name: always ''access-key'''
+ enum:
+ - access-key
+ readOnly: true
+ type: string
+ status:
+ description: 'The status of the access key.
+
+ ACTIVE means that the access key is operational.
+
+ INACTIVE means that the access key is not operational and it prevents the
+ clients to use the REST API. Inactivating the access key does not invalidate
+ existing configurations meaning that subscribed events will continue to
+ flow on existing channels.
+
+ The EXPIRED status is not allowed to be set directly, it is derived from
+ the expiration attribute.'
+ enum:
+ - ACTIVE
+ - INACTIVE
+ - EXPIRED
+ example: ACTIVE
+ type: string
+ updated_at:
+ description: Last update UTC time RFC3339.
+ example: '2020-02-14T15:24:14Z'
+ format: date-time
+ readOnly: true
+ type: string
+ required:
+ - name
+ type: object
+ AccessKeyList:
+ properties:
+ after:
+ description: The entity ID to retrieve after the given one.
+ example: 01619571f3c00242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ type: string
+ data:
+ description: A list of entities.
+ items:
+ $ref: '#/definitions/AccessKey'
+ type: array
+ has_more:
+ description: Flag indicating whether there are more results.
+ example: false
+ type: boolean
+ limit:
+ description: The number of results to return, or equal to `total_count`.
+ example: 50
+ format: int32
+ type: integer
+ object:
+ description: 'Entity name: always `list`.'
+ enum:
+ - list
+ type: string
+ order:
+ description: 'The order of the records to return based on creation time. Available
+ values: ASC, DESC; by default ASC.'
+ enum:
+ - ASC
+ - DESC
+ type: string
+ total_count:
+ description: The total number of records, if requested.
+ example: 20
+ format: int32
+ type: integer
+ required:
+ - data
+ - has_more
+ - limit
+ - object
+ - total_count
+ type: object
AccountCreationReq:
description: Represents an account creation request.
properties:
@@ -39,7 +183,8 @@ definitions:
type: string
x-nullable: true
aliases:
- description: An array of aliases.
+ description: An array of aliases for the tenant account ID. The aliases must
+ be globally unique.
items:
pattern: '[\w\-._]{8,100}'
type: string
@@ -56,7 +201,8 @@ definitions:
type: string
x-nullable: true
company:
- description: The name of the company. Required for commercial accounts only.
+ description: The name of the company used in billing. Required for commercial
+ accounts only.
example: ARM Holdings Plc
maxLength: 100
type: string
@@ -88,7 +234,7 @@ definitions:
type: string
x-nullable: true
display_name:
- description: The display name for the account.
+ description: The display name for the tenant account.
example: ARM
maxLength: 100
type: string
@@ -125,7 +271,7 @@ definitions:
required:
- end_market
type: object
- AccountInfo:
+ AccountCreationResp:
description: Represents an account in requests and responses.
properties:
address_line1:
@@ -167,6 +313,11 @@ definitions:
example: ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000B40IkJADMANmAscAj0Ot0n2yeQnyt9tT
readOnly: true
type: string
+ x-deprecation:
+ comment: This field is deprecated, do not use it anymore.
+ end_of_life_at: '2021-09-01T00:00:00+00:00'
+ issued_at: '2020-09-01T00:00:00+00:00'
+ links: []
x-nullable: true
admin_name:
description: The username of the admin user created for this account. Present
@@ -182,7 +333,8 @@ definitions:
type: string
x-nullable: true
aliases:
- description: An array of aliases.
+ description: An array of aliases for the tenant account ID. The aliases must
+ be globally unique.
items:
pattern: '[\w\-._]{8,100}'
type: string
@@ -202,7 +354,7 @@ definitions:
type: string
x-nullable: true
company:
- description: The name of the company.
+ description: The name of the company used in billing.
example: ARM Holdings Plc
maxLength: 100
type: string
@@ -241,7 +393,7 @@ definitions:
type: string
x-nullable: true
display_name:
- description: The display name for the account.
+ description: The display name for the tenant account.
example: ARM
maxLength: 100
type: string
@@ -293,11 +445,10 @@ definitions:
limits:
additionalProperties:
type: string
- deprecated: true
- description: List of limits as key-value pairs if requested.
+ description: 'DEPRECATED: Replaced by the limitations parameter.'
type: object
x-deprecation:
- comment: Superseded by the limitations parameter.
+ comment: Replaced by the limitations parameter.
end_of_life_at: '2020-08-27T12:03:58+00:00'
issued_at: '2019-08-27T12:03:58+00:00'
x-nullable: true
@@ -407,6 +558,11 @@ definitions:
account, `2`: partner tier. Other values are reserved for the future.'
example: '1'
type: string
+ tier_history:
+ description: Tier history for this account.
+ items:
+ $ref: '#/definitions/TierHistory'
+ type: array
updated_at:
description: Last update UTC time RFC3339.
example: '2018-02-14T15:24:14Z'
@@ -417,88 +573,345 @@ definitions:
example: '2018-02-14T15:24:14Z'
format: date-time
type: string
- required:
- - end_market
- - etag
- - id
- - object
- - status
- - tier
type: object
- AccountInfoList:
+ AccountInfo:
+ description: Represents an account in requests and responses.
properties:
- after:
- description: The entity ID to fetch after the given one.
- example: 01619571f3c00242ac12000600000000
- pattern: '[a-f0-9]{32}'
+ address_line1:
+ description: Postal address line 1.
+ example: 110 Fulbourn Rd
+ maxLength: 100
type: string
- data:
- description: A list of entities.
+ x-nullable: true
+ address_line2:
+ description: Postal address line 2.
+ example: ' '
+ maxLength: 100
+ type: string
+ x-nullable: true
+ aliases:
+ description: An array of aliases for the tenant account ID. The aliases must
+ be globally unique.
items:
- $ref: '#/definitions/AccountInfo'
+ pattern: '[\w\-._]{8,100}'
+ type: string
+ maxItems: 10
type: array
- has_more:
- description: Flag indicating whether there are more results.
- example: false
- type: boolean
- limit:
- description: The number of results to return (2-1000), or equal to `total_count`.
- example: 50
- format: int32
- type: integer
- object:
- description: 'Entity name: always `list`.'
- enum:
- - list
+ business_model:
+ $ref: '#/definitions/BusinessModel'
+ business_model_history:
+ description: Business model history for this account.
+ items:
+ $ref: '#/definitions/BusinessModelHistory'
+ type: array
+ city:
+ description: The city part of the postal address.
+ example: Cambridge
+ maxLength: 100
type: string
- order:
- description: 'The order of the records to return based on creation time. Available
- values: ASC, DESC; by default ASC.'
- enum:
- - ASC
- - DESC
+ x-nullable: true
+ company:
+ description: The name of the company used in billing.
+ example: ARM Holdings Plc
+ maxLength: 100
type: string
- total_count:
- description: The total number of records, if requested.
- example: 20
- format: int32
- type: integer
- required:
- - data
- - has_more
- - limit
- - object
- - total_count
- type: object
- AccountLimitation:
- description: This object represents an account limitation.
- properties:
- billing_period:
- description: Billing period of the account limitation.
- format: int32
- type: integer
+ x-nullable: true
+ contact:
+ description: The name of the contact person for this account.
+ example: J. Doe
+ maxLength: 100
+ type: string
+ x-nullable: true
+ contract_number:
+ description: Contract number of the customer.
+ example: 1NX25_0001
+ type: string
+ x-nullable: true
+ country:
+ description: The country part of the postal address.
+ example: United Kingdom
+ maxLength: 100
+ type: string
+ x-nullable: true
created_at:
description: Creation UTC time RFC3339.
example: '2018-02-13T09:35:20Z'
format: date-time
type: string
- description:
- description: Description of the account limitation.
- readOnly: true
+ custom_fields:
+ additionalProperties:
+ type: string
+ description: Account's custom properties as key-value pairs.
+ type: object
+ x-nullable: true
+ customer_number:
+ description: Customer number of the customer.
+ example: 1NC25_0001
+ type: string
+ x-nullable: true
+ display_name:
+ description: The display name for the tenant account.
+ example: ARM
+ maxLength: 100
+ type: string
+ x-nullable: true
+ email:
+ description: The company email address for this account.
+ example: info@arm.com
+ pattern: ^(?=.{3,254}$).+\@.+
+ type: string
+ x-nullable: true
+ end_market:
+ description: Account end market.
+ example: IT
type: string
etag:
description: API resource entity version.
example: '1'
type: string
- id:
- description: Entity ID.
- example: 01619571d01d0242ac12000600000000
+ expiration:
+ description: Expiration time of the account, as UTC time RFC3339.
+ format: date-time
type: string
- inherited:
- description: Flag indicating whether this limitation is inherited.
- readOnly: true
- type: boolean
- inherited_from:
+ x-nullable: true
+ expiration_warning_threshold:
+ description: Indicates how many days (1-180) before account expiration a notification
+ email is sent.
+ example: '180'
+ maximum: 180
+ minimum: 1
+ type: integer
+ x-nullable: true
+ id:
+ description: Account ID.
+ example: 01619571e2e90242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ type: string
+ idle_timeout:
+ description: The reference token expiration time, in minutes, for this account.
+ example: '30'
+ maximum: 120
+ minimum: 1
+ type: integer
+ x-nullable: true
+ limitations:
+ description: List of account limitation objects.
+ items:
+ $ref: '#/definitions/AccountLimitation'
+ type: array
+ limits:
+ additionalProperties:
+ type: string
+ description: 'DEPRECATED: Replaced by the limitations parameter.'
+ type: object
+ x-deprecation:
+ comment: Replaced by the limitations parameter.
+ end_of_life_at: '2020-08-27T12:03:58+00:00'
+ issued_at: '2019-08-27T12:03:58+00:00'
+ x-nullable: true
+ mfa_status:
+ description: The enforcement status of multi-factor authentication, either
+ `enforced` or `optional`.
+ enum:
+ - enforced
+ - optional
+ type: string
+ x-nullable: true
+ notification_emails:
+ description: A list of notification email addresses.
+ items:
+ pattern: ^(?=.{3,254}$).+\@.+
+ type: string
+ type: array
+ x-nullable: true
+ object:
+ description: 'Entity name: always `account`.'
+ enum:
+ - account
+ type: string
+ parent_account:
+ $ref: '#/definitions/ParentAccountInfo'
+ description: Contact details of the parent account.
+ x-nullable: true
+ parent_id:
+ description: The ID of the parent account, if any.
+ example: 01619571dad80242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ type: string
+ x-nullable: true
+ password_policy:
+ $ref: '#/definitions/PasswordPolicy'
+ description: The password policy for this account.
+ x-nullable: true
+ password_recovery_expiration:
+ description: Indicates for how many minutes a password recovery email is valid.
+ format: int32
+ maximum: 45
+ minimum: 1
+ type: integer
+ phone_number:
+ description: The phone number of a company representative.
+ example: +44 (1223) 400 400
+ maxLength: 100
+ type: string
+ x-nullable: true
+ policies:
+ description: List of policies if requested.
+ items:
+ $ref: '#/definitions/FeaturePolicy'
+ type: array
+ x-nullable: true
+ postal_code:
+ description: The postal code part of the postal address.
+ example: CB1 9NJ
+ maxLength: 100
+ type: string
+ x-nullable: true
+ reason:
+ description: A note with the reason for account status update.
+ example: Subscription paid.
+ type: string
+ x-nullable: true
+ reference_note:
+ description: A reference note for updating the status of the account.
+ example: ARM-INT-0001
+ type: string
+ x-nullable: true
+ sales_contact:
+ description: Email address of the sales contact.
+ example: sales@arm.com
+ pattern: ^(?=.{3,254}$).+\@.+
+ type: string
+ x-nullable: true
+ state:
+ description: The state part of the postal address.
+ example: ' '
+ maxLength: 100
+ type: string
+ x-nullable: true
+ status:
+ description: The status of the account.
+ enum:
+ - ENROLLING
+ - ACTIVE
+ - RESTRICTED
+ - SUSPENDED
+ example: ACTIVE
+ type: string
+ sub_accounts:
+ description: List of sub accounts. Not available for developer users.
+ items:
+ $ref: '#/definitions/AccountInfo'
+ type: array
+ x-nullable: true
+ template_id:
+ description: Account template ID.
+ example: 01619571e7160242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ type: string
+ x-nullable: true
+ tier:
+ description: 'The tier level of the account; `0`: free tier, `1`: commercial
+ account, `2`: partner tier. Other values are reserved for the future.'
+ example: '1'
+ type: string
+ tier_history:
+ description: Tier history for this account.
+ items:
+ $ref: '#/definitions/TierHistory'
+ type: array
+ updated_at:
+ description: Last update UTC time RFC3339.
+ example: '2018-02-14T15:24:14Z'
+ format: date-time
+ type: string
+ upgraded_at:
+ description: Time when upgraded to commercial account in UTC format RFC3339.
+ example: '2018-02-14T15:24:14Z'
+ format: date-time
+ type: string
+ required:
+ - end_market
+ - etag
+ - id
+ - object
+ - status
+ - tier
+ type: object
+ AccountInfoList:
+ properties:
+ after:
+ description: The entity ID to retrieve after the given one.
+ example: 01619571f3c00242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ type: string
+ data:
+ description: A list of entities.
+ items:
+ $ref: '#/definitions/AccountInfo'
+ type: array
+ has_more:
+ description: Flag indicating whether there are more results.
+ example: false
+ type: boolean
+ limit:
+ description: The number of results to return (2-1000), or equal to `total_count`.
+ example: 50
+ format: int32
+ type: integer
+ object:
+ description: 'Entity name: always `list`.'
+ enum:
+ - list
+ type: string
+ order:
+ description: 'The order of the records to return based on creation time. Available
+ values: ASC, DESC; by default ASC.'
+ enum:
+ - ASC
+ - DESC
+ type: string
+ total_count:
+ description: The total number of records, if requested.
+ example: 20
+ format: int32
+ type: integer
+ required:
+ - data
+ - has_more
+ - limit
+ - object
+ - total_count
+ type: object
+ AccountLimitation:
+ description: This object represents an account limitation.
+ properties:
+ billing_period:
+ description: Billing period of the account limitation.
+ format: int32
+ type: integer
+ created_at:
+ description: Creation UTC time RFC3339.
+ example: '2018-02-13T09:35:20Z'
+ format: date-time
+ type: string
+ description:
+ description: Description of the account limitation.
+ readOnly: true
+ type: string
+ etag:
+ description: API resource entity version.
+ example: '1'
+ type: string
+ id:
+ description: Entity ID.
+ example: 01619571d01d0242ac12000600000000
+ type: string
+ inherited:
+ description: Flag indicating whether this limitation is inherited.
+ readOnly: true
+ type: boolean
+ inherited_from:
description: Indicates where this limit is inherited from.
readOnly: true
type: string
@@ -549,7 +962,7 @@ definitions:
AccountLimitationList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
type: string
data:
@@ -592,28 +1005,116 @@ definitions:
- object
- total_count
type: object
- AccountUpdateReq:
- description: Represents an account creation request.
+ AccountResponse:
+ description: This object represents an account in responses.
properties:
- address_line1:
- description: Postal address line 1. Required for commercial accounts only.
- example: 110 Fulbourn Rd
- maxLength: 100
+ alias:
+ description: Alias of the account.
+ example: cust-314159
+ readOnly: true
type: string
- x-nullable: true
- address_line2:
- description: Postal address line 2.
- example: ' '
- maxLength: 100
+ display_name:
+ description: The display name for the account.
+ example: Customer 3.14159
+ readOnly: true
type: string
- x-nullable: true
- aliases:
- description: An array of aliases.
- items:
- pattern: '[\w\-._]{8,100}'
- type: string
- maxItems: 10
- type: array
+ id:
+ description: The UUID of the account.
+ example: 01619571e2e90242ac12000600000000
+ readOnly: true
+ type: string
+ login_profiles:
+ description: A list of login profiles for the user in the account.
+ items:
+ $ref: '#/definitions/LoginProfile'
+ type: array
+ x-nullable: true
+ parent_id:
+ description: The UUID of the parent account, if it has any.
+ example: 01619571f3c00242ac12000600000000
+ readOnly: true
+ type: string
+ status:
+ description: The status of the account.
+ enum:
+ - ENROLLING
+ - ACTIVE
+ - RESTRICTED
+ - SUSPENDED
+ example: ACTIVE
+ readOnly: true
+ type: string
+ type: object
+ AccountResponseList:
+ properties:
+ after:
+ description: The entity ID to fetch after the given one.
+ example: 01619571f3c00242ac12000600000000
+ readOnly: true
+ type: string
+ data:
+ description: A list of entities.
+ items:
+ $ref: '#/definitions/AccountResponse'
+ readOnly: true
+ type: array
+ has_more:
+ description: Flag indicating whether there is more results.
+ example: false
+ readOnly: true
+ type: boolean
+ limit:
+ description: 'The number of results to return, (range: 2-1000), or equals
+ to `total_count`'
+ example: 50
+ format: int32
+ readOnly: true
+ type: integer
+ object:
+ description: 'Entity name: always ''list'''
+ enum:
+ - list
+ readOnly: true
+ type: string
+ order:
+ description: 'The order of the records to return based on creation time. Available
+ values: ASC, DESC; by default ASC.'
+ enum:
+ - ASC
+ - DESC
+ readOnly: true
+ type: string
+ total_count:
+ description: The total number or records, if requested. It might be returned
+ also for small lists.
+ example: 5
+ format: int32
+ readOnly: true
+ type: integer
+ type: object
+ AccountUpdateReq:
+ description: Represents an account creation request.
+ properties:
+ address_line1:
+ description: Postal address line 1. Required for commercial accounts only.
+ example: 110 Fulbourn Rd
+ maxLength: 100
+ type: string
+ x-nullable: true
+ address_line2:
+ description: Postal address line 2.
+ example: ' '
+ maxLength: 100
+ type: string
+ x-nullable: true
+ aliases:
+ description: An array of aliases for the tenant account ID. The aliases must
+ be globally unique.
+ items:
+ pattern: '[\w\-._]{8,100}'
+ type: string
+ maxItems: 10
+ type: array
x-nullable: true
city:
description: The city part of the postal address. Required for commercial
@@ -623,7 +1124,8 @@ definitions:
type: string
x-nullable: true
company:
- description: The name of the company. Required for commercial accounts only.
+ description: The name of the company used in billing. Required for commercial
+ accounts only.
example: ARM Holdings Plc
maxLength: 100
type: string
@@ -650,7 +1152,7 @@ definitions:
type: object
x-nullable: true
display_name:
- description: The display name for the account.
+ description: The display name for the tenant account.
example: ARM
maxLength: 100
type: string
@@ -742,7 +1244,8 @@ definitions:
type: string
x-nullable: true
aliases:
- description: An array of aliases.
+ description: An array of aliases for the tenant account ID. The aliases must
+ be globally unique.
items:
pattern: '[\w\-._]{8,100}'
type: string
@@ -759,7 +1262,8 @@ definitions:
type: string
x-nullable: true
company:
- description: The name of the company. Required for commercial accounts only.
+ description: The name of the company used in billing. Required for commercial
+ accounts only.
example: ARM Holdings Plc
maxLength: 100
type: string
@@ -772,7 +1276,8 @@ definitions:
type: string
x-nullable: true
contract_number:
- description: Contract number of the customer.
+ description: Contract number of the customer. An administrator can set this
+ property on tenant accounts only.
type: string
x-nullable: true
country:
@@ -790,11 +1295,12 @@ definitions:
type: object
x-nullable: true
customer_number:
- description: Customer number of the customer.
+ description: Customer number of the customer. An administrator can set this
+ property on tenant accounts only.
type: string
x-nullable: true
display_name:
- description: The display name for the account.
+ description: The display name for the tenant account.
example: ARM
maxLength: 100
type: string
@@ -877,6 +1383,13 @@ definitions:
type: string
x-nullable: true
type: object
+ ActiveDevicesCounter:
+ description: Active device count is the total number of unique active devices
+ connected to Device Management. A device is considered active when it has registered
+ at least once over a billing period.
+ format: int64
+ minimum: 0
+ type: integer
ActiveServicePackage:
description: An active service package.
properties:
@@ -998,6 +1511,7 @@ definitions:
- package_renewal
- package_creation
- package_termination
+ - package_tokens_edit
type: string
required:
- account_id
@@ -1016,7 +1530,9 @@ definitions:
description: Represents an API key in requests towards Device Management.
properties:
groups:
- description: A list of group IDs this API key belongs to.
+ description: 'A list of group IDs this API key belongs to.
+
+ Adding an API key to the ''Administrators'' group is restricted to administrators.'
items:
type: string
type: array
@@ -1025,10 +1541,12 @@ definitions:
maxLength: 100
type: string
owner:
- description: The owner of this API key.
+ description: The owner of this API key. Only an administrator can set the
+ owner of an API key.
type: string
status:
- description: The status of the API key.
+ description: The status of the API key. Only an administrator can set the
+ status of an API key.
enum:
- ACTIVE
- INACTIVE
@@ -1114,7 +1632,7 @@ definitions:
ApiKeyInfoRespList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -1160,7 +1678,8 @@ definitions:
description: Represents an API key in requests towards Device Management.
properties:
groups:
- description: A list of group IDs this API key belongs to.
+ description: A list of group IDs this API key belongs to. Only an administrator
+ can update the group membership of an API key.
items:
type: string
type: array
@@ -1169,17 +1688,170 @@ definitions:
maxLength: 100
type: string
owner:
- description: The owner of this API key.
+ description: The owner of this API key. Only an administrator can update the
+ owner of an API key.
type: string
status:
- description: The status of the API key.
+ description: The status of the API key. Only the owner of the API key or an
+ administrator can update the status of an API key.
+ enum:
+ - ACTIVE
+ - INACTIVE
+ type: string
+ type: object
+ Application:
+ description: Represents an application in Device Management.
+ properties:
+ account_id:
+ description: The ID of the account.
+ example: 01619571e2e90242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ readOnly: true
+ type: string
+ created_at:
+ description: Creation UTC time RFC3339.
+ example: '2020-02-18T09:16:40Z'
+ format: date-time
+ readOnly: true
+ type: string
+ description:
+ description: The description of the application.
+ example: Application to control the warp drive
+ maxLength: 500
+ type: string
+ etag:
+ description: API resource entity version.
+ example: '1'
+ readOnly: true
+ type: string
+ groups:
+ description: A list of group IDs this application belongs to.
+ items:
+ example: 01705c6383f6c85b76f92f4e00000000
+ type: string
+ type: array
+ id:
+ description: The ID of the application.
+ example: 01619571f7020242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ readOnly: true
+ type: string
+ last_used_at:
+ description: The time of the latest application usage.
+ example: '2020-02-14T15:24:14Z'
+ format: date-time
+ readOnly: true
+ type: string
+ name:
+ description: The display name for the application.
+ example: Application warp
+ maxLength: 100
+ type: string
+ object:
+ description: 'Entity name: always ''application'''
+ enum:
+ - application
+ readOnly: true
+ type: string
+ status:
+ description: The status of the application. When admin sets the application
+ as inactive all related data and configurations are cleared from the system.
+ If application is activated again, client must open new channels and set
+ new subscriptions to start receiving events again.
enum:
- ACTIVE
- INACTIVE
+ example: ACTIVE
+ type: string
+ updated_at:
+ description: Last update UTC time RFC3339.
+ example: '2020-02-19T11:54:32Z'
+ format: date-time
+ readOnly: true
type: string
required:
- name
type: object
+ ApplicationList:
+ properties:
+ after:
+ description: The entity ID to retrieve after the given one.
+ example: 01619571f3c00242ac12000600000000
+ pattern: '[a-f0-9]{32}'
+ type: string
+ data:
+ description: A list of entities.
+ items:
+ $ref: '#/definitions/Application'
+ type: array
+ has_more:
+ description: Flag indicating whether there are more results.
+ example: false
+ type: boolean
+ limit:
+ description: The number of results to return, or equal to `total_count`.
+ example: 50
+ format: int32
+ type: integer
+ object:
+ description: 'Entity name: always `list`.'
+ enum:
+ - list
+ type: string
+ order:
+ description: 'The order of the records to return based on creation time. Available
+ values: ASC, DESC; by default ASC.'
+ enum:
+ - ASC
+ - DESC
+ type: string
+ total_count:
+ description: The total number of records, if requested.
+ example: 20
+ format: int32
+ type: integer
+ required:
+ - data
+ - has_more
+ - limit
+ - object
+ - total_count
+ type: object
+ ArchiveInfoResponse:
+ description: This object represents the response for the archive info request.
+ properties:
+ download_size_bytes:
+ description: The size of the archive file in bytes.
+ example: 2402668
+ type: integer
+ download_url:
+ description: URL to download the Factory Configurator Utility archive.
+ example: https://api.us-east-1.mbedcloud.com/downloads/fcu/factory_configurator_utility.zip
+ type: string
+ license_type:
+ description: The license agreement type required for downloading Factory Configurator
+ Utility.
+ example: fcu
+ type: string
+ license_version:
+ description: The license agreement version required for downloading Factory
+ Configurator Utility.
+ example: '1.0'
+ type: string
+ release_notes_url:
+ description: URL to the Factory Configurator Utility release notes.
+ example: https://api.us-east-1.mbedcloud.com/downloads/fcu/release_notes
+ type: string
+ version:
+ description: The Factory Configurator Utility version.
+ example: 1.2.9.500
+ type: string
+ required:
+ - download_size_bytes
+ - version
+ - download_url
+ - release_notes_url
+ type: object
AsyncID:
properties:
async-response-id:
@@ -1217,29 +1889,40 @@ definitions:
description: "\nStates whether sending a command to the device succeeded or\
\ failed.\n\n\n \n \n | Code | \n Description | \n\
\
\n \n \n \n | 200 | \n\
- \ Operation succeeded. The playload contains result of the operation\
- \ from the device. | \n
\n \n | 404 | \n\
- \ Endpoint does not have requested resource. | \n
\n\
- \ \n | 412 | \n Precondition failed and\
- \ operation was not executed. Device responded with 4.12 CoAP response code. | \n\
- \
\n \n | 413 | \n Request entity\
- \ is too large and could not be delivered to the device. | \n
\n\
- \ \n | 415 | \n Endpoint does not support\
- \ media type. | \n
\n \n | 429 | \n \
- \ Expired request was removed from queue (REQUEST_EXPIRED), device\
- \ requested deregistration (DEVICE_REMOVED_REGISTRATION), or device was\
- \ suspended (DEVICE_BLOCKED). | \n
\n \n | 502 | \n\
- \ Request to the device failed and retry count exceeded. Last retry\
- \ failed to establish TCP or TLS connection to endpoint. | \n
\n\
- \ \n | 503 | \n Request to the device failed\
- \ and retry count exceeded. Last retry failed because endpoint is currently\
- \ unavailable (NOT_CONNECTED). | \n
\n \n | 504 | \n\
- \ Request to the device failed and retry count exceeded. Last retry\
- \ failed, as device did not respond in the time of protocol-specific retransmission\
- \ logic (TIMEOUT). | \n
\n \n
\n"
+ \ Operation succeeded. The payload contains result of the operation\
+ \ from the device. | \n \n \n | 400 | \n\
+ \ The device rejected the request, possibly because it does not\
+ \ support the request method.\n See how the supported methods are\n\
+ \ [configured for the device resources](https://www.pelion.com/docs/device-management/current/resources/index.html). | \n\
+ \
\n \n | 404 | \n The device replied\
+ \ that it does not have the requested resource. | \n
\n \n\
+ \ | 412 | \n Precondition failed and the operation\
+ \ was not executed. The device responded with 4.12 CoAP\n response\
+ \ code. The device may reject a subscription request with this response\
+ \ code. | \n
\n \n | 413 | \n Request\
+ \ entity is too large and could not be delivered to the device. | \n \
+ \
\n \n | 415 | \n The device does\
+ \ not support the media type in the request. | \n
\n \n\
+ \ | 429 | \n An expired request was removed from\
+ \ queue (REQUEST_EXPIRED),\n the device requested deregistration (DEVICE_REMOVED_REGISTRATION),\n\
+ \ or the device was suspended (DEVICE_BLOCKED). The request was never\
+ \ delivered to the device. | \n
\n \n | 502 | \n\
+ \ The request to the device failed and the retry count was exceeded.\n\
+ \ The last retry failed to establish TCP or TLS connection to the device. | \n\
+ \
\n \n | 503 | \n The request to\
+ \ the device failed and the retry count was exceeded.\n The last retry\
+ \ failed because the device is currently unavailable (NOT_CONNECTED). | \n\
+ \
\n \n | 504 | \n The request to\
+ \ the device failed and the retry count was exceeded.\n The last retry\
+ \ failed because the device did not respond in time according to the protocol-specific\n\
+ \ retransmission logic (TIMEOUT). | \n
\n \n\n"
example: 200
type: integer
type: object
+ AudienceItem:
+ description: Audience item, device ID or endpoint name.
+ pattern: ^ep:[a-zA-Z0-9 -]{1,57}$|^id:[0-9a-fA-F]{32}$
+ type: string
BadRequestErrorResponse:
description: 400 Bad request response.
properties:
@@ -1308,43 +1991,17 @@ definitions:
- url
- filename
type: object
- BlackListedDeviceData:
- properties:
- account_id:
- description: account id
- example: 00005a4e027f0a580a01081c00000000
- pattern: '[a-f0-9]{32}'
- type: string
- created_at:
- description: date on which the failed bootstrap was attempted on
- example: '2000-01-23T04:56:07.000+00:00'
- format: date-time
- type: string
- endpoint_name:
- description: endpoint name
- example: Endpoint_1234
- type: string
- id:
- description: id of the recorded failed bootstrap attempt
- example: 00005a4e027f0a580a04567c00000000
- pattern: '[a-f0-9]{32}'
- type: string
- object:
- enum:
- - denied_device
- type: string
- trusted_certificate_id:
- description: Trusted certificate id
- example: 00005a4e027f0a580a01081c00000000
- pattern: '[a-f0-9]{32}'
- type: string
- required:
- - id
- - account_id
- - endpoint_name
- - trusted_certificate_id
- - created_at
- - object
+ BootstrapRequestsCounter:
+ description: The number of bootstrap requests received from devices.
+ format: int64
+ minimum: 0
+ type: integer
+ BootstrapsCounter:
+ description: The total number of successful bootstrap operations in the requested
+ time.
+ format: int64
+ minimum: 0
+ type: integer
BrandingColor:
properties:
color:
@@ -1360,7 +2017,7 @@ definitions:
type: string
reference:
description: Color name.
- enum: &id020
+ enum: &id001
- error_color
- primary
- secondary
@@ -1388,7 +2045,7 @@ definitions:
BrandingColorList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -1430,6 +2087,20 @@ definitions:
- object
- total_count
type: object
+ BrandingColorUpdate:
+ properties:
+ color:
+ description: The color given as name (purple) or as a hex code.
+ example: '#f3f93e'
+ type: string
+ x-nullable: true
+ reference:
+ description: Color name.
+ enum: *id001
+ type: string
+ required:
+ - reference
+ type: object
BrandingImage:
properties:
object:
@@ -1440,7 +2111,7 @@ definitions:
type: string
reference:
description: Name of the image.
- enum: &id021
+ enum: &id026
- brand_logo_portrait
- brand_logo_square
- brand_logo_landscape
@@ -1495,7 +2166,7 @@ definitions:
BrandingImageList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -1563,6 +2234,7 @@ definitions:
Null when creating bulk upload or delete.'
example: https://api.us-east-1.mbedcloud.com/v3/device-enrollments-bulk-uploads/2d238a89038b4ddb84699dd36a901063/errors_report.csv
type: string
+ x-nullable: true
etag:
description: etag
example: '1'
@@ -1574,6 +2246,7 @@ definitions:
Null when creating bulk upload or delete.'
example: https://api.us-east-1.mbedcloud.com/v3/device-enrollments-bulk-uploads/2d238a89038b4ddb84699dd36a901063/full_report.csv
type: string
+ x-nullable: true
id:
description: Bulk ID
pattern: ^[A-Za-z0-9]{32}
@@ -1639,7 +2312,7 @@ definitions:
description: The device's campaign ID.
example: 015bf72fccda00000000000100100280
type: string
- created_at: &id013
+ created_at: &id014
description: The time the entity was created.
example: '2017-05-22T12:37:55.576563Z'
format: date-time
@@ -1663,13 +2336,14 @@ definitions:
description: The device ID.
example: 015c2fec9bba0000000000010010036f
type: string
- etag: &id014
+ etag: &id015
description: API resource entity version.
example: '2017-05-22T12:37:58.753425Z'
type: string
id:
description: The metadata record ID.
example: 015c3029f6f7000000000001001000c3
+ pattern: '[A-Fa-f0-9]{32}'
type: string
mechanism:
description: How the firmware is delivered (connector or direct).
@@ -1685,8 +2359,9 @@ definitions:
type: string
object:
description: 'The entity name: always ''update-campaign-device-metadata''.'
+ example: update-campaign-device-metadata
type: string
- updated_at: &id015
+ updated_at: &id016
description: The time the entity was updated.
example: '2017-05-22T12:37:55.576563Z'
format: date-time
@@ -1717,6 +2392,7 @@ definitions:
type: integer
object:
description: 'The entity name: always ''list''.'
+ example: list
type: string
order:
description: 'The order of the records to return. Acceptable values: ASC,
@@ -1746,6 +2422,7 @@ definitions:
type: integer
object:
description: 'Entity name: always ''update-campaign-metrics''.'
+ example: update-campaign-metrics
type: string
pending_count:
description: Running total of devices that have yet to receive an update or
@@ -1886,7 +2563,7 @@ definitions:
type: object
CertificateIssuerConfigListResponse:
properties:
- after: &id001
+ after: &id002
description: An offset token for current page.
example: '01631667477600000000000100100374'
type: string
@@ -1895,27 +2572,26 @@ definitions:
items:
$ref: '#/definitions/CertificateIssuerConfigResponse'
type: array
- has_more: &id002
- description: Are there more results available.
+ has_more: &id003
+ description: More results are available.
example: false
type: boolean
- limit: &id003
- description: How many objects to retrieve in the page. The minimum limit is
- 2 and the maximum is 1000. Limit values outside of this range are set to
- the closest limit.
+ limit: &id004
+ description: The number of results to return (2-1000). Values outside of this
+ range are set to the closest limit.
example: 50
maximum: 1000
minimum: 2
type: integer
- object: &id004
- description: The type of this API object is a `list`.
+ object: &id005
+ description: The type of this API object is `list`.
example: list
type: string
- order: &id005
- description: The creation time based order of the entries.
+ order: &id006
+ description: Record order based on creation time.
example: DESC
type: string
- total_count: &id006
+ total_count: &id007
example: 1
format: integer
type: integer
@@ -1934,11 +2610,9 @@ definitions:
CertificateIssuerConfigResponse:
properties:
certificate_issuer_id:
- description: 'The ID of the certificate issuer.
-
- Null if Device Management internal HSM is used.
+ description: 'Certificate issuer ID.
- '
+ Null if Device Management internal HSM is used.'
example: 01648415a2a30242ac18000500000000
type: string
x-nullable: true
@@ -1952,9 +2626,7 @@ definitions:
example: '1'
type: string
id:
- description: 'The ID of the certificate issuer configuration.
-
- '
+ description: Certificate issuer ID. configuration.
example: 01648415a2a30242ac18000500000000
type: string
is_custom:
@@ -1993,27 +2665,24 @@ definitions:
example: '1'
type: string
id:
- description: The ID of the certificate issuer.
+ description: Certificate issuer ID.
example: 01234567890ABCDEF01234567890ABCDEF
type: string
issuer_attributes:
- additionalProperties: &id007
+ additionalProperties: &id008
type: string
description: 'General attributes for connecting the certificate issuer.
- When the issuer_type is GLOBAL_SIGN, the value shall be empty.
-
- When the issuer_type is CFSSL_AUTH, see definition of CfsslAttributes.
+ When the issuer_type is GLOBAL_SIGN, the value is empty.
- '
- example: &id008 {}
+ When the issuer_type is CFSSL_AUTH, see definition of CfsslAttributes.'
+ example: &id009 {}
type: object
issuer_type:
- description: "The type of the certificate issuer.\n- GLOBAL_SIGN:\n Certificates\
- \ are issued by GlobalSign service. The users must provide their own GlobalSign\
- \ account credentials.\n- CFSSL_AUTH:\n Certificates are issued by CFSSL\
- \ authenticated signing service.\n The users must provide their own CFSSL\
- \ host_url and credentials.\n"
+ description: "Certificate issuer type.\n- GLOBAL_SIGN:\n Certificates are\
+ \ issued by GlobalSign service. You must provide your own GlobalSign account\
+ \ credentials.\n- CFSSL_AUTH:\n Certificates are issued by CFSSL authenticated\
+ \ signing service.\n You must provide your own CFSSL host_url and credentials."
enum:
- GLOBAL_SIGN
- CFSSL_AUTH
@@ -2033,17 +2702,17 @@ definitions:
type: object
CertificateIssuerInfoListResponse:
properties:
- after: *id001
+ after: *id002
data:
description: List of certificate issuers.
items:
$ref: '#/definitions/CertificateIssuerInfo'
type: array
- has_more: *id002
- limit: *id003
- object: *id004
- order: *id005
- total_count: *id006
+ has_more: *id003
+ limit: *id004
+ object: *id005
+ order: *id006
+ total_count: *id007
type: object
CertificateIssuerRequest:
example:
@@ -2069,34 +2738,29 @@ definitions:
type: string
x-nullable: true
issuer_attributes:
- additionalProperties: *id007
+ additionalProperties: *id008
description: 'General attributes for connecting the certificate issuer.
- When the issuer_type is GLOBAL_SIGN, the value shall be empty.
-
- When the issuer_type is CFSSL_AUTH, see definition of CfsslAttributes.
+ When the issuer_type is GLOBAL_SIGN, the value is empty.
- '
- example: *id008
+ When the issuer_type is CFSSL_AUTH, see definition of CfsslAttributes.'
+ example: *id009
type: object
issuer_credentials:
- additionalProperties: &id009
+ additionalProperties: &id010
type: string
- description: 'The credentials required for connecting to the certificate issuer.
+ description: 'The credentials required to connect to the certificate issuer.
When the issuer_type is GLOBAL_SIGN, see definition of GlobalSignCredentials.
- When the issuer_type is CFSSL_AUTH, see definition of CfsslAuthCredentials.
-
- '
- example: &id010 {}
+ When the issuer_type is CFSSL_AUTH, see definition of CfsslAuthCredentials.'
+ example: &id011 {}
type: object
issuer_type:
- description: "The type of the certificate issuer.\n- GLOBAL_SIGN:\n Certificates\
- \ are issued by GlobalSign service. The users must provide their own GlobalSign\
- \ account credentials.\n- CFSSL_AUTH:\n Certificates are issued by CFSSL\
- \ authenticated signing service.\n The users must provide their own CFSSL\
- \ host_url and credentials.\n"
+ description: "Certificate issuer type.\n- GLOBAL_SIGN:\n Certificates are\
+ \ issued by GlobalSign service. You must provide your own GlobalSign account\
+ \ credentials.\n- CFSSL_AUTH:\n Certificates are issued by CFSSL authenticated\
+ \ signing service.\n You must provide your own CFSSL host_url and credentials."
enum:
- GLOBAL_SIGN
- CFSSL_AUTH
@@ -2121,26 +2785,22 @@ definitions:
type: string
x-nullable: true
issuer_attributes:
- additionalProperties: *id007
+ additionalProperties: *id008
description: 'General attributes for connecting the certificate issuer.
- When the issuer_type is GLOBAL_SIGN, the value shall be empty.
-
- When the issuer_type is CFSSL_AUTH, see definition of CfsslAttributes.
+ When the issuer_type is GLOBAL_SIGN, the value is empty.
- '
- example: *id008
+ When the issuer_type is CFSSL_AUTH, see definition of CfsslAttributes.'
+ example: *id009
type: object
issuer_credentials:
- additionalProperties: *id009
- description: 'The credentials required for connecting to the certificate issuer.
+ additionalProperties: *id010
+ description: 'The credentials required to connect to the certificate issuer.
When the issuer_type is GLOBAL_SIGN, see definition of GlobalSignCredentials.
- When the issuer_type is CFSSL_AUTH, see definition of CfsslAuthCredentials.
-
- '
- example: *id010
+ When the issuer_type is CFSSL_AUTH, see definition of CfsslAuthCredentials.'
+ example: *id011
type: object
name:
description: Certificate issuer name.
@@ -2150,55 +2810,40 @@ definitions:
CertificateIssuerVerifyResponse:
properties:
message:
- description: 'Provides details in case of failure.
-
- '
- example: message describing the verification failure
+ description: Provides details in case of failure.
+ example: Message describing the verification failure
type: string
successful:
- description: 'Indicates whether the certificate issuer was verified successfully.
-
- '
+ description: Indicates whether the certificate issuer was verified successfully.
example: false
type: boolean
type: object
CfsslAttributes:
- description: 'Describes the attributes required to connect to the CFSSL server.
-
- '
+ description: Describes the attributes required to connect to the CFSSL server.
properties:
cfssl_label:
- description: 'The label that is used by CFSSL when creating the certificate.
-
- '
+ description: The label that is used by CFSSL when creating the certificate.
type: string
cfssl_profile:
- description: 'The profile that is configured on the CFSSL server and is used
- by CFSSL when creating the certificate.
-
- '
+ description: The profile that is configured on the CFSSL server and used by
+ CFSSL when creating the certificate.
type: string
host_url:
- description: 'The URL to connect to the CFSSL server.
-
- '
+ description: The URL to connect to the CFSSL server.
+ example: http://my.cfssl.service:5555
type: string
required:
- host_url
type: object
CfsslAuthCredentials:
- description: 'Describes the credentials required when using CFSSL authenticated
+ description: Describes the credentials required when using CFSSL authenticated
signing.
-
- '
properties:
hmac_hex_key:
description: 'The key that is used to compute the HMAC of the request using
the HMAC-SHA-256 algorithm.
- Must contain an even number of hexadecimal characters.
-
- '
+ Must contain an even number of hexadecimal characters.'
example: 0010203ABCD708EF
maxLength: 64
pattern: ^([a-fA-F0-9][a-fA-F0-9]){1,32}$
@@ -2220,9 +2865,7 @@ definitions:
CreateCertificateIssuerConfig:
properties:
certificate_issuer_id:
- description: 'The ID of the certificate issuer.
-
- '
+ description: Certificate issuer ID.
example: 01648415a2a30242ac18000500000000
maxLength: 32
type: string
@@ -2231,9 +2874,7 @@ definitions:
description: 'The certificate name, as created in the factory, to which the
certificate issuer configuration applies.
- The following names are reserved and cannot be configured: LwM2M, BOOTSTRAP.
-
- '
+ The following names are reserved and cannot be configured: LwM2M, BOOTSTRAP.'
example: customer.dlms
maxLength: 100
pattern: (?!mbed\.)[\w-_.]{1,100}
@@ -2242,6 +2883,64 @@ definitions:
- reference
- certificate_issuer_id
type: object
+ CreateTrustAnchorRequest:
+ properties:
+ description:
+ description: The description of the new trust anchor key pair.
+ format: Free text
+ maxLength: 256
+ minLength: 1
+ type: string
+ required:
+ - description
+ type: object
+ CreateTrustAnchorResponse:
+ properties:
+ created_at: &id017
+ description: Creation UTC time.
+ example: '2017-01-01T00:00:00Z'
+ format: date-time
+ type: string
+ description:
+ description: Notes about the trust anchor.
+ format: free text
+ maxLength: 256
+ minLength: 1
+ type: string
+ etag: &id018
+ description: Entity instance signature, 1 or Unix timestamp of last customer
+ update.
+ example: '1'
+ type: string
+ fingerprint:
+ description: The SHA256 of the trust anchor public key; the prefix 'mbed.ta.'
+ followed by the trust anchor public key as a SHA256 hash in Base64-encoded
+ DER format.
+ format: byte
+ type: string
+ id: &id019
+ description: The ID of the entity.
+ example: 01612df56f3b0a580a010fc700000000
+ pattern: '[A-Fa-f0-9]{32}'
+ type: string
+ object: &id020
+ description: The API resource entity
+ example: trust-anchor
+ type: string
+ public_key:
+ description: The generated trust anchor public key in PEM format.
+ format: byte
+ type: string
+ public_key_der:
+ description: The generated trust anchor public key in Base64-encoded DER format.
+ format: byte
+ type: string
+ updated_at: &id021
+ description: Update UTC time.
+ example: '2017-01-01T00:00:00Z'
+ format: date-time
+ type: string
+ type: object
CredentialsResponseData:
properties:
certificate:
@@ -2252,57 +2951,17 @@ definitions:
description: Server URI that the client connects to.
type: string
type: object
- DenialAttemptsResponse:
- properties:
- after:
- description: An offset token for current page.
- type: string
- data:
- items:
- $ref: '#/definitions/BlackListedDeviceData'
- type: array
- has_more:
- description: Are there more results available.
- example: false
- type: boolean
- limit:
- description: How many objects to retrieve in the page. The minimum limit is
- 2 and the maximum is 1000. Limit values outside of this range are set to
- the closest limit.
- example: 50
- maximum: 1000
- minimum: 2
- type: integer
- object:
- description: The type of this API object is a "list".
- example: list
- type: string
- order:
- description: The creation time based order of the entries.
- enum:
- - ASC
- - DESC
- example: DESC
- type: string
- total_count:
- example: 1
- format: integer
- type: integer
- required:
- - object
- - data
- type: object
DeveloperCertificateRequestData:
properties:
description:
description: Description for the developer certificate. Maximum 500 characters.
- Please see [TrustedCertificateReq](../current/api-references/account-management-api.html#trustedcertificatereq).
+ Please see [TrustedCertificateReq](https://www.pelion.com/docs/device-management-api/account-management/).
maxLength: 500
type: string
x-nullable: true
name:
description: Name of the developer certificate. Must be unique. Maximum 100
- characters. Please see [TrustedCertificateReq](../current/api-references/account-management-api.html#trustedcertificatereq).
+ characters. Please see [TrustedCertificateReq](https://www.pelion.com/docs/device-management-api/account-management/).
maxLength: 100
type: string
required:
@@ -2418,6 +3077,17 @@ definitions:
example: '00000000000000000000000000000000'
maxLength: 500
type: string
+ component_attributes:
+ additionalProperties:
+ maxLength: 128
+ type: string
+ description: Up to ten custom key-value attributes. Note that keys cannot
+ begin with a number. Both keys and values are limited to 128 characters.
+ Updating this field replaces existing contents.
+ example:
+ key: value
+ maxProperties: 10
+ type: object
connector_expiration_date:
description: The expiration date of the certificate used to connect to LwM2M
server.
@@ -2453,7 +3123,7 @@ definitions:
type: string
description:
description: The description of the device.
- example: description
+ example: Temperature measuring device
maxLength: 2000
type: string
device_class:
@@ -2461,7 +3131,7 @@ definitions:
example: ''
maxLength: 32
type: string
- device_execution_mode: &id011
+ device_execution_mode: &id012
default: 0
description: "The execution mode from the certificate of the device. Defaults\
\ to inheriting from host_gateway device.\nPermitted values:\n - 0 - Unspecified\
@@ -2483,7 +3153,8 @@ definitions:
maxLength: 512
type: string
endpoint_name:
- description: The endpoint name given to the device.
+ description: The endpoint name given to the device. The endpoint_name is from
+ the device certificate and is set by factory tool.
example: 00000000-0000-0000-0000-000000000000
readOnly: true
type: string
@@ -2514,7 +3185,8 @@ definitions:
type: string
type: array
host_gateway:
- description: The ID of the host gateway, if appropriate.
+ description: The ID of the host gateway, if appropriate. A device behind Edge
+ has this host_gateway set.
example: ''
type: string
id:
@@ -2522,7 +3194,7 @@ definitions:
Management APIs.
example: '00000000000000000000000000000000'
type: string
- issuer_fingerprint: &id012
+ issuer_fingerprint: &id013
description: SHA256 fingerprint of the certificate used to validate the signature
of the device certificate.
example: C42EDEFC75871E4CE2146FCDA67D03DDA05CC26FDF93B17B55F42C1EADFDC322
@@ -2563,7 +3235,12 @@ definitions:
format: date-time
type: string
lifecycle_status:
- description: The lifecycle status of the device.
+ description: 'The lifecycle status of the device.
+
+ * Enabled: The device is allowed to connect to Pelion Device Management.
+
+ * Blocked: The device is prevented from connecting to Pelion Device Management.
+ Device can be, for example, ''suspended''.'
enum:
- enabled
- blocked
@@ -2579,33 +3256,62 @@ definitions:
format: date-time
type: string
mechanism:
- description: The ID of the channel used to communicate with the device.
+ description: 'NOT USED: The ID of the channel used to communicate with the
+ device.'
enum:
- connector
- direct
type: string
mechanism_url:
- description: The address of the connector to use.
+ description: 'NOT USED: The address of the connector to use.'
example: ''
type: string
name:
- description: The name of the device.
+ description: The name given by the web application for the device. Device
+ itself provides only the endpoint_name.
example: 00000000-0000-0000-0000-000000000000
maxLength: 128
type: string
+ net_id:
+ default: ''
+ description: Private network identifier. Used to group nodes connected to
+ a specific border router.
+ example: 0000:0000:0000:0000:0000:0000:0000:0000
+ maxLength: 40
+ type: string
object:
description: The API resource entity.
example: device
type: string
operator_suspended:
- description: Is the device suspended by the operator?
+ description: Device has been suspended by operator.
type: boolean
serial_number:
- description: The serial number of the device.
+ description: The [serial number](https://www.pelion.com/docs/device-management-provision/latest/provisioning-info/lwm2m-device-object.html#serial-number)
+ of the device. The serial number is injected by the factory tool during
+ manufacturing.
example: 00000000-0000-0000-0000-000000000000
type: string
state:
- description: The current state of the device.
+ description: 'The current state of the device.
+
+ * Unenrolled: The device has been created, but has not yet bootstrapped
+ or connected to Device Management.
+
+ * Cloud_enrolling: The device is bootstrapping for the first time. This
+ state is set only while bootstrapping is in progress. For example, an external
+ CA gives an error, and the device tries to bootstrap again after few seconds.
+
+ * Bootstrapped: The device has bootstrapped, and has credentials to connect
+ to Device Management.
+
+ * Registered: The device has registered with Pelion Device Management. [Device
+ commands](https://www.pelion.com/docs/device-management-api/connect/) can
+ be queued. The device sends events for [subscribed](https://www.pelion.com/docs/device-management/current/resources/handle-resource-webapp.html)
+ resources.
+
+ * Deregistered: The device has requested deregistration, or its registration
+ has expired.'
enum:
- unenrolled
- cloud_enrolling
@@ -2617,7 +3323,7 @@ definitions:
description: Is the device suspended by the system?
type: boolean
updated_at:
- description: The time the object was updated.
+ description: The time this data object was updated.
example: '2017-05-22T12:37:55.576563Z'
format: date-time
type: string
@@ -2674,7 +3380,7 @@ definitions:
description: An ID representing the model and hardware revision of the device.
maxLength: 32
type: string
- device_execution_mode: *id011
+ device_execution_mode: *id012
device_key:
description: The fingerprint of the device certificate.
example: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
@@ -2695,7 +3401,7 @@ definitions:
description: The ID of the host gateway, if appropriate.
example: ''
type: string
- issuer_fingerprint: *id012
+ issuer_fingerprint: *id013
manifest:
description: 'DEPRECATED: The URL for the current device manifest.'
example: ''
@@ -2740,7 +3446,8 @@ definitions:
description: 'DEPRECATED: Mark this device for automatic firmware update.'
type: boolean
ca_id:
- description: The certificate issuer's ID.
+ description: 'The certificate issuer''s ID. WARNING: This value comes from
+ the device, and should not be changed via the API.'
example: '00000000000000000000000000000000'
maxLength: 500
type: string
@@ -2762,12 +3469,14 @@ definitions:
maxLength: 2000
type: string
device_key:
- description: The fingerprint of the device certificate.
+ description: 'The fingerprint of the device certificate. WARNING: This value
+ comes from the device, and should not be changed via the API.'
example: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
maxLength: 512
type: string
endpoint_name:
- description: The endpoint name given to the device.
+ description: 'The endpoint name given to the device. WARNING: This value comes
+ from the device, and should not be changed via the API.'
example: 00000000-0000-0000-0000-000000000000
maxLength: 64
readOnly: true
@@ -2794,8 +3503,8 @@ definitions:
auto_update:
type: boolean
bootstrap_expiration_date:
- example: '2017-05-22T12:37:55.576563Z'
- format: date-time
+ example: '2017-05-22'
+ format: date
type: string
bootstrapped_timestamp:
example: '2017-05-22T12:37:55.576563Z'
@@ -2803,9 +3512,13 @@ definitions:
type: string
ca_id:
type: string
+ component_attributes:
+ additionalProperties:
+ type: string
+ type: object
connector_expiration_date:
- example: '2017-05-22T12:37:55.576563Z'
- format: date-time
+ example: '2017-05-22'
+ format: date
type: string
created_at:
example: '2017-05-22T12:37:55.576563Z'
@@ -2911,7 +3624,7 @@ definitions:
maxLength: 100
type: string
event_type_category:
- description: Category code which groups the event type by a summary category.
+ description: Category code that groups the event type by a summary category.
example: FAIL_MANIFEST_REJECTED
type: string
event_type_description:
@@ -2996,11 +3709,11 @@ definitions:
DeviceGroup:
properties:
created_at:
- description: The time the campaign was created.
+ description: The time the group was created.
example: '2017-05-22T12:37:55.576563Z'
format: date-time
type: string
- custom_attributes: &id023
+ custom_attributes: &id028
additionalProperties:
maxLength: 128
pattern: ^[A-Za-z].*
@@ -3012,10 +3725,10 @@ definitions:
key: value
maxProperties: 10
type: object
- description: &id024
+ description: &id029
description: The description of the group.
example: Devices on the factory floor.
- maxLength: 2000
+ maxLength: 1024
type: string
devices_count:
description: The number of devices in this group.
@@ -3029,7 +3742,7 @@ definitions:
description: The group ID.
example: 015c3029f6f7000000000001001000c3
type: string
- name: &id025
+ name: &id030
description: Name of the group.
example: My devices
maxLength: 128
@@ -3039,7 +3752,7 @@ definitions:
example: device-group
type: string
updated_at:
- description: The time the object was updated.
+ description: The time this object was updated.
example: '2017-05-22T12:37:55.576563Z'
format: date-time
type: string
@@ -3089,16 +3802,16 @@ definitions:
DeviceGteLteFilter:
properties:
bootstrap_expiration_date:
- example: '2017-05-22T12:37:55.576563Z'
- format: date-time
+ example: '2017-05-22'
+ format: date
type: string
bootstrapped_timestamp:
example: '2017-05-22T12:37:55.576563Z'
format: date-time
type: string
connector_expiration_date:
- example: '2017-05-22T12:37:55.576563Z'
- format: date-time
+ example: '2017-05-22'
+ format: date
type: string
created_at:
example: '2017-05-22T12:37:55.576563Z'
@@ -3128,8 +3841,8 @@ definitions:
auto_update:
type: boolean
bootstrap_expiration_date:
- example: '2017-05-22T12:37:55.576563Z'
- format: date-time
+ example: '2017-05-22'
+ format: date
type: string
bootstrapped_timestamp:
example: '2017-05-22T12:37:55.576563Z'
@@ -3137,9 +3850,13 @@ definitions:
type: string
ca_id:
type: string
+ component_attributes:
+ additionalProperties:
+ type: string
+ type: object
connector_expiration_date:
- example: '2017-05-22T12:37:55.576563Z'
- format: date-time
+ example: '2017-05-22'
+ format: date
type: string
created_at:
example: '2017-05-22T12:37:55.576563Z'
@@ -3240,7 +3957,7 @@ definitions:
DeviceQuery:
properties:
created_at:
- description: The timestamp of when the device was created in Device Directory.
+ description: The timestamp of when the query was created.
example: '2017-05-22T12:37:55.576563Z'
format: date-time
type: string
@@ -3251,11 +3968,11 @@ definitions:
type: string
id:
description: The ID of the query.
- example: '00000000000000000000000000000000'
+ example: 015c30671894000000000001001001e9
type: string
name:
description: The name of the query.
- example: '00000000000000000000000000000000'
+ example: example-stored-device-query
type: string
object:
description: The API resource entity.
@@ -3263,7 +3980,7 @@ definitions:
type: string
query:
description: The device query.
- example: id=00000000000000000000000000000000
+ example: id=0158d38771f70000000000010010038c
type: string
updated_at:
description: The time the object was updated.
@@ -3383,7 +4100,10 @@ definitions:
maxLength: 200
type: string
query:
- description: The device query.
+ description: The device query to store. A query is made of key/value pairs
+ separated by ampersands (`&`). The key defines the field name to filter
+ by when applying the query. Refer to the endpoint documentation before applying
+ a filter, as supported fields vary between endpoints.
maxLength: 1000
type: string
required:
@@ -3416,6 +4136,147 @@ definitions:
- method
- uri
type: object
+ DeviceToPelionMessagesCounter:
+ description: The number of messages from the device to Device Management.
+ properties:
+ bootstrap_requests:
+ $ref: '#/definitions/BootstrapRequestsCounter'
+ est_requests:
+ $ref: '#/definitions/EstRequestsCounter'
+ observations:
+ $ref: '#/definitions/ObservationsCounter'
+ proxy_responses:
+ $ref: '#/definitions/ProxyResponsesCounter'
+ registration_deletes:
+ $ref: '#/definitions/RegistrationDeletesCounter'
+ registration_updates:
+ $ref: '#/definitions/RegistrationUpdatesCounter'
+ registrations:
+ $ref: '#/definitions/RegistrationsCounter'
+ total_count:
+ description: The number of all inbound requests from devices to Device Management.
+ format: int64
+ minimum: 0
+ type: integer
+ required:
+ - total_count
+ - registrations
+ - registration_updates
+ - registration_deletes
+ - observations
+ - est_requests
+ - proxy_responses
+ - bootstrap_requests
+ type: object
+ EchoDevice:
+ description: The Device Echo object representing the device.
+ properties:
+ created_at:
+ description: Response creation UTC time.
+ example: 2020-10-20 10:30:55.123000
+ format: date-time
+ type: string
+ device_id:
+ description: The device ID.
+ example: 015f3850a657000000000001001002ab
+ type: string
+ endpoint_name:
+ description: The endpoint name.
+ example: Sensor3222454
+ type: string
+ last_desired_at:
+ description: The last time a write command was initiated on a resource.
+ example: 2019-10-20 10:30:55.123000
+ format: date-time
+ type: string
+ last_reported_at:
+ description: The last time any resource's reported value was updated.
+ example: 2019-10-20 10:30:55.123000
+ format: date-time
+ type: string
+ object:
+ description: API Resource name
+ example: device-echo
+ type: string
+ resources:
+ description: The list of device resources stored in Device Echo.
+ items:
+ $ref: '#/definitions/EchoResource'
+ type: array
+ updated_at:
+ description: The time of last registration event of a Device Echo object.
+ example: 2019-10-20 10:30:55.123000
+ format: date-time
+ type: string
+ required:
+ - id
+ type: object
+ EchoResource:
+ description: The representation of a single resource of the device stored in Device
+ Echo.
+ properties:
+ desired:
+ $ref: '#/definitions/EchoResourceDesired'
+ reported:
+ $ref: '#/definitions/EchoResourceReported'
+ resource_path:
+ description: The path of the resource.
+ example: /3/0/1
+ type: string
+ subscribed:
+ description: System-level subscription status of the resource. If any of the
+ applications has placed a subscription, the status is true. Overlapping
+ subscriptions from multiple applications do not increase the load on the
+ device as the server handles the multiplexing.
+ type: boolean
+ type: object
+ EchoResourceDesired:
+ description: Resource value written, or queued to be written to the device.
+ properties:
+ desired_at:
+ description: The time of the latest value write was initiated.
+ example: 2019-10-20 10:30:55.123000
+ format: date-time
+ type: string
+ status:
+ description: The status of the desired value. 0 = 'pending write', 1 = 'success',
+ 2 = 'failed'.
+ format: integer
+ type: number
+ status_updated_at:
+ description: The time of the last status update.
+ example: 2019-10-20 10:30:55.123000
+ format: date-time
+ type: string
+ value:
+ description: The desired value in base64 encoded format.
+ example: RGVzaXJlZCB2YWx1ZS4=
+ format: byte
+ type: string
+ type: object
+ EchoResourceReported:
+ description: Reported single resource data received from the device.
+ properties:
+ content_type:
+ description: Content type of the reported resource value.
+ example: text/plain
+ type: string
+ expires_at:
+ description: The time after which the reported value is not valid, calculated
+ based on the max-age of the resource value the device reported.
+ example: 2019-10-20 10:30:55.123000
+ format: date-time
+ type: string
+ reported_at:
+ description: The time the last value was reported.
+ format: date-time
+ type: string
+ value:
+ description: The reported value in base64 encoded format.
+ example: UmVwb3J0ZWQgdmFsdWUu
+ format: byte
+ type: string
+ type: object
EndpointData:
properties:
ep:
@@ -3633,11 +4494,17 @@ definitions:
- request_id
- type
type: object
+ EstRequestsCounter:
+ description: The number of certificate creation requests received from devices
+ during bootstrap.
+ format: int64
+ minimum: 0
+ type: integer
EventType:
properties:
campaign_id:
description: ID of the associated campaign.
- example: '00000000000000000000000000000000'
+ example: 016e652be671000000000001001001e5
type: string
count:
example: 10
@@ -3657,6 +4524,7 @@ definitions:
type: string
object:
description: 'Entity name: always ''event-type''.'
+ example: event-type
type: string
summary_status:
example: FAIL
@@ -3672,6 +4540,11 @@ definitions:
example: 'null'
type: string
data:
+ enum:
+ - fail
+ - skipped
+ - info
+ - success
items:
$ref: '#/definitions/EventType'
type: array
@@ -3706,7 +4579,7 @@ definitions:
properties:
campaign_id:
description: ID of the associated campaign.
- example: '00000000000000000000000000000000'
+ example: 016e652be6710000000000010010013d
type: string
count:
example: 10
@@ -3726,6 +4599,7 @@ definitions:
type: string
object:
description: 'Entity name: always ''summary_status''.'
+ example: summary_status
type: string
summary_status:
description: The event type description.
@@ -3758,6 +4632,7 @@ definitions:
type: integer
object:
description: 'The entity name: always ''list''.'
+ example: list
type: string
order:
description: 'The order of the records to return. Acceptable values: ASC,
@@ -3839,14 +4714,14 @@ definitions:
type: object
FirmwareImage:
properties:
- created_at: *id013
+ created_at: *id014
datafile:
- description: The firmware image file URL
- example: http://example.com/00000000000000000000000000000000
+ description: The firmware image file URL.
+ example: http://bucket.com/myimage.elf
type: string
datafile_checksum:
description: The checksum (sha256) generated for the datafile.
- example: '0000000000000000000000000000000000000000000000000000000000000000'
+ example: e979fe432d6a19b0e70a93b33ac29094cd5fe35a8fd5fbedfd383d8d107d6a7e
type: string
datafile_size:
description: The size of the datafile in bytes.
@@ -3855,21 +4730,25 @@ definitions:
description:
description: The description of the object.
example: a description
+ format: free text
maxLength: 2000
type: string
- etag: *id014
+ etag: *id015
id:
description: The firmware image ID.
- example: '00000000000000000000000000000000'
+ example: 016e652be671000000000001001001e5
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
description: The firmware image name.
+ format: free text
maxLength: 128
type: string
object:
description: 'Entity name: always ''firmware-image''.'
+ example: firmware-image
type: string
- updated_at: *id015
+ updated_at: *id016
FirmwareImageEqNeqFilter:
properties:
created_at:
@@ -3889,6 +4768,8 @@ definitions:
format: date-time
type: string
id:
+ example: 015c3029f6f7000000000001001000c3
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
type: string
@@ -3929,6 +4810,8 @@ definitions:
format: date-time
type: string
id:
+ example: 015c3029f6f7000000000001001000c3
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
type: string
@@ -3952,6 +4835,7 @@ definitions:
type: integer
object:
description: 'Entity name: always ''list''.'
+ example: list
type: string
order:
description: The order of the records based on creation time, `ASC` or `DESC`;
@@ -3966,48 +4850,104 @@ definitions:
type: integer
FirmwareManifest:
properties:
- created_at: *id013
+ created_at: *id014
datafile:
- description: The URL of the firmware manifest binary
- example: http://example.com/12345678901234567890123456789012
+ description: The URL of the ASN.1 DER-encoded firmware manifest binary.
+ example: http://bucket.com/mymanifest.manifest
+ format: uri
type: string
datafile_size:
- description: The size of the datafile in bytes
+ description: The size of the firmware manifest in bytes.
+ format: int64
+ type: integer
+ delivered_payload_digest:
+ description: Digest (SHA256, hex-encoded) of the payload to deliver to the
+ device.
+ example: c520fc771c0482ad39e983d27cf725a7c724fe58c616129a34a420d1941068bc
+ format: hex
+ type: string
+ delivered_payload_size:
+ description: The size in bytes of the payload to deliver to the device.
format: int64
type: integer
+ delivered_payload_type:
+ description: Type of the payload to deliver to the device (full or delta image).
+ enum:
+ - full
+ - delta
+ type: string
+ delivered_payload_url:
+ description: The URL of the payload to deliver to the device.
+ example: http://bucket.com/myimage.elf
+ format: uri
+ type: string
description:
description: The description of the firmware manifest.
example: ''
+ format: free text
maxLength: 2000
type: string
device_class:
- description: The class of the device.
- example: 00000000-0000-0000-0000-000000000000
+ description: The device class ID.
+ example: 42c4d8de-704d-546e-b9d3-1ce1eb316167
+ format: uuid
+ type: string
+ device_vendor:
+ description: The device vendor ID.
+ example: 5d645eae-c231-5a89-9764-2e655cd94fa8
+ format: uuid
type: string
- etag: *id014
+ etag: *id015
id:
description: The firmware manifest ID.
example: '12345678901234567890123456789012'
+ pattern: '[A-Fa-f0-9]{32}'
type: string
key_table:
description: The key table of pre-shared keys for devices.
- example: http://example.com
+ example: http://example.com/key-table
format: uri
type: string
+ manifest_schema_version:
+ description: Version of the manifest schema (1 or 3).
+ enum:
+ - '1'
+ - '3'
+ type: string
name:
- description: The name of the object.
- example: default_object_name
+ description: The name of the manifest.
+ example: manifest_name
+ format: free text
maxLength: 128
type: string
object:
description: 'Entity name: always ''firmware-manifest''.'
+ example: firmware-manifest
+ type: string
+ parsed_raw_manifest:
+ description: 'Raw manifest in JSON format, parsed from ASN.1 DER encoding.
+
+ Fields may change. Backwards compatibility is not guaranteed.
+
+ Recommended for debugging only.
+
+ '
+ type: object
+ precursor_payload_digest:
+ description: Digest (SHA256, hex-encoded) of the currently installed payload.
+ example: 54d640fcd687c9b13420b9be66a265494899002aad1b7370cfb3dbfd7fbec42f
type: string
timestamp:
description: The firmware manifest version as a timestamp.
example: '2017-05-22T12:37:55.576563Z'
format: date-time
type: string
- updated_at: *id015
+ update_priority:
+ description: Update priority, passed to the application callback when an update
+ is performed. Allows the application to make application-specific decisions.
+ format: int64
+ type: integer
+ updated_at: *id016
FirmwareManifestEqNeqFilter:
properties:
created_at:
@@ -4027,8 +4967,12 @@ definitions:
format: date-time
type: string
id:
+ example: 015c3029f6f7000000000001001000c3
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
+ format: free text
+ maxLength: 128
type: string
timestamp:
example: '2017-05-22T12:37:55.576563Z'
@@ -4075,8 +5019,12 @@ definitions:
format: date-time
type: string
id:
+ example: 015c3029f6f7000000000001001000c3
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
+ format: free text
+ maxLength: 128
type: string
timestamp:
example: '2017-05-22T12:37:55.576563Z'
@@ -4102,6 +5050,7 @@ definitions:
type: integer
object:
description: 'Entity name: always ''list''.'
+ example: list
type: string
order:
description: 'The order of the records to return. Acceptable values: ASC,
@@ -4114,6 +5063,12 @@ definitions:
total_count:
format: int32
type: integer
+ FirmwareUpdatesCounter:
+ description: The total number of successful firmware update operations in the
+ requested time.
+ format: int64
+ minimum: 0
+ type: integer
ForbiddenErrorResponse:
description: 403 Forbidden.
properties:
@@ -4145,25 +5100,58 @@ definitions:
- type
- code
type: object
+ GetTrustAnchorsResponse:
+ properties:
+ after:
+ description: An offset token for the current page.
+ example: '01631667477600000000000100100374'
+ pattern: '[A-Fa-f0-9]{32}'
+ type: string
+ data:
+ description: The list of trust anchors of the account.
+ items:
+ $ref: '#/definitions/TrustAnchorResponse'
+ type: array
+ has_more:
+ description: Indicates whether additional results are available.
+ example: false
+ type: boolean
+ limit:
+ default: 50
+ description: Indicates how many objects to retrieve in the page. The minimum
+ limit is 2 and the maximum is 1000. Limit values outside of this range are
+ set to the closest limit.
+ maximum: 1000
+ minimum: 2
+ type: integer
+ object:
+ description: The type of this API object is a `list`.
+ example: list
+ type: string
+ order:
+ description: Indicates how to order the entries based on when they were created.
+ enum:
+ - ASC
+ - DESC
+ example: DESC
+ type: string
+ total_count:
+ example: 1
+ format: integer
+ type: integer
+ type: object
GlobalSignCredentials:
- description: 'Describes the credentials required to connect to the GlobalSign
- account.
-
- The values should be taken from GlobalSign support upon account creation.
+ description: 'The credentials required to connect to the GlobalSign account.
- '
+ The values should be taken from GlobalSign support upon account creation.'
properties:
api_key:
- description: 'Unique ID for API client (provided by GlobalSign).
-
- '
+ description: Unique ID for API client (provided by GlobalSign).
example: e510e289e6cd8947
maxLength: 1000
type: string
api_secret:
- description: 'API Secret matching the API key (provided by GlobalSign).
-
- '
+ description: API secret matching the API key (provided by GlobalSign).
example: a477a8393d17a55ecb2ba6a61f58feb84770b621
format: password
maxLength: 250
@@ -4175,9 +5163,7 @@ definitions:
The certificate wraps a public key that matches a private key provided by
the customer.
- The certificate must be in PEM format.
-
- '
+ The certificate must be in PEM format.'
example: '"-----BEGIN CERTIFICATE-----MIIC7zCCAdegAwIBAgIJANTlU4x5S74VMA0GCSqGSIb3DQEBCwUAMA4xDDAKBgNVBAoMA0FybTAeFw0xODAzMTExMzE5MTFaFw0xOTAzMTExMzE5MTFaMA4xDDAKBgNVBAoMA0FybTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJWLStsVMJULZtxdieK9qocM4ymDXMaAusmd9TZLzBgznKQe/CW2yxyA8C8K5e6MmvMYGeKDd4Lkw/ezOj2OsUj2xzNIltUxpGi/GhsNYiN/khNJa/Y1SllLoihJAPm/xbMywOBRu/dM88PiJsNZccOk0I8DYvvyAs9wCTkbKLnfHygl98DCRqXw7nBCplU6F03qpUd/4BUtMtugyqt7yboGH+4YewnUh4Yh4QNOJIvE93Ob++eKjO3pIOYEhQmUxzOLaLNuWXlv2l1WuN281hUP4XBcV8mCzRQfTBBDYTWt+5BEWoLOUkXjW0Um6EAaN3usph1IKDEH6Ia5VHP4Pj0CAwEAAaNQME4wHQYDVR0OBBYEFLsfYZxFcQTjPJKYMjHI2In316fmMB8GA1UdIwQYMBaAFLsfYZxFcQTjPJKYMjHI2In316fmMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFl08GFsIkkUs6M7QgCWmsnwP6PtD8V87wM1GAqQQlOOeztaeRR2TEOeYiKRZQugYszJ/FVfVp4ggqzepJMn6UZ42j5nmSJs+6t79i23QAzX1zNQ354lr/t7kt3fMdhuL3AP0oZGzdy+EnXXiWeAD22UwzvVmLt38ypJIl+pmTsx9jJy4PN7yoRgtP9k+50m3X6oDxVruehC/JPSeTvEhqyLW3fLcG6IoJMX3vIwfO9uXbFJumTowQeViNJJ9duWvD2KBXn/muOOBe97TPuvAms1gOtMmmPT9/jpo9b4+NsfFiAN6bMici81aIKZzLC+lLGOUmR2fFJyM5OsVLxKsko=-----END
CERTIFICATE-----"'
maxLength: 3000
@@ -4185,9 +5171,7 @@ definitions:
passphrase:
description: 'The passphrase to decrypt the private key in case it is encrypted.
- Empty if the private key is not encrypted.
-
- '
+ Empty if the private key is not encrypted.'
example: helloworld
format: password
maxLength: 1000
@@ -4199,9 +5183,7 @@ definitions:
The private key may be encrypted using a symmetric encryption key derived
from a passphrase.
- The private key must be in PEM format.
-
- '
+ The private key must be in PEM format.'
example: '"-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info:
DES-EDE3-CBC,CCAC26A4133947CB\n\np3KJ4FI3wcz3I0MtiLkrznkjWFvprVmoNywySUGb5IqZViJZqCMEsyU9a9iDsSfP\nZ07cg9GviV21WYIPSxZOQrpy1g1VWILzFnH+J6z8dSH4mxXh0PwdOzYgAeqkrIVM\nJ7KRm6t222dZFjjXK3eEcLmBLGo29XwVJxKHx+l4++gU1LZmeHZR5M8fJ4jejUly\n7sqzPlmRF0N3I4lwKVj+PfQTVz43QoCnpxOjuSEL4liBrc2agY2xH1O0PFyHimz9\n3XM9HR/iuPHW0N2D+NPjXlWKacerupH9d4i9IYIagzB+HTgej8limdo03GmmxcZ6\nYNa58n5yQSaqu0TPRU9DsrKeGjadHTlZQGdzfq1SWsROCnHLrXFKE2ozIG3+hxA5\nujBF/QWpX5+inXUwDJhBxp8isHbPEnBEUUd6ZRzCTjvN0jaUti5B9yFhO2G6mbE8\nCvhyzQK8oJqsjZXnlcpPf95LP+9XbcCDjLSIaWJstzXO9tPiv6+x1MVWmivtRHcC\nSTzpx8jAGCiG6ejLqWB87ZXiZm7ujlCBheHSf5RHwNHhUvoP2JEYalDDRxjcDMSx\n4uV42Np4yJlIQEDlGHcBlXoL7vEukFpuWgkYdpcZy/Ou9qz8mXrpLcu8C8MhLmSC\nixGoR5iRhV7cxoHLyuCzj87eYEA73Xu238DQorSEEuiVFnLzQ2+PJMs4qoI14q/L\notlBDz+Ko6DrU/EZROYmiqMkLKXR2sx9zNAJwPYRs6nSH08tZ3dwqzZbgtP3Wazi\nhLWHt5/En7wQRA5a+/dDEHXSoLvvSQ9jvhclhWf+eCYuq2eH+g54oyJGRSY+8GV7\nujhLxkzl/3OZdhZPWoz4U13KpbSTcNWu5Y7oGDoabw19UbvqmLf1PJkpDH/tQgzB\nxYtsLBRUcofpYoeIiIxfAA4do5WilJc8xqrGhkE4WcHfY24HXAiOvsjbxV+BRprX\n1jtgJpV/9nJESMap+8PxipGUFRGjB83/uwJaa6mLftEKflX8i4MZ+HnqraXERsqA\nWRUcDHIWmFfpzIB3iNuxawVvPH8NdCSPmQ9qTb8Cozl0AuOK2E9S+ke8oiYQScWR\nLdu+zhej7GjuQ9R+Ub+wPWqvOA5qLXejqnCexVScDUuN+z9JWM3N2FG1MwxhAzhP\ndEfoQHoBn6uyOmrVGP6fosV3chqhPoec42KeOAm1xDvx692isaIy1jPgIyPxeqhm\n2Tw4E+02R7dlP8Ljf7JzfLm4oKpWHWlcHeqg24x6lY/wXU1RBcWaTa0AQUwoGm2m\nIQCPfIqOEv/QC2HpO7SVCYkl65KwR0oTd1AzYxdxEq3xHQbh69EL0FGZPVxVCPI+\nhEAyifKy1/tm3l91Rf/kGpHY7nIQKCXH49tmFwix8gke2nZJmRgX7/zAdMOAKeKH\nAaIl4nQtv14EbaasMgnn9qgaDYnWzaReEob2QlQ/WYlTor61+KFpGtcf9jAkgudT\n2op+4CF7wT2+aTXdtkVWfmv++iB8GnlqZdxLvyG1cTYjjYHVFbMSWQnxzQqiE2ms\nQgp+byjWCumpsWTMdTO+d9NkDOo80vDpaRxEgebmhJ0MbX+eFjBgVg==\n-----END
RSA PRIVATE KEY-----"'
@@ -4228,6 +5210,7 @@ definitions:
type: object
GroupIdList:
items:
+ example: 01705c6383f6c85b76f92f4e00000000
type: string
type: array
GroupSummary:
@@ -4243,6 +5226,16 @@ definitions:
example: 0
format: int32
type: integer
+ x-deprecation:
+ comment: This property is deprecated. See 'application_count' property.
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ application_count:
+ description: The number of applications in this group.
+ example: 0
+ format: int32
+ type: integer
created_at:
description: Creation UTC time RFC3339.
example: '2018-02-13T09:35:20Z'
@@ -4289,7 +5282,7 @@ definitions:
GroupSummaryList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -4369,6 +5362,7 @@ definitions:
description: Identity provider type.
enum:
- SAML2
+ - OIDC
type: string
required:
- name
@@ -4412,6 +5406,9 @@ definitions:
enum:
- identity-provider
type: string
+ oidc_attributes:
+ $ref: '#/definitions/OIDCInfo'
+ description: OIDC specific attributes.
saml2_attributes:
$ref: '#/definitions/SAML2Info'
description: SAML2 specific attributes.
@@ -4444,7 +5441,7 @@ definitions:
IdentityProviderList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -4513,6 +5510,7 @@ definitions:
description: Identity provider type.
enum:
- SAML2
+ - OIDC
type: string
required:
- name
@@ -4563,6 +5561,15 @@ definitions:
- type
- code
type: object
+ KeyValue:
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ - value
ListOfPreSharedKeysWithoutSecret:
properties:
after:
@@ -4605,6 +5612,67 @@ definitions:
- has_more
- data
type: object
+ Log:
+ properties:
+ account_id:
+ description: The ID of the account associated with the device.
+ example: 0168e7bff4f2263cf4be560700000000
+ type: string
+ app_name:
+ description: A tag indicating which application or software module produced
+ the log message.
+ example: modbus
+ type: string
+ created_at:
+ description: RFC 3339 UTC timestamp indicating when the resource entity was
+ created.
+ example: '2017-07-21T17:32:28Z'
+ format: date-time
+ type: string
+ device_id:
+ description: Device ID.
+ example: 00005a4e027f0a580a01081c00000000
+ type: string
+ etag:
+ description: Entity instance signature, or Unix timestamp of last customer
+ update.
+ example: stdout
+ type: string
+ id:
+ description: mUUID Entity ID. Each device log has a unique ID.
+ example: 2d238a89038b4ddb84699dd36a901063
+ pattern: /^[(0-9)(a-f)]{32}$/
+ type: string
+ level:
+ description: Log entry severity level.
+ enum:
+ - DEBUG
+ - TRACE
+ - INFO
+ - WARNING
+ - ERROR
+ - CRITICAL
+ example: ERROR
+ type: string
+ message:
+ description: Log message body.
+ example: 'ModbusRTU Driver: Failed to start undefined'
+ type: string
+ object:
+ description: Device log resource name.
+ example: device-log
+ type: string
+ timestamp:
+ description: RFC 3339 UTC timestamp indicating indicating the device time
+ the message was printed.
+ example: '2017-07-21T17:40:28Z'
+ format: date-time
+ type: string
+ type:
+ description: Device log type.
+ example: syslog
+ type: string
+ type: object
LoginHistory:
description: Represents an entry in login history.
properties:
@@ -4635,11 +5703,18 @@ definitions:
LoginProfile:
description: Represents a user login profile in Device Management.
properties:
+ foreign_id:
+ description: The ID of the user in the identity provider's service.
+ example: fed/user_007
+ readOnly: true
+ type: string
id:
description: ID of the identity provider.
+ example: 01619571f3c00242ac12000600000000
type: string
name:
description: Name of the identity provider.
+ example: Pelion
readOnly: true
type: string
type:
@@ -4649,11 +5724,46 @@ definitions:
- MBED
- SAML2
- OIDC
+ example: NATIVE
readOnly: true
type: string
required:
- id
type: object
+ LogsPage:
+ properties:
+ after:
+ description: An offset token for current page.
+ type: string
+ x-nullable: true
+ data:
+ items:
+ $ref: '#/definitions/Log'
+ type: array
+ has_more:
+ description: Indicates whether more results are available.
+ example: false
+ type: boolean
+ limit:
+ description: Limit applied on number of device log resource objects retrieved
+ in the page (2-1000).
+ example: 100
+ maximum: 1000
+ minimum: 2
+ type: integer
+ object:
+ description: Always `list`.
+ example: list
+ type: string
+ order:
+ description: Entry order based on creation time.
+ example: DESC
+ type: string
+ total_count:
+ example: 1
+ format: integer
+ type: integer
+ type: object
NotificationData:
properties:
ct:
@@ -4741,7 +5851,7 @@ definitions:
NotificationEntryList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -4824,30 +5934,37 @@ definitions:
x-nullable: true
email_verified:
description: Custom claim name for 'email_verified'.
+ example: email_verified
type: string
x-nullable: true
family_name:
description: Custom claim name for 'family_name'.
+ example: family_name
type: string
x-nullable: true
given_name:
description: Custom claim name for 'given_name'.
+ example: given_name
type: string
x-nullable: true
name:
description: Custom claim name for 'name'.
+ example: name
type: string
x-nullable: true
phone_number:
description: Custom claim name for 'phone_number'.
+ example: phone_number
type: string
x-nullable: true
sub:
description: Custom claim name for 'sub'.
+ example: sub
type: string
x-nullable: true
updated_at:
description: Custom claim name for 'updated_at'.
+ example: updated_at
type: string
x-nullable: true
updated_at_pattern:
@@ -4938,6 +6055,11 @@ definitions:
required:
- issuer
type: object
+ ObservationsCounter:
+ description: The number of resource observation event requests received from devices.
+ format: int64
+ minimum: 0
+ type: integer
ParentAccountInfo:
description: Represents parent account contact details in responses.
properties:
@@ -4970,6 +6092,29 @@ definitions:
required:
- minimum_length
type: object
+ PelionToDeviceMessagesCounter:
+ description: The number of messages from Device Management to the device.
+ properties:
+ proxy_requests:
+ $ref: '#/definitions/ProxyRequestsCounter'
+ subscriptions:
+ $ref: '#/definitions/SubscriptionsCounter'
+ total_count:
+ description: The number of all outbound requests sent to devices.
+ format: int64
+ minimum: 0
+ type: integer
+ required:
+ - total_count
+ - proxy_requests
+ - subscriptions
+ type: object
+ PelionToWebappNotificationsCounter:
+ description: The number of notifications from Device Management to the web application
+ or portal.
+ format: int64
+ minimum: 0
+ type: integer
PendingServicePackage:
description: A pending service package.
properties:
@@ -5053,7 +6198,7 @@ definitions:
Presubscription:
properties:
endpoint-name:
- description: The device ID.
+ description: Device Management device ID.
example: 015f3850a657000000000001001002ab
type: string
endpoint-type:
@@ -5129,6 +6274,16 @@ definitions:
- firmware_update_count
- reason
type: object
+ ProxyRequestsCounter:
+ description: The number of device command requests sent to devices.
+ format: int64
+ minimum: 0
+ type: integer
+ ProxyResponsesCounter:
+ description: The number of device command responses received from devices.
+ format: int64
+ minimum: 0
+ type: integer
QuotaUsageReport:
description: Account quota usage entry for queried month.
properties:
@@ -5155,6 +6310,7 @@ definitions:
- package_renewal
- package_creation
- package_termination
+ - package_tokens_edit
type: string
required:
- amount
@@ -5164,11 +6320,23 @@ definitions:
RegisterWebsocketChannel:
properties:
serialization:
- description: Serialization configuration for a channel
- schema:
- $ref: '#/definitions/SerializationConfigData'
- type: object
+ $ref: '#/definitions/SerializationConfigData'
type: object
+ RegistrationDeletesCounter:
+ description: The number of deregistration requests received from devices.
+ format: int64
+ minimum: 0
+ type: integer
+ RegistrationUpdatesCounter:
+ description: The number of device registration update requests received from devices.
+ format: int64
+ minimum: 0
+ type: integer
+ RegistrationsCounter:
+ description: The number of full device registration requests received from devices.
+ format: int64
+ minimum: 0
+ type: integer
ReportAccountContactInfo:
description: Account contact information.
properties:
@@ -5176,6 +6344,15 @@ definitions:
type: string
address_line2:
type: string
+ alias:
+ type: string
+ business_model:
+ description: The business model selected for the account to generate the billing
+ reports.
+ enum:
+ - active_device_business_model
+ - api_calls_1_business_model
+ type: string
city:
type: string
company:
@@ -5184,6 +6361,9 @@ definitions:
type: string
country:
type: string
+ customer_subtenant_id:
+ description: Account tenant ID, valid only for tenants.
+ type: string
email:
type: string
id:
@@ -5202,18 +6382,20 @@ definitions:
ReportBillingData:
properties:
active_devices:
- format: int64
- minimum: 0
- type: integer
+ $ref: '#/definitions/ActiveDevicesCounter'
+ device_to_pelion_messages:
+ $ref: '#/definitions/DeviceToPelionMessagesCounter'
firmware_updates:
- format: int64
- minimum: 0
- type: integer
+ $ref: '#/definitions/FirmwareUpdatesCounter'
generated:
description: Billing report generated time in RFC3339 date-time with millisecond
accuracy and UTC time zone.
format: date-time
type: string
+ pelion_to_device_messages:
+ $ref: '#/definitions/PelionToDeviceMessagesCounter'
+ pelion_to_webapp_notifications:
+ $ref: '#/definitions/PelionToWebappNotificationsCounter'
period_end:
description: Billing report end time in RFC3339 date-time with millisecond
accuracy and UTC time zone.
@@ -5224,10 +6406,12 @@ definitions:
accuracy and UTC time zone.
format: date-time
type: string
+ rest_api_requests_with_api_key_token:
+ $ref: '#/definitions/RestApiRequestsWithApiKeyTokenCounter'
+ rest_api_requests_with_user_token:
+ $ref: '#/definitions/RestApiRequestsWithUserTokenCounter'
sda_tokens:
- format: int64
- minimum: 0
- type: integer
+ $ref: '#/definitions/SdaTokensCounter'
required:
- generated
- period_start
@@ -5275,7 +6459,7 @@ definitions:
description: Account contact information.
aggregated:
$ref: '#/definitions/ReportBillingData'
- description: Aggregated report billing data including all subtenant accounts,
+ description: Aggregated report billing data including all tenant accounts,
if any.
billing_data:
$ref: '#/definitions/ReportBillingData'
@@ -5294,10 +6478,10 @@ definitions:
type: string
service_package:
$ref: '#/definitions/ServicePackageReport'
- description: Report service package.
+ description: Service package report.
subtenants:
- description: List of billing reports for subtenant accounts. Empty list if
- account does not have any subtenant account.
+ description: List of billing reports for tenant accounts. Empty list if account
+ does not have any tenant account.
items:
$ref: '#/definitions/SubtenantAccountReport'
type: array
@@ -5306,8 +6490,6 @@ definitions:
- object
- account
- billing_data
- - subtenants
- - aggregated
- month
type: object
Resource:
@@ -5318,8 +6500,8 @@ definitions:
example: true
type: boolean
rt:
- description: Application-specific resource type that describes this resource.
- It is created by the [client side application](../connecting/resource-setup-in-device-management-client.html).
+ description: Application-specific resource type that describes this resource,
+ created by the [client application](https://www.pelion.com/docs/device-management/current/resources/resource-setup-in-device-management-client.html).
Not meant to be a human-readable name for the resource. Multiple resource
types may be included, separated by a space.
example: light_sensor
@@ -5328,16 +6510,31 @@ definitions:
description: 'The content type of the resource.
- We recommend you use the **resource types** listed in the [LwM2M specification](http://technical.openmobilealliance.org/Technical/technical-information/omna/lightweight-m2m-lwm2m-object-registry).'
+ We recommend you use the content types listed in the [LwM2M specification](http://www.openmobilealliance.org/wp/omna/lwm2m/lwm2mregistry.html).'
example: text/plain
type: string
uri:
- description: The resource URL.
+ description: 'The resource URL. This can be the path to:
+
+
+ - An object; for example, `3303`.
+
+ - An object instance; for example `3303/0`.
+
+ - A resource; for example `3303/0/5602`.
+
+
+ For more information about the Device Management resource model, please
+ see the [Device Management documentation](https://www.pelion.com/docs/device-management/current/resources/resource-model.html).'
example: /sen/light
type: string
required:
- uri
type: object
+ ResourceArray:
+ items:
+ $ref: '#/definitions/Resource'
+ type: array
ResourcePath:
description: A resource URI.
example: /sen/light
@@ -5364,13 +6561,25 @@ definitions:
type: string
rt:
description: 'Application-specific resource type that describes this resource.
- It is created by the [client side application](../connecting/resource-setup-in-device-management-client.html).
+ It is created by the [client side application](https://www.pelion.com/docs/device-management/current/resources/resource-setup-in-device-management-client.html).
Not meant to be a human-readable name for the resource. Multiple resource
types may be included, separated by a space.'
example: light_sensor
type: string
type: object
+ RestApiRequestsWithApiKeyTokenCounter:
+ description: The number of REST API requests made with access keys in web applications
+ or other service integrations.
+ format: int64
+ minimum: 0
+ type: integer
+ RestApiRequestsWithUserTokenCounter:
+ description: The number of REST API requests from user sessions in Device Management
+ Portal.
+ format: int64
+ minimum: 0
+ type: integer
SAML2Info:
description: Represents SAML2 specific attributes in responses.
properties:
@@ -5439,21 +6648,25 @@ definitions:
description: URL of the identity provider's SSO endpoint.
type: string
type: object
+ SdaTokensCounter:
+ description: The total number of devices included in the Secure Device Access
+ tokens used in the requested time. A single Secure Device Access token can be
+ linked to multiple endpoint names.
+ format: int64
+ minimum: 0
+ type: integer
SerializationConfigData:
+ description: Serialization configuration for a channel.
properties:
cfg:
- description: Serialization configuration object according to configuration
- type.
- schema:
- $ref: '#/definitions/SerializationConfigObjectV2'
- type: object
+ $ref: '#/definitions/SerializationConfigObjectV2'
max_chunk_size:
description: Maximum number of messages in NotificationMessage container delivered
in one request. Default is 10000. Using a very low value for high troughput
applications may cause lag in notification delivery, as a new chunk is sent
only after the previous one has been acknowledged. Using a high value is
recommended and safe, as chunks are sent quickly after notifications are
- received from devices. See [notification sending logic](../integrate-web-app/event-notification.html#notification-sending-logic)
+ received from devices. See [notification sending logic](https://www.pelion.com/docs/device-management/current/integrate-web-app/event-notification.html#notification-sending-logic)
for more details.
example: '500'
maximum: 10000
@@ -5470,6 +6683,7 @@ definitions:
- type
type: object
SerializationConfigObjectV2:
+ description: Serialization configuration object according to configuration type.
properties:
deregistrations_as_object:
default: false
@@ -5613,16 +6827,17 @@ definitions:
- package_creation
- package_renewal
- package_termination
+ - package_tokens_edit
type: string
reservation:
$ref: '#/definitions/ServicePackageQuotaHistoryReservation'
- description: Reservation details if reason is `reservation`, `reservation_releasem`
+ description: Reservation details if reason is `reservation`, `reservation_release`
or `reservation_termination`.
type: object
service_package:
$ref: '#/definitions/ServicePackageQuotaHistoryServicePackage'
- description: Service package details if reason is `package_creation`, `package_renewal`
- or `package_termination`.
+ description: Service package details if reason is `package_creation`, `package_renewal`,
+ `package_termination`, or `package_tokens_edit`.
type: object
required:
- id
@@ -5669,8 +6884,7 @@ definitions:
description: If there is next available quota history paged response to fetch.
type: boolean
limit:
- description: Maximum number of quota history entries contained in one paged
- response.
+ description: Maximum number of quota history entries in one paged response.
format: int32
maximum: 1000
minimum: 2
@@ -5680,6 +6894,9 @@ definitions:
enum:
- service-package-quota-history
type: string
+ order:
+ description: History item record order based on creation time.
+ type: string
total_count:
description: Sum of all quota history entries that should be returned.
format: int32
@@ -5691,6 +6908,7 @@ definitions:
- has_more
- limit
- total_count
+ - order
type: object
ServicePackageQuotaHistoryServicePackage:
description: Service package quota history service package object.
@@ -5736,9 +6954,7 @@ definitions:
$ref: '#/definitions/QuotaUsageReport'
type: array
required:
- - metadata
- quota_usage
- - aggregated_quota_usage
type: object
ServicePackagesResponse:
description: Contains service package information for currently active service
@@ -5766,6 +6982,174 @@ definitions:
required:
- object
- previous
+ StatisticsReportListResponse:
+ properties:
+ after:
+ description: An offset token for the current page.
+ example: '01631667477600000000000100100374'
+ type: string
+ data:
+ description: List of manufacturing statistics.
+ items:
+ $ref: '#/definitions/StatisticsReportResponse'
+ type: array
+ end:
+ example: '2020-03-30T07:30:00.000'
+ format: date-time
+ type: string
+ has_more:
+ description: Indicates whether additional results are available.
+ example: false
+ type: boolean
+ limit:
+ description: The number of results to return (2-1000). Values outside of this
+ range are set to the closest limit.
+ example: 50
+ maximum: 1000
+ minimum: 2
+ type: integer
+ object:
+ description: The API object type. The object type of this API is "list".
+ example: list
+ type: string
+ order:
+ description: Record order based on record identifier.
+ example: DESC
+ type: string
+ start:
+ example: '2020-03-29T07:30:00.000'
+ format: date-time
+ type: string
+ total_count:
+ example: 100
+ format: integer
+ type: integer
+ type: object
+ StatisticsReportResponse:
+ properties:
+ avg_provisioning_time_sec:
+ description: Average provisioning time in seconds.
+ example: '2.5'
+ type: number
+ device_count:
+ description: Number of manufactured devices.
+ example: '103'
+ type: integer
+ factory_id:
+ description: Factory ID.
+ example: '164'
+ type: integer
+ factory_name:
+ description: Factory name.
+ example: factory 1
+ type: string
+ id:
+ description: Unique row identifier.
+ example: 01612df56f3b0a580a010fc700000000
+ format: uuid
+ pattern: '[a-fA-F0-9]{32}'
+ type: string
+ max_provisioning_time_sec:
+ description: Maximum provisioning time in seconds.
+ example: '3.1'
+ type: number
+ min_provisioning_time_sec:
+ description: Minimum provisioning time in seconds.
+ example: '2.2'
+ type: number
+ workstation:
+ description: Workstation.
+ example: ws_1
+ type: string
+ type: object
+ StatisticsSeriesRecord:
+ description: Statistics view record.
+ properties:
+ active_devices:
+ $ref: '#/definitions/ActiveDevicesCounter'
+ device_to_pelion_messages:
+ $ref: '#/definitions/DeviceToPelionMessagesCounter'
+ firmware_updates:
+ $ref: '#/definitions/FirmwareUpdatesCounter'
+ id:
+ description: Metric ID.
+ pattern: '[0-9a-fA-F]{32}'
+ type: string
+ object:
+ description: Always `billing-statistics`.
+ enum:
+ - billing-statistics
+ type: string
+ pelion_to_device_messages:
+ $ref: '#/definitions/PelionToDeviceMessagesCounter'
+ pelion_to_webapp_notifications:
+ $ref: '#/definitions/PelionToWebappNotificationsCounter'
+ rest_api_requests_with_api_key_token:
+ $ref: '#/definitions/RestApiRequestsWithApiKeyTokenCounter'
+ rest_api_requests_with_user_token:
+ $ref: '#/definitions/RestApiRequestsWithUserTokenCounter'
+ sda_tokens:
+ $ref: '#/definitions/SdaTokensCounter'
+ timestamp:
+ description: 'The start of the interval for which the data is aggregated,
+ in RFC3339 date-time format with millisecond accuracy and UTC time zone.
+
+ Each interval includes data for the time greater than or equal to the timestamp
+ and less than the next interval''s starting.'
+ format: date-time
+ type: string
+ required:
+ - object
+ - id
+ - timestamp
+ - active_devices
+ - firmware_updates
+ - sda_tokens
+ type: object
+ StatisticsViewResponse:
+ description: Contains the statistics view of Device Management usage information.
+ properties:
+ after:
+ description: The ID after which to fetch the statistics view.
+ pattern: '[0-9a-fA-F]{32}'
+ type: string
+ data:
+ description: List of statistics view records. Empty list if no records are
+ available.
+ items:
+ $ref: '#/definitions/StatisticsSeriesRecord'
+ type: array
+ has_more:
+ description: Indicates whether a new statistics view response is available.
+ type: boolean
+ limit:
+ default: 50
+ description: Maximum number of statistics view records on a page.
+ format: int32
+ maximum: 1000
+ minimum: 2
+ type: integer
+ object:
+ description: Always `list`.
+ enum:
+ - list
+ type: string
+ order:
+ description: 'Record order. Acceptable values: ASC, DESC. Default: ASC.'
+ type: string
+ total_count:
+ description: Sum of all statistics view records to return. Included in the
+ response when you use the query parameter include=total_count.
+ format: int64
+ minimum: 0
+ type: integer
+ required:
+ - object
+ - data
+ - has_more
+ - limit
+ - order
+ type: object
SubjectList:
description: Represents arrays of user and API key IDs.
properties:
@@ -5774,39 +7158,63 @@ definitions:
items:
type: string
type: array
+ x-deprecation:
+ comment: This field is deprecated, use 'applications'
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ applications:
+ description: An array of applicationIDs.
+ items:
+ type: string
+ type: array
users:
description: An array of user IDs.
items:
type: string
type: array
type: object
+ SubscriptionsCounter:
+ description: The number of subscription requests sent to devices.
+ format: int64
+ minimum: 0
+ type: integer
SubscriptionsList:
description: A list of resource URIs, one per line.
example: /sen/light
type: string
SubtenantAccountReport:
- description: Billing report for subtenant account.
+ description: Billing report for tenant account.
properties:
account:
$ref: '#/definitions/SubtenantReportAccountContactInfo'
- description: Subtenant account contact information.
+ description: Tenant account contact information.
billing_data:
$ref: '#/definitions/ReportBillingData'
description: Report billing data.
service_package:
$ref: '#/definitions/SubtenantServicePackageReport'
- description: Report service package for subtenant account.
+ description: service package report for the tenant.
required:
- account
- billing_data
type: object
SubtenantReportAccountContactInfo:
- description: Subtenant account contact information.
+ description: Tenant account contact information.
properties:
address_line1:
type: string
address_line2:
type: string
+ alias:
+ type: string
+ business_model:
+ description: The business model selected for the account to generate the billing
+ reports.
+ enum:
+ - active_device_business_model
+ - api_calls_1_business_model
+ type: string
city:
type: string
company:
@@ -5816,7 +7224,7 @@ definitions:
country:
type: string
customer_subtenant_id:
- description: Account subtenant ID, if a subtenant.
+ description: Account tenant ID, valid only for tenants.
type: string
email:
type: string
@@ -5843,6 +7251,108 @@ definitions:
required:
- quota_usage
type: object
+ TierHistory:
+ properties:
+ tier:
+ description: 'The tier level of the account; `0`: free tier, `1`: commercial
+ account, `2`: partner tier. Other values are reserved for the future.'
+ example: '1'
+ type: string
+ updatedAt:
+ description: Last update UTC time RFC3339.
+ example: '2018-02-14T15:24:14Z'
+ format: date-time
+ type: string
+ type: object
+ TokenRequest:
+ properties:
+ aud:
+ description: 'Array of \:\ tuples representing devices for
+ which access is being requested. There must be at least one id/ep tuple.
+ \ ::= id|ep
\::=[a-zA-Z0-9+/=- ]+
\
+ :== \ ":" \
\ can be up to 60 characters
+ long, and can contain spaces.
+
+ The audience array can contain up to 50 tuples. If IAM does not authorize
+ even one item in the list, Secure Device Access does not authorize the whole
+ request and does not return an access token (access denied).'
+ items:
+ $ref: '#/definitions/AudienceItem'
+ maxItems: 50
+ minItems: 1
+ type: array
+ cnf:
+ description: The Android application proof-of-possession public key.
+ format: The public key in PEM format.
+ type: string
+ grant_type:
+ description: Hardcoded - can only be "client_credentials".
+ type: string
+ scope:
+ description: The space-delimited list of operations that user is requesting
+ permission for. The array must contain at least one scope item. A scope
+ item can have up to 60 characters. A scope list can hold up to 20 scope
+ items.
\::=[a-zA-Z][a-zA-Z0-9-]*
\::= \
+ | \ " " | \ " " \
The scope being requested
+ must match the action that the Android application eventually performs on
+ the IoT device. The device matches the scope in the access token to the
+ action requested in the operation bundle.
+ format: scope-item scope-item ...
+ type: string
+ required:
+ - grant_type
+ - aud
+ - scope
+ - cnf
+ type: object
+ TokenResponse:
+ properties:
+ access_token:
+ description: The generated CWT (CBOR Web Token) access token as a Base64 string.
+ format: byte
+ type: string
+ granted_until:
+ description: Grant expiration UTC time RFC3339.
+ format: date-time
+ type: string
+ type: object
+ TransactionsCounter:
+ description: A transaction is a data block of 512 bytes processed by Device Management.
+ It can be sent either by the device (device --> Device Management) or received
+ by the device (Device Management --> device). A transaction does not include
+ IP, TCP or UDP, TLS or DTLS packet overhead. It only contains the packet payload
+ (full CoAP packet including CoAP headers).
+ format: int64
+ minimum: 0
+ type: integer
+ TrustAnchorResponse:
+ properties:
+ created_at: *id017
+ description:
+ description: The updated notes about the trust anchor.
+ format: free text
+ maxLength: 256
+ minLength: 1
+ type: string
+ etag: *id018
+ fingerprint:
+ description: The SHA256 of the trust anchor public key; the prefix 'mbed.ta.'
+ followed by the trust anchor public key as a SHA256 hash in Base64-encoded
+ DER format.
+ format: byte
+ type: string
+ id: *id019
+ object: *id020
+ public_key:
+ description: The trust anchor public key in PEM format.
+ format: byte
+ type: string
+ public_key_der:
+ description: The generated trust anchor public key in Base64-encoded DER format.
+ format: byte
+ type: string
+ updated_at: *id021
+ type: object
TrustedCertificateReq:
description: Represents a trusted certificate in upload requests.
properties:
@@ -5857,8 +7367,14 @@ definitions:
type: string
x-nullable: true
enrollment_mode:
- description: Certificate is used in enrollment mode. Default value is false.
+ description: 'DEPRECATED: Certificate is used in enrollment mode. Default
+ value is false.'
type: boolean
+ x-deprecation:
+ comment: This field is deprecated, do not use it anymore.
+ end_of_life_at: '2021-11-01T00:00:00+00:00'
+ issued_at: '2020-11-01T00:00:00+00:00'
+ links: []
name:
description: Certificate name.
maxLength: 100
@@ -5917,9 +7433,15 @@ definitions:
format: int32
type: integer
enrollment_mode:
- description: If true, signature is not required. Default value false.
+ description: 'DEPRECATED: Certificate is used in enrollment mode. Default
+ value is false.'
example: false
type: boolean
+ x-deprecation:
+ comment: This field is deprecated, do not use it anymore.
+ end_of_life_at: '2021-11-01T00:00:00+00:00'
+ issued_at: '2020-11-01T00:00:00+00:00'
+ links: []
etag:
description: API resource entity version.
example: '1'
@@ -5998,7 +7520,7 @@ definitions:
TrustedCertificateRespList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -6061,7 +7583,8 @@ definitions:
maxLength: 100
type: string
service:
- description: Service name where the certificate must be used.
+ description: Service name where the certificate must be used. Service cannot
+ be updated for developer certificates.
enum:
- lwm2m
- bootstrap
@@ -6139,7 +7662,7 @@ definitions:
example: '85.00'
format: double
type: number
- campaign_strategy: &id016
+ campaign_strategy: &id022
default: one-shot
description: How the campaign adds devices. A `one-shot` campaign does not
add new devices after it has started. A `continuous` campaign means that
@@ -6149,17 +7672,18 @@ definitions:
- one-shot
- continuous
type: string
- created_at: *id013
+ created_at: *id014
description:
description: An optional description of the campaign.
example: This campaign updates Class XX devices to version 1.34
maxLength: 2000
type: string
device_filter:
- description: The filter for the devices the campaign is targeting at.
- example: id__eq=00000000000000000000000000000000
+ description: The filter for the devices the campaign targets. Refer to this
+ using the filter ID.
+ example: state__eq=registered
type: string
- etag: *id014
+ etag: *id015
finished:
description: The time the campaign finished.
example: '2017-05-22T12:37:55.576563Z'
@@ -6167,7 +7691,8 @@ definitions:
type: string
id:
description: The campaign ID.
- example: '00000000000000000000000000000000'
+ example: 016e83ddc648000000000001001000f5
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
description: The campaign name.
@@ -6176,6 +7701,7 @@ definitions:
type: string
object:
description: 'Entity name: always ''update-campaign''.'
+ example: update-campaign
type: string
phase:
description: The phase of the campaign.
@@ -6193,12 +7719,12 @@ definitions:
root_manifest_id:
description: The ID of the manifest that will be sent to the device as part
of the campaign.
- example: '00000000000000000000000000000000'
+ example: 016e83dce36a00000000000100100102
type: string
root_manifest_url:
description: The URL for the manifest that will be sent to the device as part
of the campaign.
- example: http://example.com/00000000000000000000000000000000
+ example: https://api.us-east-1.mbedcloud.com/v3/firmware-manifests/016e83dce36a00000000000100100102
type: string
started_at:
description: The time the campaign was started.
@@ -6248,7 +7774,7 @@ definitions:
example: '2017-05-22T12:37:55.576563Z'
format: date-time
type: string
- updated_at: *id015
+ updated_at: *id016
when:
description: The scheduled start time for the campaign. The campaign will
start within 1 minute when then start time has elapsed.
@@ -6275,10 +7801,12 @@ definitions:
format: date-time
type: string
id:
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
type: string
root_manifest_id:
+ pattern: '[A-Fa-f0-9]{32}'
type: string
started_at:
example: '2017-05-22T12:37:55.576563Z'
@@ -6340,10 +7868,14 @@ definitions:
format: date-time
type: string
id:
+ example: 015c3029f6f7000000000001001000c3
+ pattern: '[A-Fa-f0-9]{32}'
type: string
name:
type: string
root_manifest_id:
+ example: 015c6029f6f9000000000001001000f4
+ pattern: '[A-Fa-f0-9]{32}'
type: string
started_at:
example: '2017-05-22T12:37:55.576563Z'
@@ -6374,6 +7906,7 @@ definitions:
type: integer
object:
description: 'Entity name: always ''list''.'
+ example: list
type: string
order:
description: 'The order of the records to return. Acceptable values: ASC,
@@ -6396,15 +7929,16 @@ definitions:
autostop_success_percent:
default: 100.0
type: number
- campaign_strategy: *id016
+ campaign_strategy: *id022
description:
description: An optional description of the campaign.
example: a description
maxLength: 2000
type: string
device_filter:
- description: The filter for the devices the campaign is targeted at.
- example: id__eq=00000000000000000000000000000000
+ description: The filter for the devices the campaign targets. Refer to this
+ using the filter ID.
+ example: state__eq=registered
type: string
name:
default: default_object_name
@@ -6412,10 +7946,26 @@ definitions:
maxLength: 128
type: string
root_manifest_id:
- example: '12345678901234567890123456789012'
- maxLength: 32
- minLength: 32
+ example: 016e83b46477000000000001001001f3
+ pattern: '[A-Fa-f0-9]{32}'
+ type: string
+ state:
+ description: 'DEPRECATED: The state of the campaign (use phase instead)'
+ enum:
+ - draft
+ - scheduled
+ type: string
+ x-deprecation:
+ comment: Use phase instead
+ end_of_life_at: '2020-03-18T14:55:20+00:00'
+ issued_at: '2019-03-18T14:55:20+00:00'
+ links: []
+ when:
+ description: The scheduled start time for the update campaign. Not in use.
+ example: '2017-05-22T12:37:55.576563Z'
+ format: date-time
type: string
+ x-nullable: true
required:
- device_filter
UpdateCampaignPutRequest:
@@ -6431,26 +7981,102 @@ definitions:
type: number
description:
description: An optional description of the campaign.
- example: ''
+ example: description
+ format: free text
maxLength: 2000
type: string
device_filter:
- description: The filter for the devices the campaign is targeting at.
- example: id__eq=00000000000000000000000000000000
+ description: The filter for the devices the campaign targets. Refer to this
+ using the filter ID.
+ example: state__eq=registered
type: string
name:
description: The campaign's name.
example: campaign
+ format: free text
maxLength: 128
type: string
root_manifest_id:
- example: '00000000000000000000000000000000'
- maxLength: 32
+ example: 016e83dce36a00000000000100100201
+ pattern: '[A-Fa-f0-9]{32}'
+ type: string
+ state:
+ description: 'DEPRECATED: The state of the campaign (use phase instead).'
+ enum:
+ - draft
+ - scheduled
+ - allocatingquota
+ - allocatedquota
+ - quotaallocationfailed
+ - checkingmanifest
+ - checkedmanifest
+ - devicefetch
+ - devicecopy
+ - devicecheck
+ - publishing
+ - deploying
+ - deployed
+ - manifestremoved
+ - expired
+ - stopping
+ - autostopped
+ - userstopped
+ - conflict
+ type: string
+ x-deprecation:
+ comment: Use phase instead
+ end_of_life_at: '2020-03-18T14:55:20+00:00'
+ issued_at: '2019-03-18T14:55:20+00:00'
+ links: []
+ when:
+ description: The scheduled start time for the update campaign. Not in use.
+ example: '2017-05-22T12:37:55.576563Z'
+ format: date-time
+ type: string
+ x-nullable: true
+ UpdateTrustAnchorRequest:
+ properties:
+ description:
+ description: The new description for the trust anchor.
+ format: free text
+ maxLength: 256
+ minLength: 1
+ type: string
+ required:
+ - description
+ type: object
+ UpdateTrustAnchorResponse:
+ properties:
+ created_at: *id017
+ description:
+ description: The updated notes about the trust anchor.
+ format: free text
+ maxLength: 256
+ minLength: 1
+ type: string
+ etag: *id018
+ fingerprint:
+ description: The SHA256 of the trust anchor public key; the prefix 'mbed.ta.'
+ followed by the trust anchor public key as a SHA256 hash in Base64-encoded
+ DER format.
+ format: byte
+ type: string
+ id: *id019
+ object: *id020
+ public_key:
+ description: The trust anchor public key in PEM format.
+ format: byte
+ type: string
+ public_key_der:
+ description: The generated trust anchor public key in Base64-encoded DER format.
+ format: byte
type: string
+ updated_at: *id021
+ type: object
UploadChunkInfo:
properties:
- created_at: *id013
- etag: *id014
+ created_at: *id014
+ etag: *id015
hash:
description: The hash of the chunk. The default hash is MD5. If no Content-MD5
header is supplied as part of uploading the chunk then this will be empty.
@@ -6467,7 +8093,7 @@ definitions:
description: 'Entity name: always ''upload-info''.'
example: upload-info
type: string
- updated_at: *id015
+ updated_at: *id016
upload_job_id:
description: The upload job ID.
example: '00000000000000000000000000000000'
@@ -6489,6 +8115,7 @@ definitions:
type: integer
object:
description: 'Entity name: always ''list''.'
+ example: list
type: string
order:
description: 'The order of the records to return. Acceptable values: ASC,
@@ -6507,22 +8134,24 @@ definitions:
description: A flag that indicates job completion.
example: false
type: boolean
- created_at: *id013
- description: &id028
+ created_at: *id014
+ description: &id035
description: Human-readable description.
example: New Linux update for my devices
maxLength: 2000
type: string
- etag: *id014
+ etag: *id015
firmware_image_id:
description: ID of the firmware image - empty until the upload job is complete.
- example: '00000000000000000000000000000000'
+ example: 016e652be671000000000001001001a8
+ pattern: '[A-Fa-f0-9]{32}'
type: string
id:
description: The upload job ID.
- example: '00000000000000000000000000000000'
+ example: 016e652be671000000000001001001e5
+ pattern: '[A-Fa-f0-9]{32}'
type: string
- name: &id029
+ name: &id036
description: Human-readable name.
example: New Linux update
maxLength: 128
@@ -6535,7 +8164,7 @@ definitions:
description: Status of the upload job.
example: in_progress
type: string
- updated_at: *id015
+ updated_at: *id016
type: object
UploadJobPage:
properties:
@@ -6553,6 +8182,7 @@ definitions:
type: integer
object:
description: 'Entity name: always ''list''.'
+ example: list
type: string
order:
description: 'The order of the records to return. Acceptable values: ASC,
@@ -6783,7 +8413,7 @@ definitions:
UserInfoRespList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -6924,7 +8554,7 @@ definitions:
UserInvitationRespList:
properties:
after:
- description: The entity ID to fetch after the given one.
+ description: The entity ID to retrieve after the given one.
example: 01619571f3c00242ac12000600000000
pattern: '[a-f0-9]{32}'
type: string
@@ -7002,8 +8632,9 @@ definitions:
type: boolean
x-nullable: true
is_totp_enabled:
- description: A flag indicating whether mandatory two-factor authentication
- (TOTP) is enabled.
+ description: A flag indicating whether two-factor authentication (TOTP) is
+ enabled. An account administrator can disable it, but cannot enable it for
+ other users.
type: boolean
x-nullable: true
login_profiles:
@@ -7050,10 +8681,7 @@ definitions:
example: '{"authorization" : "f4b93d6e-4652-4874-82e4-41a3ced0cd56"}'
type: object
serialization:
- description: Serialization configuration for a channel.
- schema:
- $ref: '#/definitions/SerializationConfigData'
- type: object
+ $ref: '#/definitions/SerializationConfigData'
url:
description: The URL to which the notifications are sent. We recommend that
you serve this URL over HTTPS.
@@ -7067,21 +8695,21 @@ definitions:
queue_size:
default: 0
description: Number of events in the channel's event queue waiting to be delivered.
+ If the server cannot determine the queue size the value will be set to `-1`.
example: 0
type: integer
serialization:
- description: Serialization configuration for a channel.
- schema:
- $ref: '#/definitions/SerializationConfigData'
- type: object
+ $ref: '#/definitions/SerializationConfigData'
status:
default: disconnected
description: Channel status is 'connected' when the channel has an active
- WebSocket bound to it. The state is 'disconnected' when either the channel
- or the WebSocket bound to it is closed.
+ WebSocket bound to it. The status is 'disconnected' when either the channel
+ or the WebSocket bound to it is closed and 'unknown' when the server cannot
+ determine it.
enum:
- connected
- disconnected
+ - unknown
example: disconnected
type: string
type: object
@@ -7147,14 +8775,24 @@ definitions:
consider the response from the device, it includes only the responses to
the HTTP requests used to manage the device. This metric includes only messages
handled by the Connect service, it does not include any HTTP errors returned
- by firewall as result of malformed messages.
+ by firewall as result of malformed messages. The number of failed [Connect
+ API](https://www.pelion.com/docs/device-management-api/connect/) requests
+ that have been performed using the account. This metric does not consider
+ the response from the device, it includes only the responses to the HTTP
+ requests used to manage the device. This metric includes only messages handled
+ by the Connect service, not any HTTP errors returned by the firewall as
+ a result of incorrect messages.
format: int64
type: integer
connect_rest_api_success:
description: The number of successful [Connect API](/docs/current/service-api-references/device-management-connect.html)
requests that have been performed using the account. This metric does not
consider the response from the device, it includes only the responses to
- the HTTP requests used to manage the device.
+ the HTTP requests used to manage the device. The number of successful [Connect
+ API](https://www.pelion.com/docs/device-management-api/connect/) requests
+ that have been performed using the account. This metric does not consider
+ the response from the device, only the responses to the HTTP requests used
+ to manage the device.
format: int64
type: integer
deleted_registrations:
@@ -7169,7 +8807,7 @@ definitions:
description: '**(Beta)** The number of notifications received by the Device
Management Connect service from the devices linked to the account. The device
pushes notifications to Device Management Connect when you have successfully
- subscribed to the device resources using [Connect API](/docs/current/service-api-references/device-management-connect.html)
+ subscribed to the device resources using [Connect API](https://www.pelion.com/docs/device-management-api/connect/)
endpoints.
'
@@ -7179,7 +8817,7 @@ definitions:
description: '**(Beta)** The number of failed proxy requests from the Device
Management Connect service to devices linked to the account. Device Management
Connect makes proxy requests to devices when you try to read or write values
- to device resources using [Connect API](/docs/current/service-api-references/device-management-connect.html)
+ to device resources using [Connect API](https://www.pelion.com/docs/device-management-api/connect/)
endpoints.
'
@@ -7189,7 +8827,7 @@ definitions:
description: '**(Beta)** The number of successful proxy requests from the
Device Management Connect service to devices linked to the account. Device
Management Connect makes proxy requests to devices when you try to read
- or write values to device resources using [Connect API](/docs/current/service-api-references/device-management-connect.html)
+ or write values to device resources using [Connect API](https://www.pelion.com/docs/device-management-api/connect/)
endpoints.
'
@@ -7199,7 +8837,7 @@ definitions:
description: '**(Beta)** The number of failed subscription requests from the
Device Management Connect service to devices linked to the account. Device
Management Connect makes subscription requests to devices when you try to
- subscribe to a resource path using [Connect API](/docs/current/service-api-references/device-management-connect.html)
+ subscribe to a resource path using [Connect API](https://www.pelion.com/docs/device-management-api/connect/)
endpoints.
'
@@ -7209,7 +8847,7 @@ definitions:
description: '**(Beta)** The number of successful subscription requests from
the Device Management Connect service to devices linked to the account.
Device Management Connect makes subscription requests to devices when you
- try to subscribe to a resource path using [Connect API](/docs/current/service-api-references/device-management-connect.html)
+ try to subscribe to a resource path using [Connect API](https://www.pelion.com/docs/device-management-api/connect/)
endpoints.
'
@@ -7295,157 +8933,478 @@ info:
title: Pelion Device Management API
version: '3'
paths:
- /v2/device-requests/{device-id}:
+ //ace-auth/token:
post:
- consumes:
- - application/json
- description: 'This API provides an interface to asynchronously call methods
- on a device.
-
-
- The `async-id` is provided by the client, enabling the client to track the
- end-to-end flow with an identifier
-
- that is relevant to the end application. For example, a web application''s
- session ID along with the device ID
-
- and the resource path could be used as the `async-id`. This also avoids any
- race conditions with
-
- [the notification channel](/docs/current/integrate-web-app/event-notification.html).
- All responses are sent through the
-
- currently configured notification channel as an **AsyncIDResponse**.
-
-
- For `GET` methods, values may be fetched from an internal cache, instead of
- contacting the device.
-
-
- The server queues requests if it cannot reach the device at the time of the
- request. The queue is limited to 20
-
- requests. The queueing behaviour is affected by the `retry` and the `expiry-seconds`
- parameters. If the device
-
- is not reached, or the device fails to respond when the request is made, the
- server queues the request
-
- and retries within the given expiry period the next time the device contacts
- the server. The requests from
-
- the queue are delivered in the order of insertion, one at a time, and not
- concurrently.
+ description: "Generate a signed CWT (CBOR Web Token). The SDA Android SDK uses\
+ \ this API to gain access to perform actions on the devices specified in the\
+ \ audience (aud).\n
\nAuthorized for roles: Service, ServiceAdministrator\n\
+
\n**Usage example:**\n```\ncurl -X POST https://api.us-east-1.mbedcloud.com/ace-auth/token\
+ \ \\\n-H 'Authorization: ' \\\n-H 'content-type: application/json;charset=UTF-8'\
+ \ \\\n-d '{\n \"grant_type\":\"client_credentials\",\n \"aud\":[\"id:f90b1017e52f4c70ad92684e802c9249\"\
+ ,\"ep:dev1\"],\n \"scope\":\"turn-led-on\",\n \"cnf\":\"-----BEGIN PUBLIC\
+ \ KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ...XwIDAQAB-----END PUBLIC KEY-----\"\
+ \n}'\n```\n"
+ operationId: createAceAuthToken
+ parameters:
+ - description: Create access token request.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/TokenRequest'
+ responses:
+ '200':
+ description: A signed CWT (CBOR Web Token) access token.
+ schema:
+ $ref: '#/definitions/TokenResponse'
+ '400':
+ description: 'Bad request. Returns the standard error object detailing the
+ error message and, optionally, the invalid fields.
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: 'Authentication failure. The provided header is invalid or
+ missing.
- One delivery attempt consist from protocol specific retrasmission logic, where
- is multiple trasmissions. In case
+ Returns the standard error object detailing the error message and, optionally,
+ the invalid fields.
- of CoAP, the retrasmissions exponential backoff 2, 4, 8, 16 to 64 seconds,
- taking total over 2 minutes.
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get an access token to use with a device.
+ tags:
+ - Security and identity - secure device access
+ x-origin: /home/circleci/project/sda-service/public/sda.yaml
+ //v3/trust-anchors:
+ get:
+ description: 'Get all trust anchors that match the account ID specified in the
+ JWT.
- If the device does not respond within this two-minute period, delivery fails,
- and the request is put back
+
- in the queue so long as the retry count is less than its maximum.
+ Authorized for roles: Service, ServiceAdministrator
+
- For a queue-mode device, the request delivery is not attempted immediately,
- but only when the device next time
+ **Usage example:**
- contacts the server.
+ ```
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/trust-anchors \
- If retries are exhausted or the expiry time has passed, then the server discards
- the request and sends an error
+ -H ''Authorization: ''
- in **AsyncIDResponse**. The retries could be exhausted, for example, if the
- device periodically contacts
+ ```
- the server and receives the request from the queue, but then fails to respond
- back to the server.
+ '
+ operationId: getTrustAnchors
+ parameters:
+ - description: Indicates how many objects to retrieve in the page. The minimum
+ limit is 2 and the maximum is 1000. Limit values outside of this range are
+ set to the closest limit.
+ in: query
+ maximum: 1000
+ minimum: 2
+ name: limit
+ type: integer
+ - description: Indicates how to order the entries based on when they were created.
+ `ASC` by default.
+ enum:
+ - ASC
+ - DESC
+ in: query
+ name: order
+ type: string
+ - description: The ID of the item after which to retrieve the next page.
+ in: query
+ name: after
+ pattern: '[A-Fa-f0-9]{32}'
+ type: string
+ - description: 'Comma-separated list of data fields to return. Currently supported:
+ `total_count`.'
+ in: query
+ name: include
+ type: string
+ responses:
+ '200':
+ description: 'Returns the list of trust anchors associated to the account_id
+ specified in the access token.
+ '
+ schema:
+ $ref: '#/definitions/GetTrustAnchorsResponse'
+ '400':
+ description: 'Bad request. Returns the standard error object detailing the
+ error message and, optionally, the invalid fields.
- On the other hand, the device might lose its network connectivity, and the
- requests in the queue might expire
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: 'Authentication failure. The provided header is invalid or
+ missing.
- and get discarded before the device regains the connectivity.
+ Returns the standard error object detailing the error message and, optionally,
+ the invalid fields.
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get the account's trust anchor used to sign the access token.
+ tags:
+ - Security and identity - secure device access
+ x-origin: /home/circleci/project/sda-service/public/sda.yaml
+ post:
+ description: "Create a trust anchor key pair and return the public key and creation\
+ \ time.\nEach account can have one trust anchor only. This API fails if a\
+ \ trust anchor already exists for the account.\n
\nAuthorized for roles:\
+ \ Service, ServiceAdministrator\n
\n**Usage example:**\n```\ncurl -X POST\
+ \ https://api.us-east-1.mbedcloud.com/v3/trust-anchors \\\n-H 'Authorization:\
+ \ ' \\\n-H 'content-type: application/json;charset=UTF-8' \\\n\
+ -d '{\n \"description\": \"Trust anchor for room lighting controller.\"\n\
+ }'\n```\n"
+ operationId: createTrustAnchor
+ parameters:
+ - description: Request a new trust anchor.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/CreateTrustAnchorRequest'
+ responses:
+ '201':
+ description: Trust anchor created.
+ schema:
+ $ref: '#/definitions/CreateTrustAnchorResponse'
+ '400':
+ description: 'Bad request. Returns the standard error object detailing the
+ error message and, optionally, the invalid fields.
- You can write [Notification Rules](../connecting/resource-change-webapp.html#notification-rules)
- for a
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: 'Authentication failure. The provided header is invalid or
+ missing.
- resource with PUT command. Please see example of the payload below.
+ Returns the standard error object detailing the error message and, optionally,
+ the invalid fields.
- ```
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: 'Account limit exceeded. There is already a trust anchor defined
+ for the account.
- { "method": "PUT", "uri": "/5/0/1?lt=10>=60&pmax=120" }
+ Returns the standard error object detailing the error message.
- ```
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Create a new trust anchor for the account.
+ tags:
+ - Security and identity - secure device access
+ x-origin: /home/circleci/project/sda-service/public/sda.yaml
+ //v3/trust-anchors/{trust_anchor_id}:
+ delete:
+ description: 'Delete the specified trust anchor. Unrecoverable.
+
- POST `method` can be used to either execute or create resource on a LWM2M
- supporting device. When creating
+ Authorized for roles: Service, ServiceAdministrator
- a resource, `uri` must refer to an object, and `payload-b64` must be in LWM2M
- TLV format, as in
+
- the following example.
+ **Usage example:**
```
- { "method": "POST", "uri": "/123", "content-type": "application/vnd.oma.lwm2m+tlv",
- "payload-b64": "BwHFAnZhbHVl" }
-
- ```
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/trust-anchors/8e0a9494cc95b750ec6c81464eb06725
+ \
+ -H ''Authorization: '' \
```
- Example URIs:
-
- POST /v2/device-requests/015f2fa34d310000000000010030036c?async-id=123e4567-e89b-12d3-a456-426655440000
-
- POST /v2/device-requests/015f2fa34d310000000000010030036c?async-id=123e4567-e89b-12d3-a456-426655440000&retry=2&expiry-seconds=7200
-
+ '
+ operationId: deleteTrustAnchor
+ parameters:
+ - description: The id of the trust anchor to be deleted
+ in: path
+ name: trust_anchor_id
+ pattern: '[A-Fa-f0-9]{32}'
+ required: true
+ type: string
+ responses:
+ '204':
+ description: Trust anchor deleted.
+ '400':
+ description: 'Bad request. Returns the standard error object detailing the
+ error message and, optionally, the invalid fields.
- Example payload to read value from resource /5/0/1:
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: 'Authentication failure. The provided header is invalid or
+ missing.
- { "method": "GET", "uri": "/5/0/1" }
+ Returns the standard error object detailing the error message and, optionally,
+ the invalid fields.
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: The trust anchor to be deleted was not found.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Delete a trust anchor.
+ tags:
+ - Security and identity - secure device access
+ x-origin: /home/circleci/project/sda-service/public/sda.yaml
+ put:
+ description: "Updates a trust anchor description attribute.\n
\nAuthorized\
+ \ for roles: Service, ServiceAdministrator\n
\n**Usage example:**\n```\n\
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/trust-anchors/8e0a9494cc95b750ec6c81464eb06725\
+ \ \\\n-H 'Authorization: ' \\\n-H 'content-type: application/json;charset=UTF-8'\
+ \ \\\n-d '{\n \"description\": \"Trust anchor for ambient light module\"\n\
+ }'\n```\n"
+ operationId: updateTrustAnchor
+ parameters:
+ - description: The id of the trust anchor to be updated
+ in: path
+ name: trust_anchor_id
+ pattern: '[A-Fa-f0-9]{32}'
+ required: true
+ type: string
+ - description: Update trust anchor request.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/UpdateTrustAnchorRequest'
+ responses:
+ '200':
+ description: Trust anchor updated.
+ schema:
+ $ref: '#/definitions/UpdateTrustAnchorResponse'
+ '400':
+ description: 'Bad request. Returns the standard error object detailing the
+ error message and, optionally, the invalid fields.
+
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: 'Authentication failure. The provided header is invalid or
+ missing.
- Example payload to set notification rules for resource /5/0/1:
+ Returns the standard error object detailing the error message and, optionally,
+ the invalid fields.
+
+ '
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: The trust anchor to be updated was not found.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Update trust anchor attributes (description).
+ tags:
+ - Security and identity - secure device access
+ x-origin: /home/circleci/project/sda-service/public/sda.yaml
+ /downloads/fcu/factory_configurator_utility.zip:
+ get:
+ description: 'Downloads the Factory Configurator Utility (FCU) archive .zip
+ file for the account ID associated with the access token.
- { "method": "PUT", "uri": "/5/0/1?lt=10>=60&pmax=120" }
+
+ **Example:**
- Example payload to write value "value1" to resource /5/0/1:
+
- { "method": "PUT", "uri": "/5/0/1?k1=v1&k2=v2", "accept": "text/plain", "content-type":
- "text/plain", "payload-b64": "dmFsdWUxCg==" }
+ ```
+ curl -X GET https://api.us-east-1.mbedcloud.com/downloads/fcu/factory_configurator_utility.zip
+ \
- Example payload to execute LWM2M resource /123/1/1:
+ -H ''Authorization: Bearer ''
- { "method": "POST", "uri": "/123/1/1" }
+ ```
+ '
+ operationId: downloadFactoryTool
+ produces:
+ - application/zip
+ responses:
+ '200':
+ description: The archive file was downloaded successfully.
+ '400':
+ description: Validation error or bad request.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Access denied.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '500':
+ description: Internal server error.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Download the Factory Configurator Utility archive.
+ tags:
+ - Manufacturing - Factory Configurator Utility (FCU)
+ x-origin: /home/circleci/project/factory-tool-download/public/swagger.yaml
+ /downloads/fcu/info:
+ get:
+ description: "Returns information about the Factory Configurator Utility (FCU)\
+ \ archive.\n
\n**Example:**\n
\n```\ncurl -X GET https://api.us-east-1.mbedcloud.com/downloads/fcu/inf\
+ \ \\\n-H 'Authorization: Bearer ' \n```\n"
+ operationId: getFactoryToolInfo
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful response of the archive information.
+ schema:
+ $ref: '#/definitions/ArchiveInfoResponse'
+ '400':
+ description: Validation error or bad request.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Access denied.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '500':
+ description: Internal server error.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Download information about the Factory Configurator Utility archive.
+ tags:
+ - Manufacturing - Factory Configurator Utility (FCU)
+ x-origin: /home/circleci/project/factory-tool-download/public/swagger.yaml
+ /downloads/fcu/release_notes:
+ get:
+ description: 'Downloads the Factory Configurator Utility (FCU) release notes.
- Immediate response:
+
- 202 Accepted
+ **Example:**
+
- Examples of AsyncIDResponse, delivered via the notification channel:
+ ```
- { "async-responses": [ { "id": "123e4567-e89b-12d3-a456-426655440000", "status":
- 200, "payload": "dmFsdWUxCg==", "ct": "text/plain", "max-age": 600 } ] }
+ curl -X GET https://api.us-east-1.mbedcloud.com/downloads/fcu/release_notes
+ \
- { "async-responses": [ { "id": "123e4567-e89b-12d3-a456-426655440000", "status":
- 504, "error": "TIMEOUT" } ] }
+ -H ''Authorization: Bearer ''
```
'
+ operationId: getFactoryToolReleaseNotes
+ produces:
+ - text/markdown ; charset=UTF-8
+ - application/json
+ responses:
+ '200':
+ description: The release notes were downloaded successfully.
+ '400':
+ description: Validation error or bad request.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Access denied.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '500':
+ description: Internal server error.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Download Factory Configurator Utility release notes.
+ tags:
+ - Manufacturing - Factory Configurator Utility (FCU)
+ x-origin: /home/circleci/project/factory-tool-download/public/swagger.yaml
+ /v2/device-requests/{device-id}:
+ post:
+ consumes:
+ - application/json
+ description: "This API provides an interface to call CoAP (Constrained Application\
+ \ Protocol) methods on a device and send commands to device resources.\n\n\
+ As part of the request body, you must specify the CoAP method you want to\
+ \ call on the device:\n\n- Use the GET method to read resource values.\n\n\
+ \ For example, to read the value of resource `/3200/0/5501`, use:\n\n \
+ \ ```\n curl -X POST https://api.us-east-1.mbedcloud.com/v2/device-requests/{device_id}?async-id={async-response-id}\
+ \ \\\n -H 'Authorization: Bearer {access_key}' \\\n -H 'content-type:\
+ \ application/json' \\\n -d '{\"method\": \"GET\", \"uri\": \"/3200/0/5501\"\
+ }'\n ```\n\n> For `GET` methods, the API may fetch values from an internal\
+ \ cache, instead of contacting the device.\n> If the value is not in the cache,\
+ \ the read command goes all the way to the device.\n\n\n- Use the PUT method\
+ \ to write [notification rules](https://www.pelion.com/docs/device-management/current/resources/resource-change-webapp.html)\
+ \ or resource values for a resource.\n\n Example payload to write a notification\
+ \ rule:\n\n ```\n { \"method\": \"PUT\", \"uri\": \"/5/0/1?lt=10>=60&pmax=120\"\
+ \ }\n ```\n\n- Example payload to write a value to resource `/5/0/1`:\n\
+ \n ```\n { \"method\": \"PUT\", \"uri\": \"/5/0/1?k1=v1&k2=v2\", \"\
+ accept\": \"text/plain\", \"content-type\": \"text/plain\", \"payload-b64\"\
+ : \"dmFsdWUxCg==\" }\n ```\n\n- Use the POST method to execute or create\
+ \ a resource on a LWM2M supporting device.\n\n When you create a resource,\
+ \ `uri` must refer to an object, and `payload-b64` must be in LWM2M TLV format\
+ \ for example:\n\n ```\n { \"method\": \"POST\", \"uri\": \"/123\",\
+ \ \"content-type\": \"application/vnd.oma.lwm2m+tlv\", \"payload-b64\": \"\
+ BwHFAnZhbHVl\" }\n ```\n\n- Use the POST method to execute resource on\
+ \ a LWM2M supporting device.\n\n Example payload to execute LWM2M resource\
+ \ `/123/1/1`:\n\n ```\n { \"method\": \"POST\", \"uri\": \"/123/1/1\"\
+ \ }\n ```\n\n- Device Management sends responses through the currently\
+ \ configured notification channel as `AsyncIDResponse`.\n\n Example `AsyncIDResponse`\
+ \ delivered through the notification channel:\n\n ```\n { \"async-responses\"\
+ : [ { \"id\": \"123e4567-e89b-12d3-a456-426655440000\", \"status\": 200, \"\
+ payload\": \"dmFsdWUxCg==\", \"ct\": \"text/plain\", \"max-age\": 600 } ]\
+ \ }\n ```\n\n ```\n { \"async-responses\": [ { \"id\": \"123e4567-e89b-12d3-a456-426655440000\"\
+ , \"status\": 504, \"error\": \"TIMEOUT\" } ] }\n ```\n\n> If it cannot\
+ \ reach the device at the time of the request, Device Management puts the\
+ \ requests in a queue.\n\n**Queueing behavior**\n\nIf Device Management does\
+ \ not reach the device, or the device fails to respond, the server queues\
+ \ the request and retries the delivery, for the period of time defined by\
+ \ `expiry-seconds`, the next time the device contacts the server.\n\nThe queue\
+ \ is limited to 20 requests.\n\nDevice Management delivers requests from the\
+ \ queue in the order of insertion, one at a time, and not concurrently.\n\n\
+ Delivery attempts follow protocol-specific retransmission logic. There can\
+ \ be multiple transmissions, depending on the protocol. For CoAP, the retransmissions\
+ \ have an exponential backoff of 2, 4, 8, 16, and up to 64 seconds, taking\
+ \ in total over two minutes.\nIf the device does not respond within this two-minute\
+ \ period, the delivery fails, Device Management performs one retry and then\
+ \ puts the request back into the queue until the retry count reaches its limit.\n\
+ \nDevice Management attempts to redeliver the request when the device next\
+ \ contacts the server.\n\nWhen Device Management reaches the `retry` or `expiry-seconds`\
+ \ limit, the server discards the request and sends an error in `AsyncIDResponse`.\n\
+ \nFor example:\n\n- Retries could be exhausted if the device periodically\
+ \ contacts the server and receives the request from the queue, but then fails\
+ \ to respond to the server.\n\n- The device may lose its network connectivity,\
+ \ and the requests in the queue may expire and get discarded before the device\
+ \ regains connectivity. When Device Management delivers the request to the\
+ \ device, the status code in `AsyncIDResponse` is *2xx* or *4xx*, based on\
+ \ the device's response. If Device Management could not deliver the request,\
+ \ the server generates a status code of *429* or *5xx*."
operationId: createAsyncRequest
parameters:
- description: The device ID generated by Device Management.
@@ -7454,19 +9413,22 @@ paths:
name: device-id
required: true
type: string
- - description: The client-generated ID for matching the correct response delivered
- by notification.
+ - description: A client-generated ID that lets the REST client track the end-to-end
+ flow and prevents race conditions with the notification channel. The `async-id`
+ can be, for example, a UUID or the web application session ID along with
+ the device ID and the resource.
format: 1-40 alphanumeric characters and dashes.
in: query
name: async-id
pattern: ^[\w\-]{1,40}$
required: true
type: string
- - description: The count of retry transmissions of the request to the device,
- after initial transmission. For example, retry of two means three delivery
- attempts in total. If retries are exhausted, the request is discarded and
- an error is delivered in the AsyncIDResponse. Default value of retry is
- 0 for a non-queue-mode device and 2 for a queue-mode device.
+ - description: The number of attempts to deliver the request to the device after
+ the first delivery attempt. For example, two retries sums up to the total
+ of three delivery attempts. When retries are exhausted, Device Management
+ discards the request and delivers an error in the AsyncIDResponse. The default
+ number of retries for a non-queue mode device is `0`. The default number
+ of retries for a queue-mode device is `2`.
in: query
maximum: 10
minimum: 0
@@ -7474,16 +9436,32 @@ paths:
required: false
type: integer
- description: The time period during which the delivery is attempted, in seconds.
- If the device is not reachable within this period, the request is discarded
- and an error is delivered in the AsyncIDResponse. Default value of expiry-seconds
- is 2 hours for a non-queue-mode device and 3 days for a queue-mode device.
+ If the device is not reachable within this period, Device Management discards
+ the request and delivers an error in the AsyncIDResponse. The default time
+ period during which the delivery is attempted is two hours for a non-queue
+ mode device and three days for a queue-mode device.
in: query
maximum: 2592000
minimum: 60
name: expiry-seconds
required: false
type: integer
- - description: Device request to send.
+ - description: 'Device request to send. The body element has `method`, `uri`,
+ `accept`, `content-type` and `payload-b64` fields.
+
+ - The `method` is one of `GET`, `PUT`, `POST`, `DELETE`.
+
+ - The `uri` field is the path to the LwM2M object and can include query
+ parameters. This can include key-value pairs, for example, `/5/0/1?key1=value1;key2=value2`.
+
+ - The `accept` field defines the content type that the requesting client
+ will accept.
+
+ - The `content-type` describes the content type of the base-64 encoded `payload-b64`
+ field.
+
+ - The `payload-b64` is the payload to send to the device in base-64 encoded
+ form.'
in: body
name: body
required: true
@@ -7495,8 +9473,10 @@ paths:
202:
description: Accepted.
400:
- description: Bad request. Contains one of the errors RESOURCE_NOT_FOUND,
- DEVICE_NOT_CONNECTED, MALFORMED_JSON_CONTENT, MALFORMED_ASYNC_ID and QUEUE_IS_FULL
+ description: 'Bad request. Contains one of the errors RESOURCE_NOT_FOUND,
+ DEVICE_NOT_CONNECTED, MALFORMED_JSON_CONTENT,
+
+ MALFORMED_ASYNC_ID and QUEUE_IS_FULL'
schema:
type: string
401:
@@ -7505,16 +9485,16 @@ paths:
description: "Contains one of the following errors:\n\n \n\
\ \n | Error message | \n Description | \n\
\
\n \n \n \n | DEVICE_NOT_FOUND | \n\
- \ Device is not in Device reqistry. Either device has requestd\
- \ register delete or device has not connected in time and expired. | \n\
+ \ The device is not in the device registry. It has either requested\
+ \ for register delete\n or it has not connected in time and is expired. | \n\
\
\n \n | URI_PATH_DOES_NOT_EXISTS | \n\
\ The device does not have requested resource. Check the resource\
\ path is correct. | \n
\n \n
"
schema:
type: string
- summary: Send an async request to device
+ summary: Send an asynchronous request to read, write or post to a device resource.
tags:
- - DeviceRequests
+ - Device data - requests
x-origin: /home/circleci/project/device-server/public/swagger.yaml
/v2/device-shared-keys:
get:
@@ -7531,13 +9511,17 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/device-shared-keys \
- -H "Authorization: Bearer "
+ -H "Authorization: Bearer "
```'
operationId: listPreSharedKeys
parameters:
- - description: The number of entries per page.
+ - default: 50
+ description: The number of objects to retrieve on a page (2-1000). Values
+ outside the range are set to the closest limit.
in: query
+ maximum: 1000
+ minimum: 2
name: limit
required: false
type: integer
@@ -7559,7 +9543,7 @@ paths:
or INVALID_LIMIT.
summary: List PSKs.
tags:
- - PreSharedKeys
+ - Security and identity - pre-shared keys
x-origin: /home/circleci/project/connector-bootstrap/public/swagger.yaml
post:
consumes:
@@ -7569,7 +9553,7 @@ paths:
\ re-setting a PSK for an endpoint.\n\n**Note**: The PSK APIs are available\
\ only to accounts that have this feature enabled.\n\n**Example:**\n```\n\
curl -X POST https://api.us-east-1.mbedcloud.com/v2/device-shared-keys \\\n\
- -H \"Authorization: Bearer \" \\\n-H \"content-type: application/json\"\
+ -H \"Authorization: Bearer \" \\\n-H \"content-type: application/json\"\
\ \\\n -d '{ \"endpoint_name\": \"my-endpoint-0001\", \"secret_hex\"\
: \"4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a\" }'\n```"
operationId: uploadPreSharedKey
@@ -7602,7 +9586,7 @@ paths:
type: string
summary: Upload a PSK to Pelion Device Management.
tags:
- - PreSharedKeys
+ - Security and identity - pre-shared keys
x-origin: /home/circleci/project/connector-bootstrap/public/swagger.yaml
/v2/device-shared-keys/{endpoint_name}:
delete:
@@ -7617,7 +9601,7 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/device-shared-keys/my-endpoint-0001
\
- -H "Authorization: Bearer "
+ -H "Authorization: Bearer "
```'
operationId: deletePreSharedKey
@@ -7642,7 +9626,7 @@ paths:
description: Authentication failure.
summary: Remove a PSK.
tags:
- - PreSharedKeys
+ - Security and identity - pre-shared keys
x-origin: /home/circleci/project/connector-bootstrap/public/swagger.yaml
get:
description: 'Check if a PSK for an endpoint exists or not. The response does
@@ -7657,7 +9641,7 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/device-shared-keys/my-endpoint-0001
\
- -H "Authorization: Bearer "
+ -H "Authorization: Bearer "
```'
operationId: getPreSharedKey
@@ -7685,12 +9669,12 @@ paths:
description: The PSK does not exist.
summary: Get a PSK.
tags:
- - PreSharedKeys
+ - Security and identity - pre-shared keys
x-origin: /home/circleci/project/connector-bootstrap/public/swagger.yaml
/v2/endpoints/{device-id}:
get:
- description: 'Retrieves resources cached by Device Management Connect. This
- call does not formulate a message to the device.
+ description: 'Retrieves information about the resource structure for a device
+ from Device Management. This call does not reach the device.
**Example:**
@@ -7699,13 +9683,13 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/endpoints/{device-id} \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: getEndpointResources
parameters:
- - description: A unique device ID for an endpoint. The ID must be an exact match.
- Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
@@ -7716,14 +9700,12 @@ paths:
200:
description: Successful response with an array of resources.
schema:
- items:
- $ref: '#/definitions/Resource'
- type: array
+ $ref: '#/definitions/ResourceArray'
404:
description: Endpoint not found.
- summary: List the resources on an endpoint.
+ summary: List the resources on a device.
tags:
- - Endpoints
+ - Device data - resources
x-origin: /home/circleci/project/device-server/public/swagger.yaml
/v2/endpoints/{device-id}/{resourcePath}:
delete:
@@ -7746,13 +9728,13 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/endpoints/{device-id}/{resourcePath}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: deleteResourcePath
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
@@ -7767,7 +9749,7 @@ paths:
are not guaranteed to arrive at the device, and do not return an async-response-id.
- If calls with this parameter enabled succeed, they return with the status
+ When calls with this parameter enabled succeed, they return with the status
code `204 No Content`. If the underlying protocol does not support non-confirmable
requests, or if the endpoint is registered in queue mode, the response is
status code `409 Conflict`.'
@@ -7795,13 +9777,13 @@ paths:
description: TCP or TLS connection to endpoint cannot be established.
summary: (DEPRECATED) Delete a resource path.
tags:
- - Resources
+ - Device data - resources
x-deprecation:
comment: /v2/endpoints/{device-id}/{resourcePath} is replaced by /v2/device-requests/{device-id}.
end_of_life_at: '2020-05-17T00:00:00+00:00'
issued_at: '2019-05-17T15:23:00+00:00'
links:
- - https://www.pelion.com/docs/device-management/current/service-api-references/device-management-connect.html#createAsyncRequest
+ - https://www.pelion.com/docs/device-management-api/connect/
x-origin: /home/circleci/project/device-server/public/swagger.yaml
get:
deprecated: true
@@ -7811,8 +9793,8 @@ paths:
way to the device. When the response is available, an `AsyncIDResponse` JSON
object is received in the notification channel.
- The resource values can be also in cache based on `max_age` defined by the
- device side. The value found from the cache is returned
+ The resource values can also be in cache based on `max_age` defined by the
+ device. The value found from the cache is returned
immediately in the response.
@@ -7825,12 +9807,12 @@ paths:
is on and connected to Device Management.
- See also how [resource caching](../connecting/device-guidelines.html#resource-cache)
+ See also how [resource caching](https://www.pelion.com/docs/device-management/current/connecting/device-guidelines.html#resource-cache)
works.
- Please refer to [Lightweight Machine to Machine Technical specification](http://www.openmobilealliance.org/release/LightweightM2M/V1_0-20170208-A/OMA-TS-LightweightM2M-V1_0-20170208-A.pdf)
- for more inforamtion.
+ Please see the [Lightweight Machine to Machine Technical specification](http://www.openmobilealliance.org/release/LightweightM2M/V1_0-20170208-A/OMA-TS-LightweightM2M-V1_0-20170208-A.pdf)
+ for more information.
**Example:**
@@ -7840,7 +9822,7 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/endpoints/{device-id}/{resourcePath}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: getResourceValue
@@ -7858,8 +9840,8 @@ paths:
type: string
- description: 'If true, the response comes only from the cache. Default: false.
Device Management Connect caches the received resource values for the time
- of [max_age](../connecting/working-with-the-resources.html) defined in the
- client side.'
+ of [max_age](https://www.pelion.com/docs/device-management/current/resources/working-with-the-resources.html)
+ defined in the client.'
in: query
name: cacheOnly
required: false
@@ -7885,7 +9867,7 @@ paths:
schema:
$ref: '#/definitions/AsyncID'
205:
- description: No cache available for resource.
+ description: No cache available for the resource.
400:
description: Bad request.
404:
@@ -7901,7 +9883,7 @@ paths:
description: TCP or TLS connection to endpoint cannot be established.
summary: (DEPRECATED) Read from a resource.
tags:
- - Resources
+ - Device data - resources
x-deprecation:
comment: /v2/endpoints/{device-id}/{resourcePath} is replaced by /v2/device-requests/{device-id}.
The /v2/device-requests/{device-id} endpoint lets you use your own async-id,
@@ -7910,7 +9892,7 @@ paths:
end_of_life_at: '2020-05-17T00:00:00+00:00'
issued_at: '2019-05-17T15:23:00+00:00'
links:
- - https://www.pelion.com/docs/device-management/current/service-api-references/device-management-connect.html#createAsyncRequest
+ - https://www.pelion.com/docs/device-management-api/connect/
x-origin: /home/circleci/project/device-server/public/swagger.yaml
post:
consumes:
@@ -7927,7 +9909,7 @@ paths:
- application/vnd.oma.lwm2m+tlv
- application/vnd.oma.lwm2m+json
deprecated: true
- description: '(DEPRECATED) [Execute a function](../connecting/handle-resource-webapp.html#the-execute-operation)
+ description: '(DEPRECATED) [Execute a function](https://www.pelion.com/docs/device-management/current/resources/handle-resource-webapp.html#the-execute-operation)
on an existing resource and create a new Object instance on the device. The
resource path does not have to exist; you can set it with the call. The maximum
length of the resource path is 255 characters.
@@ -7954,13 +9936,13 @@ paths:
curl -X POST https://api.us-east-1.mbedcloud.com/v2/endpoints/{device-id}/3303/0/5605
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: executeOrCreateResource
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
@@ -7971,8 +9953,8 @@ paths:
required: true
type: string
- description: This value is not needed. Most of the time, resources do not
- accept a function but they have their own functions predefined. You can
- use this to trigger them. If a function is included, the body of this request
+ accept a function; they have their own functions predefined. You can use
+ this to trigger them. If a function is included, the body of this request
is passed as a char* to the function in Device Management Client.
in: body
name: resourceFunction
@@ -7984,7 +9966,7 @@ paths:
are not guaranteed to arrive in the device, and you do not get back an async-response-id.
- If calls with this parameter enabled succeed, they return with the status
+ When calls with this parameter enabled succeed, they return with the status
code `204 No Content`. If the underlying protocol does not support non-confirmable
requests, or if the endpoint is registered in queue mode, the response is
status code `409 Conflict`.'
@@ -8013,13 +9995,13 @@ paths:
summary: (DEPRECATED) Execute a function on a Resource or create new Object
instance.
tags:
- - Resources
+ - Device data - resources
x-deprecation:
comment: /v2/endpoints/{device-id}/{resourcePath} is replaced by /v2/device-requests/{device-id}.
end_of_life_at: '2020-05-17T00:00:00+00:00'
issued_at: '2019-05-17T15:23:00+00:00'
links:
- - https://www.pelion.com/docs/device-management/current/service-api-references/device-management-connect.html#createAsyncRequest
+ - https://www.pelion.com/docs/device-management-api/connect/
x-origin: /home/circleci/project/device-server/public/swagger.yaml
put:
consumes:
@@ -8037,8 +10019,8 @@ paths:
- application/vnd.oma.lwm2m+json
deprecated: true
description: '(DEPRECATED) With this API, you can [write a new value to existing
- Resources](../connecting/handle-resource-webapp.html) or use the **write**
- attribute to set [notification rules](../connecting/resource-change-webapp.html#notification-rules)
+ Resources](https://www.pelion.com/docs/device-management/current/resources/handle-resource-webapp.html)
+ or use the **write** attribute to set [notification rules](https://www.pelion.com/docs/device-management/current/resources/resource-change-webapp.html)
for the Resources. The notification rules only work on the device client side
and may not be supported by all clients.
@@ -8078,15 +10060,15 @@ paths:
-H "content-type: text/plain" \
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-d ''1''
```'
operationId: updateResourceValue
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
@@ -8107,8 +10089,8 @@ paths:
are not guaranteed to arrive to the device, and do not return an `async_response_id`.
- If a call with this parameter enabled succeeds, it return status code `204
- No Content`. If the underlying protocol does not support non-confirmable
+ When a call with this parameter enabled succeeds, it return status code
+ `204 No Content`. If the underlying protocol does not support non-confirmable
requests, or if the endpoint is registered in queue mode, the response is
status code `409 Conflict`.'
in: query
@@ -8134,19 +10116,23 @@ paths:
summary: (DEPRECATED) Write to a Resource or use write-attributes (notification
rules) for a Resource.
tags:
- - Resources
+ - Device data - resources
x-deprecation:
comment: /v2/endpoints/{device-id}/{resourcePath} is replaced by /v2/device-requests/{device-id}.
end_of_life_at: '2020-05-17T00:00:00+00:00'
issued_at: '2019-05-17T15:23:00+00:00'
links:
- - https://www.pelion.com/docs/device-management/current/service-api-references/device-management-connect.html#createAsyncRequest
+ - https://www.pelion.com/docs/device-management-api/connect/
x-origin: /home/circleci/project/device-server/public/swagger.yaml
/v2/notification/callback:
delete:
description: 'Deletes the callback URL.
+ Deleting the callback URL also removes the channel''s notification queue.
+ Any unsent notifications are lost when the channel is deleted.
+
+
**Example:**
```
@@ -8154,23 +10140,23 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/notification/callback
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: deregisterWebhook
responses:
- 204: &id019
+ 204: &id025
description: Successfully deleted.
- 401: &id017
+ 401: &id023
description: Unauthorized.
- 403: &id018
- description: Forbidden. The authorization token used is not an API key.
+ 403: &id024
+ description: Forbidden. The authorization token used is not an access key.
404:
description: Callback URL does not exist.
summary: Delete callback URL.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
get:
description: 'Shows the current callback URL if it exists.
@@ -8181,7 +10167,7 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/notification/callback \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: getWebhook
@@ -8192,57 +10178,61 @@ paths:
description: URL found.
schema:
$ref: '#/definitions/Webhook'
- 401: *id017
- 403: *id018
+ 401: *id023
+ 403: *id024
404:
description: The callback URL does not exist.
summary: Check callback URL.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
put:
consumes:
- application/json
description: "Register a URL to which the server delivers notifications of changes\
\ to the subscribed resource. To push notifications, you must first place\
\ subscriptions. The maximum length of the URL, header keys, and values, all\
- \ combined, is 400 characters. \n\nNotifications are delivered as PUT requests\
+ \ combined, is 400 characters.\n\nNotifications are delivered as PUT requests\
\ to the HTTP server, which the client defines with a subscription server\
\ message. The given URL must be accessible, and respond to the PUT request\
- \ with a response code of 200 or 204. \n\nDevice Management Connect tests\
- \ the callback URL with an empty JSON payload `{}` when the URL is registered.\
+ \ with a response code of 200 or 204.\n\nDevice Management Connect tests the\
+ \ callback URL with an empty JSON payload `{}` when the URL is registered.\
\ Callback implementation does not support URL redirection. For more information\
\ on notification messages, see [NotificationMessage](#NotificationMessage).\n\
\n**Optional headers in a callback message:**\n\nYou can set optional headers\
\ to a callback in a **Webhook** object. Device Management Connect includes\
\ the header and key pairs in the notification messages send them to callback\
- \ URL. The callback URLs and headers are API key-specific.\n\nOne possible\
+ \ URL. The callback URLs and headers are application-specific.\n\nOne possible\
\ use for additional headers is checking the origin of a PUT request, as well\
- \ as distinguishing the application (API key) to which the notification belongs.\n\
- \n**Note**: Only one callback URL per API key can be active. If you register\
- \ a new URL while another one is active, it replaces the active one. There\
- \ can be only one notification channel at a time. If another type of channel\
- \ is already present, you need to delete it before setting the callback URL.\n\
- \n**Expiration of a callback URL:**\n\nA callback can expire when Device Management\
- \ cannot deliver a notification due to a connection timeout or an error response\
- \ (4xx or 5xx). After each delivery failure, Device Management sets an exponential\
- \ back off time and makes a retry attempt after that. The first retry delay\
- \ is 1 second, then 2s, 4s, 8s, up to maximum delay of two minutes. The callback\
- \ URL is removed if all retries fail within 24 hours. More about [notification\
- \ sending logic](../integrate-web-app/event-notification.html#notification-sending-logic).\n\
- \n**Supported callback URL protocols:**\n\nCurrently, only HTTP and HTTPS\
- \ protocols are supported.\n\n**HTTPS callback URLs:**\n\nWhen delivering\
- \ a notification to an HTTPS based callback URL, Device Management Connect\
- \ presents a valid client certificate to identify itself. The certificate\
- \ is signed by a trusted certificate authorithy (GlobalSign) with a Common\
- \ Name (CN) set to notifications.mbedcloud.com.\n\n**Configuration options:**\n\
- \nThe event notification channel provides configurations options defined in\
- \ [Serialization config](#SerializationConfigObjectV2).\n\n**Example:**\n\n\
- This example command shows how to set your callback URL and API key. It also\
- \ sets an optional header authorization. When Device Management Connect calls\
- \ your callback URL, the call contains the authorization header with the defined\
+ \ as distinguishing the application to which the notification belongs.\n\n\
+ **Note**: Only one callback URL for each application can be active. If you\
+ \ register a new URL while another one is active, it replaces the active one.\
+ \ There can be only one notification channel at a time for each application.\
+ \ If another type of channel is already present, you need to delete it before\
+ \ setting the callback URL.\n\n**Expiration of a callback URL:**\n\nA callback\
+ \ can expire when Device Management cannot deliver a notification due to a\
+ \ connection timeout or error response (4xx or 5xx). After each delivery failure,\
+ \ Device Management sets an exponential back-off time and makes a retry attempt\
+ \ after that. The first retry delay is 1 second, then 2s, 4s, 8s, up to a\
+ \ maximum delay of two minutes. The retry delay is applied when the response\
+ \ is received, or in case of timeout, after the timeout expires. The request\
+ \ timeout is 20 seconds; in the case of timeout, the first retry happens 20\
+ \ + 1 seconds after the first delivery attempt, then 20 + 2 seconds, and so\
+ \ on. The callback URL is removed if all retries fail within 24 hours. More\
+ \ about [notification sending logic](https://www.pelion.com/docs/device-management/current/integrate-web-app/event-notification.html#notification-sending-logic)\
+ \ in the Device Management documentation.\n\n**Supported callback URL protocols:**\n\
+ \nCurrently, only HTTP and HTTPS protocols are supported.\n\n**HTTPS callback\
+ \ URLs:**\n\nWhen delivering a notification to an HTTPS-based callback URL,\
+ \ Device Management Connect identifies itself with a valid client certificate.\
+ \ The certificate is signed by a trusted certificate authority (GlobalSign),\
+ \ with a Common Name (CN) set to `notifications.mbedcloud.com`.\n\n**Configuration\
+ \ options:**\n\nThe event notification channel provides configurations options\
+ \ defined in [Serialization config](#SerializationConfigObjectV2).\n\n**Example:**\n\
+ \nThis example command shows how to set your callback URL. It also sets an\
+ \ optional header authorization. When Device Management Connect calls your\
+ \ callback URL, the call contains the authorization header with the defined\
\ value.\n\n```\ncurl -X PUT https://api.us-east-1.mbedcloud.com/v2/notification/callback\
- \ \\\n-H 'Authorization: Bearer ' \\\n-H 'content-type: application/json'\
+ \ \\\n-H 'Authorization: Bearer ' \\\n-H 'content-type: application/json'\
\ \\\n-d '{\n \"url\": \"{callback-url}\",\n \"headers\": {\"authorization\"\
: \"f4b93d6e-4652-4874-82e4-41a3ced0cd56\"},\n \"serialization\": {\"type\"\
: \"v2\", \"max_chunk_size\": \"100\",\n \"cfg\": {\"deregistrations_as_object\"\
@@ -8263,19 +10253,19 @@ paths:
400:
description: Given URL is not accessible, or other type of channel already
exists.
- 401: *id017
- 403: *id018
+ 401: *id023
+ 403: *id024
415:
description: Unsupported Media Type.
summary: Register a callback URL.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
/v2/notification/channel:
get:
description: "Get channel delivery mechanism.\n\n**Example:**\n\n curl -X\
\ GET https://api.us-east-1.mbedcloud.com/v2/notification/channel \\\n \
- \ -H 'Authorization: Bearer ' \\\n"
+ \ -H 'Authorization: Bearer '\n"
operationId: getChannelMetadata
responses:
200:
@@ -8286,8 +10276,8 @@ paths:
description: Channel was not found.
summary: Get channel metadata.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
/v2/notification/pull:
delete:
deprecated: true
@@ -8305,7 +10295,7 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/notification/pull \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: deleteLongPollChannel
@@ -8314,25 +10304,25 @@ paths:
description: Success. The body can contain "REMOVED" if it was deleted with
this call or "ALREADY_DELETED" if it was deleted before and not purged
yet.
- 401: *id017
+ 401: *id023
summary: Delete notification Long Poll channel.
tags:
- - Notifications
+ - Device data - notifications
x-deprecation:
comment: Long polling is deprecated and should be used for development purposes
only.
- end_of_life_at: '2020-03-31T00:00:00+00:00'
+ end_of_life_at: '2020-06-30T00:00:00+00:00'
issued_at: '2017-02-10T15:23:00+00:00'
links:
- https://www.pelion.com/docs/device-management/current/integrate-web-app/event-notification.html
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
get:
deprecated: true
description: 'In this case, notifications are delivered through HTTP long poll
requests. The HTTP request is kept open until one or more event notifications
are delivered to the client, or the request times out (response code 204).
In both cases, the client should open a new polling connection after the previous
- one closes. Only a single long polling connection per API key can be ongoing
+ one closes. Only a single long polling connection per application can be ongoing
at any given time. We recommend using a persistent connection (Connection
keep-alive header in the request) to avoid excess TLS handshakes.
@@ -8351,9 +10341,9 @@ paths:
proper method to receive notifications is a **notification callback**.
- There can only be one notification channel per API key in Device Management
- Connect. If a notification channel of other type already exists for the API
- key, delete it before creating a long poll notification channel.
+ There can only be one notification channel per application in Device Management
+ Connect. If a notification channel of other type already exists for the application,
+ delete it before creating a long poll notification channel.
**Example:**
@@ -8362,7 +10352,7 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/notification/pull \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: longPollNotifications
@@ -8377,7 +10367,7 @@ paths:
description: No new notifications.
400:
description: Other type of channel already exists.
- 401: *id017
+ 401: *id023
409:
description: Conflict. Long poll request exists already.
410:
@@ -8391,22 +10381,24 @@ paths:
"channel exists" state.
summary: Get notifications using Long Poll
tags:
- - Notifications
+ - Device data - notifications
x-deprecation:
comment: Long polling is deprecated and should be used for development purposes
only.
- end_of_life_at: '2020-03-31T00:00:00+00:00'
+ end_of_life_at: '2020-06-30T00:00:00+00:00'
issued_at: '2017-02-10T15:23:00+00:00'
links:
- https://www.pelion.com/docs/device-management/current/integrate-web-app/event-notification.html
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
/v2/notification/websocket:
delete:
- description: '(PREVIEW) Delete a notification websocket channel bound to the
- API key. This is required to change the channel from websocket to another
- type.
+ description: 'Delete a notification websocket channel bound to the application.
+ This is required to change the channel from websocket to another type.
+ Deleting the websocket channel also removes the channel''s notification queue.
+ Any unsent notifications are lost when the channel is deleted.
+
**Example:**
@@ -8415,23 +10407,28 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/notification/websocket
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: deleteWebsocket
responses:
- 204: *id019
- 401: *id017
- 403: *id018
+ 204: *id025
+ 401: *id023
+ 403: *id024
404:
description: Websocket channel doesn't exist.
- summary: (PREVIEW) Delete websocket channel.
+ summary: Delete websocket channel.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
get:
- description: '(PREVIEW) Returns 200 with websocket connection status, if websocket
- channel exists.
+ description: 'Returns 200 with websocket connection status, if websocket channel
+ exists.
+
+
+ **Note**: The current version does not yet have the capability to determine
+ the channel status and will always return status ''unknown'' and queue size
+ ''-1''.
**Example:**
@@ -8442,7 +10439,7 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/notification/websocket
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: getWebsocket
@@ -8453,39 +10450,44 @@ paths:
description: Websocket found.
schema:
$ref: '#/definitions/WebsocketChannel'
- 401: *id017
- 403: *id018
+ 401: *id023
+ 403: *id024
404:
description: No channel has been registered.
- summary: (PREVIEW) Get websocket channel information.
+ summary: Get websocket channel information.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
put:
consumes:
- application/json
- description: "(PREVIEW) Register (or update) a channel using websocket connection\
- \ to deliver notifications. The websocket channel should be opened by client\
- \ using `/v2/notification/websocket-connect` endpoint. To get notifications\
- \ pushed, you must place subscriptions. For more information on notification\
- \ messages, see [NotificationMessage](#NotificationMessage).\n\nA websocket\
- \ channel can have only one active websocket connection at a time. If a websocket\
- \ connection for a channel exists and a new connection to the same channel\
- \ is made, the connection is accepted and the older connection is closed.\n\
- \n**Expiration of a websocket:**\n\nA websocket channel is expired if the\
- \ channel does not have an opened websocket connection for a 24-hour period.\
- \ Channel expiration means the channel is deleted and any undelivered notifications\
- \ stored in its internal queue is removed. As long as the channel has an opened\
- \ websocket connection or time between successive websocket connections is\
- \ less than 24 hours,\nthe channel is considered active, notifications are\
- \ stored in its internal queue and delivered when a websocket connection is\
- \ active. A channel can be also deleted explicitly with a DELETE call.\n\n\
- More about [notification sending logic](../integrate-web-app/event-notification.html#notification-sending-logic).\n\
+ description: "Register (or update) a channel using websocket connection to deliver\
+ \ notifications. The websocket channel should be opened by client using `/v2/notification/websocket-connect`\
+ \ endpoint. To get notifications pushed, you must place subscriptions. For\
+ \ more information on notification messages, see [NotificationMessage](#NotificationMessage).\n\
+ \nA websocket channel can have only one active websocket connection at a time.\
+ \ If a websocket connection for a channel exists and a new connection to the\
+ \ same channel is made, the connection is accepted and the older connection\
+ \ is closed.\n\n**Note**: Only one websocket channel for each application\
+ \ can be active at a time. If you register a new websocket channel while another\
+ \ one is active, it replaces the previously active one. If another type of\
+ \ channel is already present, you need to delete it before registering a websocket\
+ \ channel.\n\n**Note**: The current version does not yet have the capability\
+ \ to determine the channel status and will always return status 'unknown'\
+ \ and queue size '-1'.\n\n**Expiration of a websocket:**\n\nA websocket channel\
+ \ is expired if the channel does not have an opened websocket connection for\
+ \ a 24-hour period. Channel expiration means the channel is deleted and any\
+ \ undelivered notifications stored in its internal queue is removed. As long\
+ \ as the channel has an opened websocket connection or time between successive\
+ \ websocket connections is less than 24 hours,\nthe channel is considered\
+ \ active, notifications are stored in its internal queue and delivered when\
+ \ a websocket connection is active. A channel can be also deleted explicitly\
+ \ with a DELETE call.\n\nMore about [notification sending logic](https://www.pelion.com/docs/device-management/current/integrate-web-app/event-notification.html#notification-sending-logic).\n\
\n**Configuration options:**\n\nThe event notification channel provides configurations\
\ options defined in [Serialization config](#SerializationConfigObjectV2)\n\
\n**Example:**\n```\ncurl -X PUT https://api.us-east-1.mbedcloud.com/v2/notification/websocket\
- \ \\\n-H 'Authorization: Bearer '\n-d '{\n \"serialization\": {\"\
- type\": \"v2\", \"max_chunk_size\": \"100\",\n \"cfg\": {\"deregistrations_as_object\"\
+ \ \\\n-H 'Authorization: Bearer ' \\\n-d '{\n \"serialization\"\
+ : {\"type\": \"v2\", \"max_chunk_size\": \"100\",\n \"cfg\": {\"deregistrations_as_object\"\
: \"true\", \"include_uid\": \"true\", \"include_timestamp\": \"true\", \"\
include_original_ep\": \"true\"\n }\n }\n}\n```"
operationId: registerWebsocket
@@ -8502,34 +10504,48 @@ paths:
$ref: '#/definitions/WebsocketChannel'
400:
description: Other type of channel already exists.
- 401: *id017
- 403: *id018
- summary: (PREVIEW) Register a websocket channel.
+ 401: *id023
+ 403: *id024
+ summary: Register a websocket channel.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
/v2/notification/websocket-connect:
get:
- description: "\n(PREVIEW) A websocket channel can have only one active connection\
- \ at a time. If a websocket connection for a channel exists and a new connection\
+ description: "\nA websocket channel can have only one active connection at a\
+ \ time. If a websocket connection for a channel exists and a new connection\
\ to the same channel is made, the connection is accepted and the older connection\
- \ is closed.\n\nOnce the socket has been opened, it may be closed with one\
- \ of the following status codes.\n\n\n \n \n | Code | \n\
- \ Description | \n
\n \n \n \n\
- \ | 1000 | \n Socket closed by the client. | \n\
- \
\n \n | 1001 | \n Going away. Set\
- \ when another socket opens on the used channel, the channel is deleted with\
- \ a REST call, or the server is shutting down. | \n
\n \n\
- \ | 1008 | \n Policy violation. Set when the API\
- \ key is missing or invalid. | \n
\n \n | 1011 | \n\
- \ Unexpected condition. Socket is closed with this status at an attempt\
- \ to open a socket to a nonexistent channel (without a prior PUT request).\
- \ This code is also used to indicate closing socket for any other unexpected\
- \ condition in the server. | \n
\n \n
\n\n\n**Example:**\n\
- ```\ncurl -X GET https://api.us-east-1.mbedcloud.com/v2/notification/websocket-connect\
- \ \\\n-H \"Authorization:Bearer {apikey}\" \\\n-H \"Connection:upgrade\" \\\
- \n-H \"Upgrade:websocket\" \\\n-H \"Sec-WebSocket-Version: 13\" \\\n-H \"\
- Sec-WebSocket-Key: {base64nonce}\" \\\n-N -I\n```"
+ \ is closed.\n\nA websocket client library should be used when connecting\
+ \ to this endpoint.\n\nOnce the socket has been opened, the server may close\
+ \ it with one of the following status codes.\n\n\n \n \n\
+ \ | Code | \n Description | \n
\n \n\
+ \ \n \n | 1000 | \n Socket closed\
+ \ normally by the client, or by the server when the channel is deleted with\
+ \ a REST call. | \n
\n \n | 1001 | \n \
+ \ Going away. Set when another socket opens on the used channel. | \n\
+ \
\n \n | 1006 | \n Abnormal closure.\
+ \ The client should reconnect after receiving this status code. A short reconnect\
+ \ delay is recommended. | \n
\n \n | 1008 | \n\
+ \ Policy violation. Set if the access key is lost or invalidated\
+ \ after a successful WebSocket handshake. | \n
\n \n \
+ \ | 1011 | \n Unexpected condition. The socket is closed\
+ \ with this status in an attempt to open a socket to a nonexistent channel\
+ \ (without a prior PUT request). This code is also used to indicate a closing\
+ \ socket for any other unexpected condition in the server. | \n
\n\
+ \ \n | 1012 | \n Service restart. Set when\
+ \ the server restarts for update, maintenance, and so on. The client should\
+ \ reconnect after receiving this status code. A short reconnect delay is recommended. | \n\
+ \
\n \n
\n\n**Expected client behaviour:**\n\nIf the\
+ \ connection is closed with code 1006 or 1012, the client should try to reconnect\
+ \ to maintain the notification flow. The client might disconnect several times\
+ \ in a relatively short period, for example, during service updates. This\
+ \ is normal. The desired client behavior is to reconnect after each disconnect.\n\
+ \n**Example:**\n\nThe example is meant only for testing. For production devices,\
+ \ use a WebSocket client library. Websocat (https://github.com/vi/websocat)\
+ \ is a command-line client for WebSockets, like netcat or cURL. The example\
+ \ command opens a new WebSocket, waits for any data sent to the socket from\
+ \ the server, and prints it to `stdout`.\n\n```\nwebsocat wss://api.us-east-1.mbedcloud.com/v2/notification/websocket-connect\
+ \ \\\n-H \"Sec-WebSocket-Protocol:wss,pelion_ak_\"\n```"
operationId: connectWebsocket
parameters:
- default: Upgrade
@@ -8542,8 +10558,8 @@ paths:
name: Upgrade
required: true
type: string
- - description: 'API key or user token must be present in the `Sec-WebSocket-Protocol`
- header **if Authorization header cannot be provided**: `Sec-WebSocket-Protocol:"wss,pelion_ak_{api_key}"`.
+ - description: 'Access key or user token must be present in the `Sec-WebSocket-Protocol`
+ header **if Authorization header cannot be provided**: `Sec-WebSocket-Protocol:"wss,pelion_ak_{access_key}"`.
Refer to the notification service documentation for examples.'
in: header
@@ -8573,16 +10589,19 @@ paths:
description: Switching protocols.
400:
description: Required header(s) missing.
- 401: *id017
+ 401: *id023
426:
description: Upgrade required. Connect and/or Upgrade headers missing.
- summary: (PREVIEW) Open the websocket.
+ 429:
+ description: While a WebSocket handshake is still in progress, no new WebSocket
+ requests with the same authorization token will be accepted.
+ summary: Open the websocket.
tags:
- - Notifications
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ - Device data - notifications
+ x-origin: /home/circleci/project/notification-service/public/swagger.yaml
/v2/subscriptions:
delete:
- description: 'Removes pre-subscriptions.
+ description: 'Remove presubscriptions.
**Example:**
@@ -8591,7 +10610,7 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/subscriptions \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: deletePreSubscriptions
@@ -8601,14 +10620,14 @@ paths:
401:
description: Unauthorized.
403:
- description: 'Forbidden: the authorization token used is not an API key.'
- summary: Remove pre-subscriptions.
+ description: 'Forbidden: the authorization token used is not an access key.'
+ summary: Remove presubscriptions.
tags:
- - Subscriptions
+ - Device data - subscriptions
x-origin: /home/circleci/project/device-server/public/swagger.yaml
get:
- description: 'Retrieve pre-subscription data. The server returns a JSON structure.
- If there are no pre-subscribed resources, it returns an empty array.
+ description: 'Retrieve presubscription data. The server returns a JSON structure.
+ If there are no presubscribed resources, the server returns an empty array.
**Example:**
@@ -8617,7 +10636,7 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/subscriptions \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: getPreSubscriptions
@@ -8631,32 +10650,32 @@ paths:
401:
description: Unauthorized.
403:
- description: 'Forbidden: the authorization token used is not an API key.'
- summary: Get pre-subscriptions.
+ description: 'Forbidden: the authorization token used is not an access key.'
+ summary: View presubscriptions.
tags:
- - Subscriptions
+ - Device data - subscriptions
x-origin: /home/circleci/project/device-server/public/swagger.yaml
put:
consumes:
- application/json
- description: "Pre-subscription is a set of rules and patterns established by\
- \ the application. When an endpoint registers and its ID, type, and registered\
- \ resources match the pre-subscription data, Device Management Connect automatically\
- \ sends subscription requests to the device. The pattern may include the endpoint\
- \ ID (optionally having an `*` character at the end), endpoint type, a list\
- \ of resources, or expressions with an `*` character at the end. Subscriptions\
- \ based on pre-subscriptions are done when device registers or does register\
- \ update. To remove the pre-subscription data, put an empty array as a rule.\n\
- \n**Notification rules**\n\nA web application can place dynamic observation\
- \ rules for individual Object Instances and Resources to define when the device\
- \ sends observations. More information in [Notification rules](../connecting/resource-change-webapp.html).\n\
- \n**Limits**:\n\n- The maximum length of the endpoint name and endpoint type\
- \ is 64 characters.\n- The maximum length of the resource path is 128 characters.\n\
- - You can listen to 256 separate resource paths.\n- The maximum number of\
- \ pre-subscription entries is 1024.\n\n**Example request:**\n```\ncurl -X\
- \ PUT https://api.us-east-1.mbedcloud.com/v2/subscriptions \\\n-H 'Authorization:\
- \ Bearer ' \\\n-H 'content-type: application/json' \\\n-d '[\n \
- \ {\n \"endpoint-name\": \"node-001\",\n \"resource-path\"\
+ description: "A presubscription is a set of rules you define to subscribe to\
+ \ specific resources automatically when certain devices register or does a\
+ \ register update.\nYou can set subscription rules based on the endpoint ID\
+ \ (optionally having an `*` character at the end), endpoint type, a list of\
+ \ resources, or expressions with an `*` character at the end.\nWhen a device\
+ \ that meets the subscription rules registered, Device Management Connect\
+ \ automatically sends subscription requests to the device for the resources\
+ \ you specify.\nTo remove the presubscription data, put an empty array as\
+ \ a rule.\nTo place dynamic observation rules for individual object instances\
+ \ and resources and define when the device sends observations, set [notification\
+ \ rules](https://www.pelion.com/docs/device-management/current/resources/resource-change-webapp.html).\n\
+ \n**Note:** The subscription is bound to the application you are using. To\
+ \ get notifications of the resource value changes, you need to create an [event\
+ \ notification channel](https://www.pelion.com/docs/device-management/current/integrate-web-app/event-notification.html)\
+ \ with an access key of the same application.\n\n**Example request:**\n```\n\
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v2/subscriptions \\\n-H 'Authorization:\
+ \ Bearer ' \\\n-H 'content-type: application/json' \\\n-d '[\n\
+ \ {\n \"endpoint-name\": \"node-001\",\n \"resource-path\"\
: [\"/dev\"]\n },\n {\n \"endpoint-type\": \"Light\",\n\
\ \"resource-path\": [\"/sen/*\"]\n },\n {\n \"\
endpoint-name\": \"node*\"\n },\n {\n \"endpoint-type\"\
@@ -8666,14 +10685,19 @@ paths:
\ their resources prefixed with `/sen/`.\n- Subscribe to all observable resources\
\ of endpoint names prefixed with `node`.\n- Subscribe to all observable resources\
\ of `Sensor` type endpoints.\n- Subscribe to `/dev/temp` and `/dev/hum` resources\
- \ of all endpoints.\n\n**Note**: For efficiency, you should use resource path\
- \ patterns in the pre-subscription data. This prevents notification flow from\
- \ unwanted resources."
+ \ of all endpoints.\n\n**Limits**:\n\n- The maximum length of the endpoint\
+ \ name and endpoint type is 64 characters.\n- The maximum length of the resource\
+ \ path is 128 characters.\n- You can subscribe to 256 separate resource paths.\n\
+ - The maximum number of presubscription entries is 1024.\n\n**Note**: To save\
+ \ bandwidth and avoid unnecessary traffic, use resource path patterns to limit\
+ \ the matching resources in the presubscription data. This prevents your web\
+ \ application from receiving unwanted resource notifications. See [Subscribe\
+ \ only to what you need](https://www.pelion.com/docs/device-management/current/resources/resource-change-webapp.html)."
operationId: updatePreSubscriptions
parameters:
- - description: Array of pre-subscriptions.
+ - description: Array of presubscriptions.
in: body
- name: presubsription
+ name: presubscription
required: true
schema:
$ref: '#/definitions/PresubscriptionArray'
@@ -8687,14 +10711,14 @@ paths:
401:
description: Unauthorized.
403:
- description: 'Forbidden: the authorization token used is not an API key.'
- summary: Set pre-subscriptions
+ description: 'Forbidden: the authorization token used is not an access key.'
+ summary: Set presubscriptions.
tags:
- - Subscriptions
+ - Device data - subscriptions
x-origin: /home/circleci/project/device-server/public/swagger.yaml
/v2/subscriptions/{device-id}:
delete:
- description: 'Deletes all resource subscriptions in a single endpoint.
+ description: 'Delete all resource subscriptions in a single device.
**Example:**
@@ -8704,13 +10728,13 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/subscriptions/{device-id}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: deleteEndpointSubscriptions
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
@@ -8718,12 +10742,12 @@ paths:
responses:
204:
description: Successfully removed.
- summary: Delete subscriptions from an endpoint.
+ summary: Delete all subscriptions on a device.
tags:
- - Subscriptions
+ - Device data - subscriptions
x-origin: /home/circleci/project/device-server/public/swagger.yaml
get:
- description: 'Lists all subscribed resources from a single endpoint.
+ description: 'Retrieve a list of all subscribed resources on a single device.
**Example:**
@@ -8733,13 +10757,13 @@ paths:
curl -X GET https://api.us-east-1.mbedcloud.com/v2/subscriptions/{device-id}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: getEndpointSubscriptions
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
@@ -8756,13 +10780,13 @@ paths:
404:
description: Endpoint not found, or there are no subscriptions for that
endpoint.
- summary: Read endpoints subscriptions
+ summary: View all subscriptions on a device.
tags:
- - Subscriptions
+ - Device data - subscriptions
x-origin: /home/circleci/project/device-server/public/swagger.yaml
/v2/subscriptions/{device-id}/{resourcePath}:
delete:
- description: 'Remove an existing subscription from a resource path.
+ description: 'Remove an existing subscription to a resource.
**Example:**
@@ -8772,18 +10796,29 @@ paths:
curl -X DELETE https://api.us-east-1.mbedcloud.com/v2/subscriptions/{device-id}/{resourcePath}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
operationId: deleteResourceSubscription
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
type: string
- - description: The resource URL.
+ - description: 'The resource URL. This can be the path to:
+
+
+ - An object; for example, `3303`.
+
+ - An object instance; for example `3303/0`.
+
+ - A resource; for example `3303/0/5602`.
+
+
+ For more information about the Device Management resource model, please
+ see the [Device Management documentation](https://www.pelion.com/docs/device-management/current/resources/resource-model.html).'
in: path
name: resourcePath
required: true
@@ -8791,22 +10826,33 @@ paths:
responses:
204:
description: Successfully removed subscription.
- 404:
- description: Endpoint or resource not found.
summary: Remove a subscription.
tags:
- - Subscriptions
+ - Device data - subscriptions
x-origin: /home/circleci/project/device-server/public/swagger.yaml
get:
+ description: Check whether you are subscribed to receive resource content updates
+ for a specific resource.
operationId: checkResourceSubscription
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
type: string
- - description: The resource URL.
+ - description: 'The resource URL. This can be the path to:
+
+
+ - An object; for example, `3303`.
+
+ - An object instance; for example `3303/0`.
+
+ - A resource; for example `3303/0/5602`.
+
+
+ For more information about the Device Management resource model, please
+ see the [Device Management documentation](https://www.pelion.com/docs/device-management/current/resources/resource-model.html).'
in: path
name: resourcePath
required: true
@@ -8816,38 +10862,27 @@ paths:
description: Resource is subscribed.
404:
description: Resource is not subscribed.
- summary: Read subscription status
+ summary: Read the subscription status for a specific resource.
tags:
- - Subscriptions
+ - Device data - subscriptions
x-origin: /home/circleci/project/device-server/public/swagger.yaml
put:
- description: 'The Device Management Connect eventing model consists of observable
- Resources.
-
-
- This means that endpoints can deliver updated resource content, periodically
- or with a more sophisticated solution-dependent logic. The OMA LwM2M resource
- model also supports including objects, object instances, resources, and resource
- instances.
+ description: '
+ Subscribe to a resource to receive updated resource content, periodically
+ or based on a more sophisticated solution-dependent logic.
- Applications can subscribe to objects, object instances or individual resources
- to make the device provide value change notifications to Device Management
- Connect service. An application needs to call a `/notification/callback` method
- to get Device Management Connect to push notifications of the resource changes.
+ To place dynamic observation rules for individual object instances and resources
+ and define when the device sends observations, set [notification rules](https://www.pelion.com/docs/device-management/current/resources/resource-change-webapp.html).
- **Notification rules**
+ **Note:** Device Management removes all manual subscriptions during a full
+ device registration, at which point applications must re-subscribe. To avoid
+ this, use `/subscriptions` to set a presubscription.
- A web application can place dynamic observation rules for individual Object
- Instances and Resources to define when the device sends observations. More
- information in [Notification rules](../connecting/resource-change-webapp.html).
-
- All manual subscriptions are removed during a full device registration, at
- which point applications must re-subscribe. To avoid this, you can use `/subscriptions`
- to set a pre-subscription.
+ You can subscribe to resources, objects and object instances.
**Example:**
@@ -8857,18 +10892,33 @@ paths:
curl -X PUT https://api.us-east-1.mbedcloud.com/v2/subscriptions/{device-id}/{resourcePath}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
- ```'
+ ```
+
+
+ **Important:** You must also call a [`/notification/callback`](https://www.pelion.com/docs/device-management-api/notifications/)
+ method for Device Management Connect to push resource change notifications.'
operationId: addResourceSubscription
parameters:
- - description: A unique Device Management device ID for the endpoint. The ID
- must be an exact match. Do not use wildcards.
+ - description: The device ID generated by Device Management. The ID must be
+ an exact match. Do not use wildcards.
in: path
name: device-id
required: true
type: string
- - description: The resource URL.
+ - description: 'The resource URL. This can be the path to:
+
+
+ - An object; for example, `3303`.
+
+ - An object instance; for example `3303/0`.
+
+ - A resource; for example `3303/0/5602`.
+
+
+ For more information about the Device Management resource model, please
+ see the [Device Management documentation](https://www.pelion.com/docs/device-management/current/resources/resource-model.html).'
in: path
name: resourcePath
required: true
@@ -8882,109 +10932,1944 @@ paths:
description: Accepted. Returns an asynchronous response ID used to reference
the future asynchronous response.
schema:
- $ref: '#/definitions/AsyncID'
- 400:
- description: Bad request, malformed content.
- 404:
- description: Endpoint or its resource not found.
- 429:
- description: 'Cannot accept the request at the moment: the queue is full.'
- 502:
- description: 'Subscription failed: endpoint not connected.'
- summary: Subscribe to a resource path.
+ $ref: '#/definitions/AsyncID'
+ 400:
+ description: Bad request, malformed content.
+ 404:
+ description: Endpoint or its resource not found.
+ 429:
+ description: 'Cannot accept the request at the moment: the queue is full.'
+ 502:
+ description: 'Subscription failed: endpoint not connected.'
+ summary: Subscribe to a resource to receive updates about resource changes.
+ tags:
+ - Device data - subscriptions
+ x-origin: /home/circleci/project/device-server/public/swagger.yaml
+ /v3/access-keys:
+ get:
+ description: 'Retrieve an array of access keys.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/access-keys \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccessKeys
+ parameters:
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: Status filter.
+ in: query
+ name: status__eq
+ required: false
+ type: string
+ - description: Application filter.
+ in: query
+ name: application_id__eq
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccessKeyList'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get all access keys.
+ tags:
+ - Account - access keys
+ x-filter:
+ application_id:
+ - eq
+ status:
+ - eq
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/access-keys/{access_key_id}:
+ get:
+ description: 'Retrieve details of an access key.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/access-keys/{access_key_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAccessKey
+ parameters:
+ - description: The ID of the access key to retrieve.
+ in: path
+ name: access_key_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccessKey'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An access key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get access key.
+ tags:
+ - Account - access keys
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts:
+ get:
+ description: 'Retrieve an array of tenant accounts, optionally filtered by status
+ and tier level.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccounts
+ parameters:
+ - description: An optional filter for account status, ENROLLING, ACTIVE, RESTRICTED,
+ or SUSPENDED.
+ in: query
+ name: status__eq
+ required: false
+ type: string
+ - description: An optional filter to retrieve accounts with a specified set
+ of statuses.
+ in: query
+ name: status__in
+ required: false
+ type: string
+ - description: An optional filter to exclude accounts with a specified set of
+ statuses.
+ in: query
+ name: status__nin
+ required: false
+ type: string
+ - description: An optional filter for tier level. Must be 0, 1, 2, 98, 99, or
+ omitted.
+ in: query
+ name: tier__eq
+ required: false
+ type: string
+ - description: An optional filter for parent account ID.
+ in: query
+ name: parent__eq
+ required: false
+ type: string
+ - description: An optional filter for account end market.
+ in: query
+ name: end_market__eq
+ required: false
+ type: string
+ - description: 'An optional filter for account country. Finds all matches where
+ the filter value is a case-insensitive substring of the result. Example:
+ country__like=LAND matches Ireland.'
+ in: query
+ name: country__like
+ required: false
+ type: string
+ - default: 1000
+ description: The number of results to return (2-1000). Default 1000.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order. Acceptable values: ASC, DESC. Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ limits, policies, sub_accounts, history.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: 'Format information for the query response. Supported: format=breakdown.'
+ in: query
+ name: format
+ required: false
+ type: string
+ - description: Property name returned from account-specific properties.
+ in: query
+ name: properties
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccountInfoList'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get all accounts.
+ tags:
+ - Tenant accounts - accounts
+ x-filter:
+ country:
+ - like
+ end_market:
+ - eq
+ parent:
+ - eq
+ status:
+ - eq
+ - in
+ - nin
+ tier:
+ - eq
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ post:
+ consumes:
+ - application/json
+ description: 'Create a new account.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"display_name": "MyAccount1", "aliases": [ "my-account" ], "admin_name":
+ "accountAdmin1", "email": "example_admin@myaccount.info", "country": "United
+ Kingdom", "end_market": "Smart City", "address_line1": "110 Fulbourn Rd",
+ "city": "Cambridge", "contact": "J. Doe", "company": "Arm"}''
+
+ ```'
+ operationId: createAccount
+ parameters:
+ - description: Details of the account to create.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/AccountCreationReq'
+ - default: create
+ description: 'Action, either `create` or `enroll`.
+
+
+
+ - `create` creates the account where its admin user has ACTIVE status
+ if `admin_password` was defined in the request, or RESET status if no `admin_password`
+ was defined. If the user already exists, its status is not modified.
+
+ - `enroll` creates the account where its admin user has ENROLLING status.
+ If the user already exists, its status is not modified. Email to finish
+ enrollment or notify the existing user about the new account is sent to
+ the `admin_email` defined in the request.
'
+ in: query
+ name: action
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '201':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccountCreationResp'
+ '400':
+ description: Error in input data, for example, invalid username.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: Account with the specified alias exists already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Create a new account.
+ tags:
+ - Tenant accounts - accounts
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/me:
+ get:
+ description: 'Retrieve information about the account.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/me?include=policies
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getMyAccountInfo
+ parameters:
+ - description: 'Comma-separated additional data to return. Currently supported:
+ limits, policies, sub_accounts.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: Property name to return from account-specific properties.
+ in: query
+ name: properties
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccountInfo'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get account information.
+ tags:
+ - Account - profile
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ put:
+ consumes:
+ - application/json
+ description: 'Update the account.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/me \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"phone_number": "12345678"}''
+
+ ```'
+ operationId: updateMyAccount
+ parameters:
+ - description: Details of the account to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/AccountUpdateReq'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccountInfo'
+ '400':
+ description: Error in input data format.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Updates attributes of the account.
+ tags:
+ - Account - profile
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/me/notifications:
+ get:
+ description: Retrieve an array of email notification logs.
+ operationId: getNofificationEntries
+ parameters:
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/NotificationEntryList'
+ '400':
+ description: Error in input data, or missing or invalid parameters.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get logs of email notifications.
+ tags:
+ - Account - email notification logs
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/me/notifications/{notification_id}:
+ get:
+ description: Retrieve an email notification log entry.
+ operationId: getNofificationEntry
+ parameters:
+ - description: The ID of the log entry to be retrieved.
+ in: path
+ name: notification_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: successful operation
+ schema:
+ $ref: '#/definitions/NotificationEntry'
+ '400':
+ description: Error in input data, missing or invalid parameters.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: No entry found for the given ID.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get an email notification.
+ tags:
+ - Account - email notification logs
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}:
+ get:
+ description: 'Retrieve detailed information about an account.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id} \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAccountInfo
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ limits, policies, sub_accounts, history.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: Property name to return from account-specific properties.
+ in: query
+ name: properties
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccountInfo'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: Account with the given ID not found.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get account information.
+ tags:
+ - Tenant accounts - accounts
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ put:
+ consumes:
+ - application/json
+ description: 'Update an account.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+
+ ```
+
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id} \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"phone_number": "12345678"}''
+
+ ```'
+ operationId: updateAccount
+ parameters:
+ - description: The ID of the account to update.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: Details of the account to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/AccountUpdateRootReq'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccountInfo'
+ '400':
+ description: Error in input data format.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: Account with the given ID not found.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: Account with the specified new alias exists already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Update attributes of an existing account.
+ tags:
+ - Tenant accounts - accounts
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/access-keys:
+ get:
+ description: 'Retrieve an array of access keys.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/access-keys
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccountAccessKeys
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: Status filter.
+ in: query
+ name: status__eq
+ required: false
+ type: string
+ - description: Application filter.
+ in: query
+ name: application_id__eq
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccessKeyList'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get all access keys.
+ tags:
+ - Tenant accounts - access keys
+ x-filter:
+ application_id:
+ - eq
+ status:
+ - eq
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/access-keys/{access_key_id}:
+ get:
+ description: 'Retrieve details of an access key.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/access-keys/{access_key_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAccountAccessKey
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the access key to retrieve.
+ in: path
+ name: access_key_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/AccessKey'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or access key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get access key.
+ tags:
+ - Tenant accounts - access keys
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/api-keys:
+ get:
+ deprecated: true
+ description: 'Retrieve an array of API keys, optionally filtered by the owner.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccountApiKeys
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: API key filter. Do not include the private portion of the API
+ key (the last 32 characters).
+ in: query
+ name: key__eq
+ required: false
+ type: string
+ - description: Owner name filter.
+ in: query
+ name: owner__eq
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoRespList'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account with the given ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get all API keys.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-filter:
+ key:
+ - eq
+ owner:
+ - eq
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ post:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Create a new API key. There is no default value for the owner
+ ID, and it must be from the same account where the new API key is created.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"name": "MyKey1"}''
+
+ ```'
+ operationId: createAccountApiKey
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: Details of the API key to create.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/ApiKeyInfoReq'
+ produces:
+ - application/json
+ responses:
+ '201':
+ description: New entity created.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data, for example, missing API key name.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account with the given ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Create a new API key.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/api-keys/{apikey_id}:
+ delete:
+ deprecated: true
+ description: 'Delete an API key.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: deleteAccountApiKey
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to delete.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '204':
+ description: Deleted successfully.
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Delete the API key.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys/{access_key_id}
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ get:
+ deprecated: true
+ description: "Retrieve details of an API key.\nNote: This endpoint is\
+ \ restricted to administrators.\n\n**Example:**\n```\ncurl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}\
+ \ \\\n -H 'Authorization: Bearer '\n```"
+ operationId: getAccountApiKey
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to retrieve.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get API key details.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys/{access_key_id}
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ put:
+ deprecated: true
+ description: 'Update API key details.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"name": "TestApiKey25"}''
+
+ ```'
+ operationId: updateAccountApiKey
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to update.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ - description: New API key attributes to be stored.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/ApiKeyUpdateReq'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data, for example, invalid API key name.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account ID or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Update API key details.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys/{access_key_id}
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/api-keys/{apikey_id}/groups:
+ delete:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Remove API key from groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+
+ ```'
+ operationId: removeAccountApiKeyFromGroups
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to remove from the group.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ - description: A list of IDs of the groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ items:
+ type: string
+ type: array
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Remove API key from groups.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove/
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ get:
+ deprecated: true
+ description: 'Retrieve an array of policy groups associated with an API key.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getGroupsOfAccountApikey
+ parameters:
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/GroupSummaryList'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get policy groups of an API key.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/groups
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ post:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Add API key to groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+
+ ```'
+ operationId: addAccountApiKeyToGroups
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to add to the group.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ - description: A list of IDs of groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ items:
+ type: string
+ type: array
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: The API key is a member of the group already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Add API key to a list of groups.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add/
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add:
+ post:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Add an API key to groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+
+ ```'
+ operationId: addAccountApiKeyToListedGroups
+ parameters:
+ - description: The ID of the Account.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to add to the group.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ - description: A list of IDs of groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/GroupIdList'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: The API key is a member of the group already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Add API key to a list of groups.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys/groups/add
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove:
+ post:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Remove an API key from groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+
+ ```'
+ operationId: removeAccountApiKeyFromListedGroups
+ parameters:
+ - description: The ID of the account.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to remove from the group.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ - description: A list of IDs of the groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/GroupIdList'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Remove API key from groups.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/groups/remove
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/api-keys/{apikey_id}/reset-secret:
+ post:
+ deprecated: true
+ description: 'Reset the secret key of the API key.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/reset-secret
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: resetAccountApiKeySecret
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the API key to reset.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ - description: New API key attributes to be stored.
+ in: body
+ name: body
+ required: false
+ schema:
+ $ref: '#/definitions/ApiKeyUpdateReq'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data format.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Reset the secret key.
+ tags:
+ - Tenant accounts - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated.
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/applications:
+ get:
+ description: 'Retrieve an array of applications.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccountApplications
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: Status filter.
+ in: query
+ name: status__eq
+ required: false
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApplicationList'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get all applications.
+ tags:
+ - Tenant accounts - applications
+ x-filter:
+ status:
+ - eq
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ post:
+ consumes:
+ - application/json
+ description: 'Create a new application.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications
+ -d ''{"name": "MyApplication1"}'' \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json''
+
+ ```'
+ operationId: createAccountApplication
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The details of the application to create.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/Application'
+ produces:
+ - application/json
+ responses:
+ '201':
+ description: New entity created.
+ schema:
+ $ref: '#/definitions/Application'
+ '400':
+ description: Error in input data, for example, missing name.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Create a new application.
+ tags:
+ - Tenant accounts - applications
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/applications/{application_id}:
+ delete:
+ description: 'Delete the application.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: deleteAccountApplication
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the application to delete.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '204':
+ description: Deleted successfully.
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or application with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Delete application.
+ tags:
+ - Tenant accounts - applications
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ get:
+ description: 'Retrieve details of an application.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAccountApplication
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the application to retrieve.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/Application'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or application with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get application.
+ tags:
+ - Tenant accounts - applications
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ put:
+ description: 'Update application details.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ `curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"name": "TestApplication25"}''
+
+ ```'
+ operationId: updateAccountApplication
+ parameters:
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the application to update.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ - description: New applicationattributes to store.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/Application'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data, for example, invalid display name.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or application with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Update application details.
tags:
- - Subscriptions
- x-origin: /home/circleci/project/device-server/public/swagger.yaml
- /v3/accounts:
+ - Tenant accounts - applications
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/applications/{application_id}/access-keys:
get:
- description: 'Returns an array of account objects, optionally filtered by status
- and tier level.
+ description: 'Retrieve an array of access keys associated with the application.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts \
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys
+ \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAllAccounts
+ operationId: getAllAccountApplicationAccessKeys
parameters:
- - description: An optional filter for account status, ENROLLING, ACTIVE, RESTRICTED,
- or SUSPENDED.
- in: query
- name: status__eq
- required: false
- type: string
- - description: An optional filter to retrieve accounts with a specified set
- of statuses.
- in: query
- name: status__in
- required: false
- type: string
- - description: An optional filter to exclude accounts with a specified set of
- statuses.
- in: query
- name: status__nin
- required: false
- type: string
- - description: An optional filter for tier level. Must be 0, 1, 2, 98, 99, or
- omitted.
- in: query
- name: tier__eq
- required: false
- type: string
- - description: An optional filter for parent account ID.
- in: query
- name: parent__eq
- required: false
- type: string
- - description: An optional filter for account end market.
- in: query
- name: end_market__eq
- required: false
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
type: string
- - description: 'An optional filter for account country. Finds all matches where
- the filter value is a case-insensitive substring of the result. Example:
- country__like=LAND matches Ireland.'
- in: query
- name: country__like
- required: false
+ - description: The ID of the application.
+ in: path
+ name: application_id
+ required: true
type: string
- - default: 1000
- description: The number of results to return (2-1000). Default 1000.
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
format: int32
in: query
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order. Acceptable values: ASC, DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
type: string
- description: 'Comma-separated additional data to return. Currently supported:
- limits, policies, sub_accounts, history.'
+ total_count.'
in: query
name: include
required: false
type: string
- - description: 'Format information for the query response. Supported: format=breakdown.'
- in: query
- name: format
- required: false
- type: string
- - description: Property name returned from account-specific properties.
+ - description: Status filter.
in: query
- name: properties
+ name: status__eq
required: false
type: string
produces:
@@ -8993,7 +12878,7 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/AccountInfoList'
+ $ref: '#/definitions/AccessKeyList'
'401':
description: Authentication failure.
schema:
@@ -9002,79 +12887,64 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get all accounts.
+ '404':
+ description: An account or application with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Get all access keys associated with the application.
tags:
- - Tenant accounts - accounts
+ - Tenant accounts - applications
x-filter:
- country:
- - like
- end_market:
- - eq
- parent:
- - eq
status:
- eq
- - in
- - nin
- tier:
- - eq
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
consumes:
- application/json
- description: 'Create a new account.
+ description: 'Create a new access key for the application.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts \
-
- -H ''Authorization: Bearer '' \
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys
+ -d ''{"name": "MyKey1"}'' \
- -H ''content-type: application/json'' \
+ -H ''Authorization: Bearer '' \
- -d ''{"display_name": "MyAccount1", "admin_name": "accountAdmin1", "email":
- "example_admin@myaccount.info", "country": "United Kingdom", "end_market":
- "Smart City", "address_line1": "110 Fulbourn Rd", "city": "Cambridge", "contact":
- "J. Doe", "company": "Arm"}''
+ -H ''content-type: application/json''
```'
- operationId: createAccount
+ operationId: createAccountApplicationAccessKey
parameters:
- - description: Details of the account to create.
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the application.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ - description: The details of the access key to create.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/AccountCreationReq'
- - default: create
- description: 'Action, either `create` or `enroll`.
-
-
-
- - `create` creates the account where its admin user has ACTIVE status
- if `admin_password` was defined in the request, or RESET status if no `admin_password`
- was defined. If the user already exists, its status is not modified.
-
- - `enroll` creates the account where its admin user has ENROLLING status.
- If the user already exists, its status is not modified. Email to finish
- enrollment or notify the existing user about the new account is sent to
- the `admin_email` defined in the request.
'
- in: query
- name: action
- required: false
- type: string
+ $ref: '#/definitions/AccessKey'
produces:
- application/json
responses:
'201':
- description: Successful operation.
+ description: New entity created.
schema:
- $ref: '#/definitions/AccountInfo'
+ $ref: '#/definitions/AccessKey'
'400':
- description: Error in input data, for example, invalid username.
+ description: Error in input data, for example, missing display name.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -9085,45 +12955,53 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Create a new account.
+ '404':
+ description: An account or application with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Create a new application access key.
tags:
- - Tenant accounts - accounts
+ - Tenant accounts - applications
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/me:
- get:
- description: 'Retrieve detailed information about the account.
+ /v3/accounts/{account_id}/applications/{application_id}/access-keys/{access_key_id}:
+ delete:
+ description: 'Delete the access key associated with the application.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/me?include=policies
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys/{access_key_id}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getMyAccountInfo
+ operationId: deleteAccountApplicationAccessKey
parameters:
- - description: 'Comma-separated additional data to return. Currently supported:
- limits, policies, sub_accounts.'
- in: query
- name: include
- required: false
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
+ required: true
type: string
- - description: Property name to return from account-specific properties.
- in: query
- name: properties
- required: false
+ - description: The ID of the application.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ - description: The ID of the access key to delete.
+ in: path
+ name: access_key_id
+ required: true
type: string
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/AccountInfo'
+ '204':
+ description: Deleted successfully.
'401':
description: Authentication failure.
schema:
@@ -9132,48 +13010,55 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get account info.
+ '404':
+ description: An account, application or access key with the specified ID
+ does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Delete access key associated with the application.
tags:
- - Account - profile
+ - Tenant accounts - applications
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
- consumes:
- - application/json
- description: 'Update the account.
+ get:
+ description: 'Retrieve details of an access key associated with the application.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/me \
-
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys/{access_key_id}
+ \
- -d ''{"phone_number": "12345678"}''
+ -H ''Authorization: Bearer ''
```'
- operationId: updateMyAccount
+ operationId: getAccountApplicationAccessKey
parameters:
- - description: Details of the account to update.
- in: body
- name: body
+ - description: The ID of the account to retrieve.
+ in: path
+ name: account_id
required: true
- schema:
- $ref: '#/definitions/AccountUpdateReq'
+ type: string
+ - description: The ID of the application.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ - description: The ID of the access key to retrieve.
+ in: path
+ name: access_key_id
+ required: true
+ type: string
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/AccountInfo'
- '400':
- description: Error in input data format.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/AccessKey'
'401':
description: Authentication failure.
schema:
@@ -9182,76 +13067,65 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Updates attributes of the account.
- tags:
- - Account - profile
- x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/me/notifications:
- get:
- description: Retrieve notifications for an account.
- operationId: getNofificationEntries
- parameters:
- - default: 50
- description: The number of results to return (2-1000). Default 50.
- format: int32
- in: query
- name: limit
- required: false
- type: integer
- - description: The entity ID to fetch after the given one.
- in: query
- name: after
- required: false
- type: string
- - default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
- in: query
- name: order
- required: false
- type: string
- produces:
- - application/json
- responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/NotificationEntryList'
- '400':
- description: Error in input data, or missing or invalid parameters.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '401':
- description: Authentication failure.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '403':
- description: Forbidden
+ '404':
+ description: An account, application or access key with the specified ID
+ does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get notification events for an account.
+ summary: Get access key.
tags:
- - Account - email notification logs
+ - Tenant accounts - applications
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/me/notifications/{notification_id}:
- get:
- description: An endpoint for retrieving notification event details.
- operationId: getNofificationEntry
+ put:
+ description: 'Update access key details.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ `curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/access-keys/{access_key_id}
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"name": "TestAccessKey"}''
+
+ ```'
+ operationId: updateAccountApplicationAccessKey
parameters:
- - description: The ID of the notification entry to be retrieved.
+ - description: The ID of the account to retrieve.
in: path
- name: notification_id
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the application.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ - description: The ID of the access key to update.
+ in: path
+ name: access_key_id
required: true
type: string
+ - description: New access key attributes to store.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/AccessKey'
produces:
- application/json
responses:
'200':
- description: successful operation
+ description: Successful operation.
schema:
- $ref: '#/definitions/NotificationEntry'
+ $ref: '#/definitions/AccessKey'
'400':
- description: Error in input data, missing or invalid parameters.
+ description: Error in input data, for example, invalid display name.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -9259,48 +13133,70 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: No entry found for the given ID.
+ description: An account, application or access key with the specified ID
+ does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get notification event details.
+ summary: Update access key details.
tags:
- - Account Admin
+ - Tenant accounts - applications
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}:
+ /v3/accounts/{account_id}/applications/{application_id}/groups:
get:
- description: 'Retrieve detailed information about an account.
+ description: 'Retrieve an array of policy groups associated with an application.
+ Note: This endpoint is restricted to administrators.
- **Example:**
+ **Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id} \
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/groups
+ \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAccountInfo
+ operationId: getGroupsOfAccountApplication
parameters:
- - description: The ID of the account to fetch.
+ - description: The ID of the account to retrieve.
in: path
name: account_id
required: true
type: string
- - description: 'Comma-separated additional data to return. Currently supported:
- limits, policies, sub_accounts, history.'
+ - description: The ID of the application.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
in: query
- name: include
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
required: false
type: string
- - description: Property name to return from account-specific properties.
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
- name: properties
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
required: false
type: string
produces:
@@ -9309,7 +13205,7 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/AccountInfo'
+ $ref: '#/definitions/GroupSummaryList'
'401':
description: Authentication failure.
schema:
@@ -9319,55 +13215,61 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account with the given ID not found.
+ description: An account or application with the given ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get account info.
+ summary: Get policy groups of an application.
tags:
- - Tenant accounts - accounts
+ - Tenant accounts - applications
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
+ /v3/accounts/{account_id}/applications/{application_id}/groups/add:
+ post:
consumes:
- application/json
- description: 'Update an account.
+ description: 'Add application to groups.
+ Note: This endpoint is restricted to administrators.
- **Example:**
+ **Example:**
```
- curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id} \
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/groups/add
+ \
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
- -d ''{"phone_number": "12345678"}''
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: updateAccount
+ operationId: addAccountApplicationToGroups
parameters:
- - description: The ID of the account to update.
+ - description: The ID of the account to retrieve.
in: path
name: account_id
required: true
type: string
- - description: Details of the account to update.
+ - description: The ID of the application to add to the group.
+ in: path
+ name: application_id
+ required: true
+ type: string
+ - description: A list of IDs of the groups to update.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/AccountUpdateRootReq'
+ $ref: '#/definitions/GroupIdList'
produces:
- application/json
responses:
- '200':
+ '204':
description: Successful operation.
- schema:
- $ref: '#/definitions/AccountInfo'
'400':
- description: Error in input data format.
+ description: Error in input data.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -9379,70 +13281,183 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account with the given ID not found.
+ description: An account, a group or application with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Update attributes of an existing account.
+ '409':
+ description: The application is a member of the group already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Add application to a list of groups.
tags:
- - Tenant accounts - accounts
+ - Tenant accounts - applications
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/api-keys:
- get:
- description: 'Retrieve API keys in an array, optionally filtered by the owner.
+ /v3/accounts/{account_id}/applications/{application_id}/groups/remove:
+ post:
+ consumes:
+ - application/json
+ description: 'Remove application from groups.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/applications/{application_id}/groups/remove
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: getAllAccountApiKeys
+ operationId: removeAccountApplicationFromGroups
parameters:
- - description: Account ID.
+ - description: The ID of the account to retrieve.
in: path
name: account_id
required: true
type: string
- - default: 50
- description: The number of results to return (2-1000). Default 50.
- format: int32
- in: query
- name: limit
- required: false
- type: integer
- - description: The entity ID to fetch after the given one.
- in: query
- name: after
- required: false
- type: string
- - default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
- in: query
- name: order
- required: false
+ - description: The ID of the application to remove from the group.
+ in: path
+ name: application_id
+ required: true
type: string
- - description: 'Comma-separated additional data to return. Currently supported:
- total_count.'
- in: query
- name: include
- required: false
+ - description: A list of IDs of the groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/GroupIdList'
+ produces:
+ - application/json
+ responses:
+ '204':
+ description: Successful operation.
+ '400':
+ description: Error in input data, for example, invalid group ID.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or application with that ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Remove application from groups.
+ tags:
+ - Tenant accounts - applications
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/branding-colors:
+ delete:
+ description: 'Delete account branding colors for all themes.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example usage:**
+
+ `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors
+ -H ''Authorization: Bearer ''`'
+ operationId: deleteAllAccountColors
+ parameters:
+ - description: The ID of the account.
+ in: path
+ name: account_id
+ required: true
type: string
- - description: API key filter. Do not include the private portion of the API
- key (the last 32 characters).
- in: query
- name: key__eq
- required: false
+ produces:
+ - application/json
+ responses:
+ '204':
+ description: Colors have been deleted successfully.
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: Account or branding colors not found.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Delete all colors.
+ tags:
+ - Tenant user interface configuration - colors
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/branding-colors/dark:
+ delete:
+ description: 'Delete account dark theme branding colors.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example usage:**
+
+ `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark
+ -H ''Authorization: Bearer ''`'
+ operationId: deleteAllAccountDarkColors
+ parameters:
+ - description: The ID of the account.
+ in: path
+ name: account_id
+ required: true
type: string
- - description: Owner name filter.
- in: query
- name: owner__eq
- required: false
+ produces:
+ - application/json
+ responses:
+ '204':
+ description: Colors have been deleted successfully.
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: Account or branding colors not found.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Delete colors in the dark theme.
+ tags:
+ - Tenant user interface configuration - colors
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ get:
+ description: 'Retrieve dark theme branding colors for an account.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAccountDarkColors
+ parameters:
+ - description: The ID of the account.
+ in: path
+ name: account_id
+ required: true
type: string
produces:
- application/json
@@ -9450,7 +13465,7 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ $ref: '#/definitions/BrandingColorList'
'401':
description: Authentication failure.
schema:
@@ -9460,61 +13475,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account with the given ID does not exist.
+ description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get all API keys.
+ summary: Get dark theme branding colors.
tags:
- - Tenant accounts - API keys
- x-filter:
- key:
- - eq
- owner:
- - eq
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- post:
+ put:
consumes:
- application/json
- description: 'Create a new API key. There is no default value for the owner
- ID, and it must be from the same account where the new API key is created.
-
-
- **Example:**
-
- ```
-
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys
- \
-
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''{"name": "MyKey1"}''
-
- ```'
- operationId: createAccountApiKey
+ description: "Update an array of dark theme branding colors.\nNote: This\
+ \ endpoint is restricted to administrators.\n\n**Example:**\n```\ncurl -X\
+ \ PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/dark\
+ \ \\\n-H 'Authorization: Bearer ' \\\n-H 'content-type: application/json'\
+ \ \\\n'[{ \"reference\": \"primary\",\n \"color\": \"#f3f93e\" }]'\n```"
+ operationId: bulkSetAccountDarkColors
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: Details of the API key to create.
+ - description: List of branding colors.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/ApiKeyInfoReq'
+ items:
+ $ref: '#/definitions/BrandingColorUpdate'
+ type: array
produces:
- application/json
responses:
- '201':
- description: New entity created.
- schema:
- $ref: '#/definitions/ApiKeyInfoResp'
+ '204':
+ description: Colors have been set successfully.
'400':
- description: Error in input data, for example, missing display name.
+ description: Error in input data format.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -9526,38 +13523,41 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account with the given ID does not exist.
+ description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Create a new API key.
+ summary: Updates an array of dark theme branding colors.
tags:
- - Tenant accounts - API keys
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/api-keys/{apikey_id}:
+ /v3/accounts/{account_id}/branding-colors/dark/{reference}:
delete:
- description: 'Delete an API key.
+ description: 'Resets the branding color to its dark theme default.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark/{reference}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: deleteAccountApiKey
+ operationId: resetAccountDarkColor
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the API key to delete.
+ - description: The name of the branding color.
+ enum: *id001
in: path
- name: apikey_id
+ name: reference
required: true
type: string
produces:
@@ -9574,98 +13574,49 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or API key with the specified ID does not exist.
+ description: Color or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete the API key.
+ summary: Reset branding color to default.
tags:
- - Tenant accounts - API keys
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
get:
- description: "Retrieve API key details.\n\n**Example:**\n```\ncurl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}\
- \ \\\n -H 'Authorization: Bearer '\n```"
- operationId: getAccountApiKey
- parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the API key to retrieve.
- in: path
- name: apikey_id
- required: true
- type: string
- produces:
- - application/json
- responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/ApiKeyInfoResp'
- '401':
- description: Authentication failure.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '403':
- description: Forbidden.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '404':
- description: An account or API key with the specified ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Get API key details.
- tags:
- - Tenant accounts - API keys
- x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
- description: 'Update API key details.
+ description: 'Retrieve the requested dark theme branding color.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark/{reference}
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''{"name": "TestApiKey25"}''
+ -H ''Authorization: Bearer ''
```'
- operationId: updateAccountApiKey
+ operationId: getAccountDarkColor
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the API key to update.
+ - description: The name of the branding color.
+ enum: *id001
in: path
- name: apikey_id
+ name: reference
required: true
type: string
- - description: New API key attributes to be stored.
- in: body
- name: body
- required: true
- schema:
- $ref: '#/definitions/ApiKeyUpdateReq'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/ApiKeyInfoResp'
- '400':
- description: Error in input data, for example, missing display name.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/BrandingColor'
'401':
description: Authentication failure.
schema:
@@ -9675,64 +13626,63 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account ID or API key with the specified ID does not exist.
+ description: Color or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Update API key details.
+ summary: Get dark theme branding color.
tags:
- - Tenant accounts - API keys
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/api-keys/{apikey_id}/groups:
- delete:
+ put:
consumes:
- application/json
- deprecated: true
- description: 'Remove API key from groups.
+ description: 'Update a dark theme branding color.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/dark/primary
\
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
- -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+ -d ''{ "color": "#f3f93e" }''
```'
- operationId: removeAccountApiKeyFromGroups
+ operationId: setAccountDarkColor
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the API key to remove from the group.
+ - description: The name of the branding color.
+ enum: *id001
in: path
- name: apikey_id
+ name: reference
required: true
type: string
- - description: A list of IDs of the groups to update.
+ - description: The branding color.
in: body
name: body
required: true
schema:
- items:
- type: string
- type: array
+ $ref: '#/definitions/BrandingColor'
produces:
- application/json
responses:
'200':
- description: Successful operation.
+ description: Color has been set successfully.
schema:
- $ref: '#/definitions/ApiKeyInfoResp'
+ $ref: '#/definitions/BrandingColor'
'400':
- description: Error in input data.
+ description: Error in input data format.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -9744,76 +13694,36 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or API key with the specified ID does not exist.
+ description: Color or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Remove API key from groups.
+ summary: Updates a dark theme branding color.
tags:
- - Tenant accounts - API keys
- x-deprecation:
- comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove/
- end_of_life_at: '2020-07-11T11:04:57+00:00'
- issued_at: '2019-07-11T11:04:57+00:00'
- links: []
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve groups associated with the API key.
-
-
- **Example:**
+ /v3/accounts/{account_id}/branding-colors/light:
+ delete:
+ description: 'Delete account light theme branding colors.
- ```
+ Note: This endpoint is restricted to administrators.
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups
- \
- -H ''Authorization: Bearer ''
+ **Example usage:**
- ```'
- operationId: getGroupsOfAccountApikey
+ `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light
+ -H ''Authorization: Bearer ''`'
+ operationId: deleteAllAccountLightColors
parameters:
- - default: 50
- description: The number of results to return (2-1000). Default 50.
- format: int32
- in: query
- name: limit
- required: false
- type: integer
- - description: The entity ID to fetch after the given one.
- in: query
- name: after
- required: false
- type: string
- - default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
- in: query
- name: order
- required: false
- type: string
- - description: 'Comma-separated additional data to return. Currently supported:
- total_count.'
- in: query
- name: include
- required: false
- type: string
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the API key.
+ - description: The ID of the account.
in: path
- name: apikey_id
+ name: account_id
required: true
type: string
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/GroupSummaryList'
+ '204':
+ description: Colors have been deleted successfully.
'401':
description: Authentication failure.
schema:
@@ -9823,65 +13733,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or API key with the specified ID does not exist.
+ description: Account or branding colors not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get groups associated with the API key.
+ summary: Delete colors in the light theme.
tags:
- - Tenant accounts - API keys
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- post:
- consumes:
- - application/json
- deprecated: true
- description: 'Add API key to groups.
+ get:
+ description: 'Retrieve light theme branding colors for an account.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+ -H ''Authorization: Bearer ''
```'
- operationId: addAccountApiKeyToGroups
+ operationId: getAccountLightColors
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the API key to add to the group.
- in: path
- name: apikey_id
- required: true
- type: string
- - description: A list of IDs of groups to update.
- in: body
- name: body
- required: true
- schema:
- items:
- type: string
- type: array
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/ApiKeyInfoResp'
- '400':
- description: Error in input data.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/BrandingColorList'
'401':
description: Authentication failure.
schema:
@@ -9891,70 +13779,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or API key with the specified ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: The API key is a member of the group already.
+ description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add API key to a list of groups.
+ summary: Get light theme branding colors.
tags:
- - Tenant accounts - API keys
- x-deprecation:
- comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add/
- end_of_life_at: '2020-07-11T11:04:57+00:00'
- issued_at: '2019-07-11T11:04:57+00:00'
- links: []
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add:
- post:
+ put:
consumes:
- application/json
- description: 'Add an API key to groups.
-
-
- **Example:**
-
- ```
-
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add
- \
-
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
-
- ```'
- operationId: addAccountApiKeyToListedGroups
+ description: "Update an array of light theme branding colors.\nNote:\
+ \ This endpoint is restricted to administrators.\n\n**Example:**\n```\ncurl\
+ \ -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/light\
+ \ \\\n-H 'Authorization: Bearer ' \\\n-H 'content-type: application/json'\
+ \ \\\n'[{ \"reference\": \"primary\",\n \"color\": \"purple\" }]'\n```"
+ operationId: bulkSetAccountLightColors
parameters:
- - description: The ID of the Account.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the API key to add to the group.
- in: path
- name: apikey_id
- required: true
- type: string
- - description: A list of IDs of groups to update.
+ - description: List of branding colors.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/GroupIdList'
+ items:
+ $ref: '#/definitions/BrandingColorUpdate'
+ type: array
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/ApiKeyInfoResp'
+ '204':
+ description: Colors have been set successfully.
'400':
- description: Error in input data.
+ description: Error in input data format.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -9966,67 +13827,48 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or API key with the specified ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: The API key is a member of the group already.
+ description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add API key to a list of groups.
+ summary: Updates an array of light theme branding colors.
tags:
- - Tenant accounts - API keys
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove:
- post:
- consumes:
- - application/json
- description: 'Remove an API key from groups.
+ /v3/accounts/{account_id}/branding-colors/light/{reference}:
+ delete:
+ description: 'Resets the branding color to its light theme default.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light/{reference}
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+ -H ''Authorization: Bearer ''
```'
- operationId: removeAccountApiKeyFromListedGroups
+ operationId: resetAccountLightColor
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the API key to remove from the group.
+ - description: The name of the branding color.
+ enum: *id001
in: path
- name: apikey_id
+ name: reference
required: true
type: string
- - description: A list of IDs of the groups to update.
- in: body
- name: body
- required: true
- schema:
- $ref: '#/definitions/GroupIdList'
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/ApiKeyInfoResp'
- '400':
- description: Error in input data.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ '204':
+ description: Deleted successfully.
'401':
description: Authentication failure.
schema:
@@ -10036,57 +13878,48 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or API key with the specified ID does not exist.
+ description: Color or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Remove API key from groups.
+ summary: Reset branding color to default.
tags:
- - Tenant accounts - API keys
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/api-keys/{apikey_id}/reset-secret:
- post:
- description: 'Reset the secret key of the API key.
+ get:
+ description: 'Retrieve the requested light theme branding color.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/reset-secret
- \
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light/{reference}
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: resetAccountApiKeySecret
+ operationId: getAccountLightColor
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the API key to reset.
+ - description: The name of the branding color.
+ enum: *id001
in: path
- name: apikey_id
+ name: reference
required: true
type: string
- - description: New API key attributes to be stored.
- in: body
- name: body
- required: false
- schema:
- $ref: '#/definitions/ApiKeyUpdateReq'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/ApiKeyInfoResp'
- '400':
- description: Error in input data format.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/BrandingColor'
'401':
description: Authentication failure.
schema:
@@ -10096,34 +13929,65 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or API key with the specified ID does not exist.
+ description: Color or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Reset the secret key.
+ summary: Get light theme branding color.
tags:
- - Tenant accounts - API keys
+ - Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-colors:
- delete:
- description: 'Delete account branding colors for all themes.
+ put:
+ consumes:
+ - application/json
+ description: 'Update a light theme branding color.
+ Note: This endpoint is restricted to administrators.
- **Example usage:**
- `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors
- -H ''Authorization: Bearer API_KEY''`'
- operationId: deleteAllAccountColors
+ **Example:**
+
+ ```
+
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/light/primary
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{ "color": "purple" }''
+
+ ```'
+ operationId: setAccountLightColor
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
+ - description: The name of the branding color.
+ enum: *id001
+ in: path
+ name: reference
+ required: true
+ type: string
+ - description: The branding color.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/BrandingColor'
produces:
- application/json
responses:
- '204':
- description: Colors have been deleted successfully.
+ '200':
+ description: Color set successfully.
+ schema:
+ $ref: '#/definitions/BrandingColor'
+ '400':
+ description: Error in input data format.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -10133,23 +13997,25 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or branding colors not found.
+ description: Color or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete all colors.
+ summary: Updates light theme branding color.
tags:
- Tenant user interface configuration - colors
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-colors/dark:
+ /v3/accounts/{account_id}/branding-images:
delete:
- description: 'Delete account dark theme branding colors.
+ description: 'Delete account branding images for all themes.
+ Note: This endpoint is restricted to administrators.
- **Example usage:**
- `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark
- -H ''Authorization: Bearer API_KEY''`'
- operationId: deleteAllAccountDarkColors
+ **Example usage:**
+
+ `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images
+ -H ''Authorization: Bearer ''`'
+ operationId: deleteAllAccountImages
parameters:
- description: The ID of the account.
in: path
@@ -10160,7 +14026,7 @@ paths:
- application/json
responses:
'204':
- description: Colors have been deleted successfully.
+ description: Images have been deleted successfully.
'401':
description: Authentication failure.
schema:
@@ -10170,28 +14036,25 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or branding colors not found.
+ description: Account or branding images not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete colors in the dark theme.
+ summary: Delete all images.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve dark theme branding colors for an account.
-
-
- **Example:**
+ /v3/accounts/{account_id}/branding-images/dark:
+ delete:
+ description: 'Delete account dark theme branding images.
- ```
+ Note: This endpoint is restricted to administrators.
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark
- \
- -H ''Authorization: Bearer ''
+ **Example usage:**
- ```'
- operationId: getAccountDarkColors
+ `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark
+ -H ''Authorization: Bearer ''`'
+ operationId: deleteAllAccountDarkImages
parameters:
- description: The ID of the account.
in: path
@@ -10201,10 +14064,8 @@ paths:
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/BrandingColorList'
+ '204':
+ description: Images have been deleted successfully.
'401':
description: Authentication failure.
schema:
@@ -10214,44 +14075,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account not found.
+ description: Account or branding images not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get dark theme branding colors.
+ summary: Delete images in the dark theme.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
- consumes:
- - application/json
- description: "Update an array of dark theme branding colors of a tenant account.\n\
- \n**Example:**\n```\ncurl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/dark\
- \ \\\n-H 'Authorization: Bearer ' \\\n-H 'content-type: application/json'\
- \ \\\n'[{ \"reference\": \"primary\",\n \"color\": \"#f3f93e\" }]'\n```"
- operationId: bulkSetAccountDarkColors
+ get:
+ description: 'Retrieve the metadata of all dark theme branding images.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccountDarkImageData
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: List of branding colors.
- in: body
- name: body
- required: true
- schema:
- items:
- $ref: '#/definitions/BrandingColor'
- type: array
produces:
- application/json
responses:
- '204':
- description: Colors have been set successfully.
- '400':
- description: Error in input data format.
+ '200':
+ description: Successful operation.
schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/BrandingImageList'
'401':
description: Authentication failure.
schema:
@@ -10264,35 +14124,36 @@ paths:
description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Updates an array of dark theme branding colors.
+ summary: Get metadata of all dark theme images.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-colors/dark/{reference}:
- delete:
- description: 'Resets the branding color of a tenant account to its dark theme
- default.
+ /v3/accounts/{account_id}/branding-images/dark/{reference}:
+ get:
+ description: 'Retrieve metadata of one account dark theme branding image.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark/{reference}
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: resetAccountDarkColor
+ operationId: getAccountDarkImageData
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The name of the branding color.
- enum: *id020
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
in: path
name: reference
required: true
@@ -10300,8 +14161,10 @@ paths:
produces:
- application/json
responses:
- '204':
- description: Deleted successfully.
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/BrandingImage'
'401':
description: Authentication failure.
schema:
@@ -10311,36 +14174,39 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Color or account not found.
+ description: Unknown image reference, or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Reset branding color to default.
+ summary: Get metadata of a dark theme image.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve the requested dark theme branding color.
+ /v3/accounts/{account_id}/branding-images/dark/{reference}/clear:
+ post:
+ description: 'Revert an account branding image to dark theme default.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark/{reference}
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}/clear
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAccountDarkColor
+ operationId: clearAccountDarkImage
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The name of the branding color.
- enum: *id020
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
in: path
name: reference
required: true
@@ -10348,10 +14214,8 @@ paths:
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/BrandingColor'
+ '204':
+ description: Image reverted successfully.
'401':
description: Authentication failure.
schema:
@@ -10361,61 +14225,71 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Color or account not found.
+ description: Unknown image reference, or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get dark theme branding color.
+ summary: Revert an image to dark theme default.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
+ /v3/accounts/{account_id}/branding-images/dark/{reference}/upload:
+ post:
consumes:
- - application/json
- description: 'Update a dark theme branding color of a tenant account.
+ - image/png
+ - image/jpeg
+ description: 'Upload a new account dark theme branding image in PNG or JPEG
+ format.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/dark/primary
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}/upload
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
+ -H ''Authorization: Bearer ''
- -d ''{ "color": "#f3f93e" }''
+ -H ''content-type: image/png'' --data-binary ''@myimage.png''
```'
- operationId: setAccountDarkColor
+ operationId: uploadAccountDarkImage
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The name of the branding color.
- enum: *id020
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
in: path
name: reference
required: true
type: string
- - description: The branding color.
+ - description: The image in PNG or JPEG format.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/BrandingColor'
+ $ref: '#/definitions/Image'
produces:
- application/json
responses:
- '200':
- description: Color has been set successfully.
+ '201':
+ description: Image uploaded successfully.
+ headers:
+ Content-Location:
+ description: Location of the image metadata.
+ type: string
+ Location:
+ description: Location of the image binary.
+ type: string
schema:
- $ref: '#/definitions/BrandingColor'
+ $ref: '#/definitions/BrandingImage'
'400':
- description: Error in input data format.
+ description: Error in input data format, for example, image is too large.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -10427,34 +14301,57 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Color or account not found.
+ description: Unknown image reference, or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Updates a dark theme branding color.
+ summary: Upload a dark theme image.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-colors/light:
- delete:
- description: 'Delete account light theme branding colors.
-
-
- **Example usage:**
+ /v3/accounts/{account_id}/branding-images/dark/{reference}/upload-multipart:
+ post:
+ consumes:
+ - multipart/form-data
+ description: 'Upload a new account dark theme branding image as form data in
+ PNG or JPEG format.
- `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light
- -H ''Authorization: Bearer API_KEY''`'
- operationId: deleteAllAccountLightColors
+ Note: This endpoint is restricted to administrators.'
+ operationId: uploadAccountDarkImageMultipart
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
+ in: path
+ name: reference
+ required: true
+ type: string
+ - description: The image in PNG or JPEG format as multipart form data.
+ in: formData
+ name: image
+ required: true
+ type: file
produces:
- application/json
responses:
- '204':
- description: Colors have been deleted successfully.
+ '201':
+ description: Image uploaded successfully.
+ headers:
+ Content-Location:
+ description: Location of the image metadata.
+ type: string
+ Location:
+ description: Location of the image binary.
+ type: string
+ schema:
+ $ref: '#/definitions/BrandingImage'
+ '400':
+ description: Error in input data format, for example, image is too large.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -10464,28 +14361,25 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or branding colors not found.
+ description: Unknown image reference.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete colors in the light theme.
+ summary: Upload a dark theme image.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve light theme branding colors for an account.
-
-
- **Example:**
+ /v3/accounts/{account_id}/branding-images/light:
+ delete:
+ description: 'Delete account light theme branding images.
- ```
+ Note: This endpoint is restricted to administrators.
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light
- \
- -H ''Authorization: Bearer ''
+ **Example usage:**
- ```'
- operationId: getAccountLightColors
+ `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light
+ -H ''Authorization: Bearer ''`'
+ operationId: deleteAllAccountLightImages
parameters:
- description: The ID of the account.
in: path
@@ -10495,10 +14389,8 @@ paths:
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/BrandingColorList'
+ '204':
+ description: Images have been deleted successfully.
'401':
description: Authentication failure.
schema:
@@ -10508,44 +14400,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account not found.
+ description: Account or branding images not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get light theme branding colors.
+ summary: Delete images in the light theme.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
- consumes:
- - application/json
- description: "Update an array of light theme branding colors of a tenant account.\n\
- \n**Example:**\n```\ncurl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/light\
- \ \\\n-H 'Authorization: Bearer ' \\\n-H 'content-type: application/json'\
- \ \\\n'[{ \"reference\": \"primary\",\n \"color\": \"purple\" }]'\n```"
- operationId: bulkSetAccountLightColors
+ get:
+ description: 'Retrieve the metadata of all light theme branding images.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccountLightImageData
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: List of branding colors.
- in: body
- name: body
- required: true
- schema:
- items:
- $ref: '#/definitions/BrandingColor'
- type: array
produces:
- application/json
responses:
- '204':
- description: Colors have been set successfully.
- '400':
- description: Error in input data format.
+ '200':
+ description: Successful operation.
schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/BrandingImageList'
'401':
description: Authentication failure.
schema:
@@ -10558,35 +14449,36 @@ paths:
description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Updates an array of light theme branding colors.
+ summary: Get metadata of all light theme images.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-colors/light/{reference}:
- delete:
- description: 'Resets the branding color of a tenant account to its light theme
- default.
+ /v3/accounts/{account_id}/branding-images/light/{reference}:
+ get:
+ description: 'Retrieve metadata for one account light theme branding image.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light/{reference}
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: resetAccountLightColor
+ operationId: getAccountLightImageData
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The name of the branding color.
- enum: *id020
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
in: path
name: reference
required: true
@@ -10594,8 +14486,10 @@ paths:
produces:
- application/json
responses:
- '204':
- description: Deleted successfully.
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/BrandingImage'
'401':
description: Authentication failure.
schema:
@@ -10605,35 +14499,37 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Color or account not found.
+ description: Unknown image reference, or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Reset branding color to default.
+ summary: Get metadata of a light theme image.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve the requested light theme branding color.
+ /v3/accounts/{account_id}/branding-images/light/{reference}/clear:
+ post:
+ description: 'Revert an account branding image to light theme default.
+ Note: This endpoint is restricted to administrators.
- **Example:**
- ```
+ **Example:**
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light/{reference}
+ ```curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference}/clear
+ \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAccountLightColor
+ operationId: clearAccountLightImage
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The name of the branding color.
- enum: *id020
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
in: path
name: reference
required: true
@@ -10641,10 +14537,8 @@ paths:
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/BrandingColor'
+ '204':
+ description: Image reverted successfully.
'401':
description: Authentication failure.
schema:
@@ -10654,61 +14548,71 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Color or account not found.
+ description: Unknown image reference, or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get light theme branding color.
+ summary: Revert an image to light theme default.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
+ /v3/accounts/{account_id}/branding-images/light/{reference}/upload:
+ post:
consumes:
- - application/json
- description: 'Update a light theme branding color of a tenant account.
+ - image/png
+ - image/jpeg
+ description: 'Upload a new account light theme branding image in PNG or JPEG
+ format.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/light/primary
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference}/upload
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
+ -H ''Authorization: Bearer '' \
- -d ''{ "color": "purple" }''
+ -H ''content-type: image/png'' --data-binary ''@myimage.png''
```'
- operationId: setAccountLightColor
+ operationId: uploadAccountLightImage
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The name of the branding color.
- enum: *id020
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
in: path
name: reference
required: true
type: string
- - description: The branding color.
+ - description: The image in PNG or JPEG format.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/BrandingColor'
+ $ref: '#/definitions/Image'
produces:
- application/json
responses:
- '200':
- description: Color set successfully.
+ '201':
+ description: Image uploaded successfully.
+ headers:
+ Content-Location:
+ description: Location of image metadata.
+ type: string
+ Location:
+ description: Location of the image binary.
+ type: string
schema:
- $ref: '#/definitions/BrandingColor'
+ $ref: '#/definitions/BrandingImage'
'400':
- description: Error in input data format.
+ description: Error in input data format, for example, image is too large.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -10720,34 +14624,57 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Color or account not found.
+ description: Unknown image reference, or account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Updates light theme branding color.
+ summary: Upload a light theme image.
tags:
- - Tenant user interface configuration - colors
+ - Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images:
- delete:
- description: 'Delete account branding images for all themes.
-
-
- **Example usage:**
+ /v3/accounts/{account_id}/branding-images/light/{reference}/upload-multipart:
+ post:
+ consumes:
+ - multipart/form-data
+ description: 'Upload a new account branding image as form data in PNG or JPEG
+ format.
- `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images
- -H ''Authorization: Bearer API_KEY''`'
- operationId: deleteAllAccountImages
+ Note: This endpoint is restricted to administrators.'
+ operationId: uploadAccountLightImageMultipart
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
+ - description: Name of the branding images (icon or picture).
+ enum: *id026
+ in: path
+ name: reference
+ required: true
+ type: string
+ - description: The image in PNG or JPEG format as multipart form data.
+ in: formData
+ name: image
+ required: true
+ type: file
produces:
- application/json
responses:
- '204':
- description: Images have been deleted successfully.
+ '201':
+ description: Image uploaded successfully.
+ headers:
+ Content-Location:
+ description: Location of the image metadata.
+ type: string
+ Location:
+ description: Location of the image binary.
+ type: string
+ schema:
+ $ref: '#/definitions/BrandingImage'
+ '400':
+ description: Error in input data format, for example, image is too large.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -10757,34 +14684,59 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or branding images not found.
+ description: Unknown image reference.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete all images.
+ summary: Upload a light theme image.
tags:
- Tenant user interface configuration - images
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/dark:
- delete:
- description: 'Delete account dark theme branding images.
-
-
- **Example usage:**
+ /v3/accounts/{account_id}/identity-providers:
+ get:
+ consumes:
+ - application/json
+ description: 'Retrieve an array of identity providers.
- `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark
- -H ''Authorization: Bearer API_KEY''`'
- operationId: deleteAllAccountDarkImages
+ Note: This endpoint is restricted to administrators.'
+ operationId: getAllAccountIdentityProviders
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
+ required: false
+ type: string
produces:
- application/json
responses:
- '204':
- description: Images have been deleted successfully.
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/IdentityProviderList'
'401':
description: Authentication failure.
schema:
@@ -10794,41 +14746,58 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or branding images not found.
+ description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete images in the dark theme.
+ summary: Get all identity providers.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - identity providers
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve the metadata of all dark theme branding images.
-
-
- **Example:**
-
- ```
-
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark
- \
-
- -H ''Authorization: Bearer ''
+ post:
+ consumes:
+ - application/json
+ description: 'Create a new identity provider.
- ```'
- operationId: getAllAccountDarkImageData
+ Note: This endpoint is restricted to administrators.'
+ operationId: createAccountIdentityProvider
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
- type: string
+ type: string
+ - allowEmptyValue: true
+ description: 'Indicates that the OpenID Connect endpoints and keys should
+ be set using the OpenID Connect Discovery mechanism. The following parameters
+ are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint
+ * revocation_endpoint * jwks_uri * keys'
+ in: query
+ name: discovery
+ type: boolean
+ - description: Details of the identity provider to create.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/IdentityProviderCreationReq'
produces:
- application/json
responses:
- '200':
- description: Successful operation.
+ '201':
+ description: New entity created.
+ headers:
+ Content-Location:
+ description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
+ type: string
+ Location:
+ description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
+ type: string
schema:
- $ref: '#/definitions/BrandingImageList'
+ $ref: '#/definitions/IdentityProviderInfo'
+ '400':
+ description: Error in input data, for example, too long name.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -10841,94 +14810,71 @@ paths:
description: Account not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get metadata of all dark theme images.
+ summary: Create a new identity provider.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - identity providers
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/dark/{reference}:
- get:
- description: 'Retrieve metadata of one account dark theme branding image.
-
-
- **Example:**
-
- ```
-
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}
- \
-
- -H ''Authorization: Bearer ''
+ /v3/accounts/{account_id}/identity-providers/{identity_provider_id}:
+ delete:
+ description: 'Delete an identity provider by ID.
- ```'
- operationId: getAccountDarkImageData
+ Note: This endpoint is restricted to administrators.'
+ operationId: deleteAccountIdentityProvider
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
+ - description: The ID of the identity provider to delete.
in: path
- name: reference
+ name: identity_provider_id
required: true
type: string
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/BrandingImage'
+ '204':
+ description: Deleted successfully.
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden, or identity provider is in use.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference, or account not found.
+ description: An account or identity provider not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get metadata of a dark theme image.
+ summary: Delete an identity provider by ID.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - identity providers
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/dark/{reference}/clear:
- post:
- description: 'Revert an account branding image to dark theme default.
-
-
- **Example:**
-
- ```
-
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}/clear
- \
-
- -H ''Authorization: Bearer ''
+ get:
+ description: 'Retrieve an identity provider.
- ```'
- operationId: clearAccountDarkImage
+ Note: This endpoint is restricted to administrators.'
+ operationId: getAccountIdentityProvider
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
+ - description: The ID of the identity provider to retrieve.
in: path
- name: reference
+ name: identity_provider_id
required: true
type: string
produces:
- application/json
responses:
- '204':
- description: Image reverted successfully.
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/IdentityProviderInfo'
'401':
description: Authentication failure.
schema:
@@ -10938,69 +14884,54 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference, or account not found.
+ description: An account or identity provider not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Revert an image to dark theme default.
+ summary: Get an identity provider.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - identity providers
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/dark/{reference}/upload:
- post:
+ put:
consumes:
- - image/png
- - image/jpeg
- description: 'Upload a new account dark theme branding image in PNG or JPEG
- format.
-
-
- **Example:**
-
- ```
-
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}/upload
- \
-
- -H ''Authorization: Bearer ''
-
- -H ''content-type: image/png'' --data-binary ''@myimage.png''
+ - application/json
+ description: 'Update an existing identity provider.
- ```'
- operationId: uploadAccountDarkImage
+ Note: This endpoint is restricted to administrators.'
+ operationId: updateAccountIdentityProvider
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
+ - description: The ID of the identity provider to update.
in: path
- name: reference
+ name: identity_provider_id
required: true
type: string
- - description: The image in PNG or JPEG format.
+ - allowEmptyValue: true
+ description: 'Indicates that the OpenID Connect endpoints and keys should
+ be set using the OpenID Connect Discovery mechanism. The following parameters
+ are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint
+ * revocation_endpoint * jwks_uri * keys'
+ in: query
+ name: discovery
+ type: boolean
+ - description: Details of the identity provider to update.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/Image'
+ $ref: '#/definitions/IdentityProviderUpdateReq'
produces:
- application/json
responses:
- '201':
- description: Image uploaded successfully.
- headers:
- Content-Location:
- description: Location of the image metadata.
- type: string
- Location:
- description: Location of the image binary.
- type: string
+ '200':
+ description: Successful operation.
schema:
- $ref: '#/definitions/BrandingImage'
+ $ref: '#/definitions/IdentityProviderInfo'
'400':
- description: Error in input data format, for example, image is too large.
+ description: Error in input data, for example, missing name.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11012,55 +14943,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference, or account not found.
+ description: An account or identity provider not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Upload a dark theme image.
+ summary: Update an existing identity provider.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - identity providers
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/dark/{reference}/upload-multipart:
+ /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/delete-sp-certificate:
post:
consumes:
- - multipart/form-data
- description: Upload a new account dark theme branding image as form data in
- PNG or JPEG format.
- operationId: uploadAccountDarkImageMultipart
+ - application/json
+ description: 'Delete a service provider certificate.
+
+ Note: This endpoint is restricted to administrators.'
+ operationId: deleteAccountSpCertificate
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
+ - description: The ID of the identity provider whose certificate should be deleted.
in: path
- name: reference
+ name: identity_provider_id
required: true
type: string
- - description: The image in PNG or JPEG format as multipart form data.
- in: formData
- name: image
- required: true
- type: file
produces:
- application/json
responses:
- '201':
- description: Image uploaded successfully.
+ '200':
+ description: Successful operation.
headers:
Content-Location:
- description: Location of the image metadata.
- type: string
- Location:
- description: Location of the image binary.
+ description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
type: string
schema:
- $ref: '#/definitions/BrandingImage'
- '400':
- description: Error in input data format, for example, image is too large.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/IdentityProviderInfo'
'401':
description: Authentication failure.
schema:
@@ -11070,34 +14989,54 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference.
+ description: An account or identity provider not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Upload a dark theme image.
+ summary: Delete the service provider certificate.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - identity providers
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/light:
- delete:
- description: 'Delete account light theme branding images.
-
-
- **Example usage:**
+ /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/generate-sp-certificate:
+ post:
+ consumes:
+ - application/json
+ description: 'Generate a new service provider certificate.
- `curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light
- -H ''Authorization: Bearer API_KEY''`'
- operationId: deleteAllAccountLightImages
+ Note: This endpoint is restricted to administrators.'
+ operationId: generateAccountSpCertificate
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
+ - description: The ID of the identity provider for which to generate a certificate.
+ in: path
+ name: identity_provider_id
+ required: true
+ type: string
+ - description: Details of the service provider certificate to be generated.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/CertificateGenerationReq'
produces:
- application/json
responses:
- '204':
- description: Images have been deleted successfully.
+ '200':
+ description: Successful operation.
+ headers:
+ Content-Location:
+ description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
+ type: string
+ schema:
+ $ref: '#/definitions/IdentityProviderInfo'
+ '400':
+ description: Error in input data, for example, invalid certificate validity
+ value.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -11107,41 +15046,48 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or branding images not found.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Delete images in the light theme.
- tags:
- - Tenant user interface configuration - images
- x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve the metadata of all light theme branding images.
-
-
- **Example:**
-
- ```
-
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light
- \
-
- -H ''Authorization: Bearer ''
+ description: An account or identity provider not found.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Generate a new service provider certificate.
+ tags:
+ - Tenant accounts - identity providers
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/refresh-jwks:
+ post:
+ consumes:
+ - application/json
+ description: 'Refresh an OIDC IdP''s signing keys.
- ```'
- operationId: getAllAccountLightImageData
+ Note: This endpoint is restricted to administrators.'
+ operationId: refreshAccountJwks
parameters:
- - description: The ID of the account.
+ - description: The ID of the account to be managed.
in: path
name: account_id
required: true
type: string
+ - description: The ID of the identity provider for which to refresh the signing
+ keys.
+ in: path
+ name: identity_provider_id
+ required: true
+ type: string
produces:
- application/json
responses:
'200':
description: Successful operation.
+ headers:
+ Content-Location:
+ description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
+ type: string
schema:
- $ref: '#/definitions/BrandingImageList'
+ $ref: '#/definitions/IdentityProviderInfo'
+ '400':
+ description: Not an OIDC IdP or JWKS URI is unspecified.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -11151,48 +15097,38 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account not found.
+ description: An account or identity provider not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get metadata of all light theme images.
+ summary: Refresh the OIDC signing keys.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - identity providers
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/light/{reference}:
+ /v3/accounts/{account_id}/limitations:
get:
- description: 'Retrieve metadata for one account light theme branding image.
-
-
- **Example:**
-
- ```
-
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference}
- \
-
- -H ''Authorization: Bearer ''
+ description: 'Retrieve an array of entitlement limitations.
- ```'
- operationId: getAccountLightImageData
+ Note: This endpoint is restricted to administrators.'
+ operationId: aggregatorGetAccountLimitations
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
- in: path
- name: reference
- required: true
+ - description: Filter for finding account limitations by inheritance. True returns
+ also inherited limitations. False returns only non-inherited ones.
+ in: query
+ name: inherited__eq
+ required: false
type: string
produces:
- application/json
responses:
'200':
- description: Successful operation.
+ description: successful operation
schema:
- $ref: '#/definitions/BrandingImage'
+ $ref: '#/definitions/AccountLimitationList'
'401':
description: Authentication failure.
schema:
@@ -11202,44 +15138,40 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference, or account not found.
+ description: An account with the given ID not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get metadata of a light theme image.
+ summary: Get entitlement limitations.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - entitlement limitations
+ x-filter:
+ inherited:
+ - eq
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/light/{reference}/clear:
- post:
- description: 'Revert an account branding image to light theme default.
-
-
- **Example:**
-
- ```curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference}/clear
- \
-
- -H ''Authorization: Bearer ''
+ /v3/accounts/{account_id}/limitations/{limitation_id}:
+ get:
+ description: 'Retrieve an entitlement limitation.
- ```'
- operationId: clearAccountLightImage
+ Note: This endpoint is restricted to administrators.'
+ operationId: aggregatorGetAccountLimitation
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
+ - description: The ID of the limitation to be fetched.
in: path
- name: reference
+ name: limitation_id
required: true
type: string
produces:
- application/json
responses:
- '204':
- description: Image reverted successfully.
+ '200':
+ description: successful operation
+ schema:
+ $ref: '#/definitions/AccountLimitation'
'401':
description: Authentication failure.
schema:
@@ -11249,69 +15181,53 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference, or account not found.
+ description: Limitation or account with the given ID not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Revert an image to light theme default.
+ summary: Get an entitlement limitation.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - entitlement limitations
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/light/{reference}/upload:
- post:
- consumes:
- - image/png
- - image/jpeg
- description: 'Upload a new account light theme branding image in PNG or JPEG
- format.
-
-
- **Example:**
-
- ```
-
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference}/upload
- \
-
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: image/png'' --data-binary ''@myimage.png''
+ /v3/accounts/{account_id}/notifications:
+ get:
+ description: 'Retrieve an array of email notification logs.
- ```'
- operationId: uploadAccountLightImage
+ Note: This endpoint is restricted to administrators.'
+ operationId: getAccountNofificationEntries
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
- in: path
- name: reference
- required: true
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
type: string
- - description: The image in PNG or JPEG format.
- in: body
- name: body
- required: true
- schema:
- $ref: '#/definitions/Image'
produces:
- application/json
responses:
- '201':
- description: Image uploaded successfully.
- headers:
- Content-Location:
- description: Location of image metadata.
- type: string
- Location:
- description: Location of the image binary.
- type: string
+ '200':
+ description: Successful operation.
schema:
- $ref: '#/definitions/BrandingImage'
+ $ref: '#/definitions/NotificationEntryList'
'400':
- description: Error in input data format, for example, image is too large.
+ description: Error in input data, or missing or invalid parameters.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11319,57 +15235,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference, or account not found.
+ description: An account with the given ID not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Upload a light theme image.
+ summary: Get email notifications.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - email notification logs
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/branding-images/light/{reference}/upload-multipart:
- post:
- consumes:
- - multipart/form-data
- description: Upload a new account branding image as form data in PNG or JPEG
- format.
- operationId: uploadAccountLightImageMultipart
+ /v3/accounts/{account_id}/notifications/{notification_id}:
+ get:
+ description: 'Retrieve an email notifications log entry.
+
+ Note: This endpoint is restricted to administrators.'
+ operationId: getAccountNofificationEntry
parameters:
- - description: The ID of the account.
+ - description: The ID of the account for which this notification should be retrieved.
in: path
name: account_id
required: true
type: string
- - description: Name of the branding images (icon or picture).
- enum: *id021
+ - description: The ID of the notification entry to be retrieved.
in: path
- name: reference
+ name: notification_id
required: true
type: string
- - description: The image in PNG or JPEG format as multipart form data.
- in: formData
- name: image
- required: true
- type: file
produces:
- application/json
responses:
- '201':
- description: Image uploaded successfully.
- headers:
- Content-Location:
- description: Location of the image metadata.
- type: string
- Location:
- description: Location of the image binary.
- type: string
+ '200':
+ description: successful operation
schema:
- $ref: '#/definitions/BrandingImage'
+ $ref: '#/definitions/NotificationEntry'
'400':
- description: Error in input data format, for example, image is too large.
+ description: Error in input data, missing or invalid parameters.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11377,25 +15279,37 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Unknown image reference.
+ description: No entry found for the given ID.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Upload a light theme image.
+ summary: Get an email notification.
tags:
- - Tenant user interface configuration - images
+ - Tenant accounts - email notification logs
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/identity-providers:
+ /v3/accounts/{account_id}/policy-groups:
get:
- consumes:
- - application/json
- description: Retrieve identity providers in an array.
- operationId: getAllAccountIdentityProviders
+ description: 'Retrieve an array of policy groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAllAccountGroups
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
@@ -11407,14 +15321,14 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
@@ -11425,13 +15339,18 @@ paths:
name: include
required: false
type: string
+ - description: Filter for group name.
+ in: query
+ name: name__eq
+ required: false
+ type: string
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/IdentityProviderList'
+ $ref: '#/definitions/GroupSummaryList'
'401':
description: Authentication failure.
schema:
@@ -11441,54 +15360,60 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account not found.
+ description: An account with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get all identity providers.
+ summary: Get policy groups.
tags:
- - Tenant accounts - identity providers
+ - Tenant accounts - policy groups
+ x-filter:
+ name:
+ - eq
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
consumes:
- application/json
- description: Create a new identity provider.
- operationId: createAccountIdentityProvider
+ description: 'Create a new group.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"name": "MyGroup1"}''
+
+ ```'
+ operationId: createAccountGroup
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - allowEmptyValue: true
- description: 'Indicates that the OpenID Connect endpoints and keys should
- be set using the OpenID Connect Discovery mechanism. The following parameters
- are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint
- * revocation_endpoint * jwks_uri * keys'
- in: query
- name: discovery
- type: boolean
- - description: Details of the identity provider to create.
+ - description: Details of the group to create.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/IdentityProviderCreationReq'
+ $ref: '#/definitions/GroupCreationInfo'
produces:
- application/json
responses:
'201':
description: New entity created.
- headers:
- Content-Location:
- description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
- type: string
- Location:
- description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
- type: string
schema:
- $ref: '#/definitions/IdentityProviderInfo'
+ $ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, for example, too long name.
+ description: Error in input data, for example, invalid group name.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11500,26 +15425,44 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account not found.
+ description: An account with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Create a new identity provider.
+ '409':
+ description: A group with that name already exists.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Create a new group.
tags:
- - Tenant accounts - identity providers
+ - Tenant accounts - policy groups
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/identity-providers/{identity_provider_id}:
+ /v3/accounts/{account_id}/policy-groups/{group_id}:
delete:
- description: Delete an identity provider by ID.
- operationId: deleteAccountIdentityProvider
+ description: 'Delete a group.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: deleteAccountGroup
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the identity provider to delete.
+ - description: The ID of the group to delete.
in: path
- name: identity_provider_id
+ name: group_id
required: true
type: string
produces:
@@ -11532,29 +15475,43 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden, or identity provider is in use.
+ description: Forbidden, or Administrators group cannot be removed.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or identity provider not found.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete an identity provider by ID.
+ summary: Delete a group.
tags:
- - Tenant accounts - identity providers
+ - Tenant accounts - policy groups
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
get:
- description: Manage identity providers of a tenant account.
- operationId: getAccountIdentityProvider
+ description: 'Retrieve policy group details.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAccountGroupSummary
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the identity provider to retrieve.
+ - description: The ID of the group to retrieve.
in: path
- name: identity_provider_id
+ name: group_id
required: true
type: string
produces:
@@ -11563,7 +15520,7 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/IdentityProviderInfo'
+ $ref: '#/definitions/GroupSummary'
'401':
description: Authentication failure.
schema:
@@ -11573,52 +15530,63 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or identity provider not found.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Retrieve identity provider by ID.
+ summary: Get policy group.
tags:
- - Tenant accounts - identity providers
+ - Tenant accounts - policy groups
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
+ post:
consumes:
- application/json
- description: Update an existing identity provider.
- operationId: updateAccountIdentityProvider
+ description: 'Add users and API keys to groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"users": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
+
+ ```'
+ operationId: addSubjectsToAccountGroup
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the identity provider to update.
+ - description: The ID of the group to update.
in: path
- name: identity_provider_id
+ name: group_id
required: true
type: string
- - allowEmptyValue: true
- description: 'Indicates that the OpenID Connect endpoints and keys should
- be set using the OpenID Connect Discovery mechanism. The following parameters
- are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint
- * revocation_endpoint * jwks_uri * keys'
- in: query
- name: discovery
- type: boolean
- - description: Details of the identity provider to update.
+ - description: A list of users and API keys to add to the group.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/IdentityProviderUpdateReq'
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/IdentityProviderInfo'
+ $ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, for example, missing name.
+ description: Error in input data, for example, the user or API key does
+ not exist.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11630,94 +15598,66 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or identity provider not found.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Update an existing identity provider.
- tags:
- - Tenant accounts - identity providers
- x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/delete-sp-certificate:
- post:
- consumes:
- - application/json
- description: Delete a service provider certificate.
- operationId: deleteAccountSpCertificate
- parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the identity provider whose certificate should be deleted.
- in: path
- name: identity_provider_id
- required: true
- type: string
- produces:
- - application/json
- responses:
- '200':
- description: Successful operation.
- headers:
- Content-Location:
- description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
- type: string
- schema:
- $ref: '#/definitions/IdentityProviderInfo'
- '401':
- description: Authentication failure.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '403':
- description: Forbidden.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: Account or identity provider not found.
+ '409':
+ description: The user of this API key is a member of the group already.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete the service provider certificate.
+ summary: Add members to a group.
tags:
- - Tenant accounts - identity providers
+ - Tenant accounts - policy groups
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/generate-sp-certificate:
- post:
+ put:
consumes:
- application/json
- description: Generate a new service provider certificate.
- operationId: generateAccountSpCertificate
+ description: 'Update a group name.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"name": "TestGroup2"}''
+
+ ```'
+ operationId: updateAccountGroupName
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the identity provider for which to generate a certificate.
+ - description: The ID of the group to update.
in: path
- name: identity_provider_id
+ name: group_id
required: true
type: string
- - description: Details of the service provider certificate to be generated.
+ - description: Details of the group to create.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/CertificateGenerationReq'
+ $ref: '#/definitions/GroupUpdateInfo'
produces:
- application/json
responses:
'200':
description: Successful operation.
- headers:
- Content-Location:
- description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
- type: string
schema:
- $ref: '#/definitions/IdentityProviderInfo'
+ $ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, for example, invalid certificate validity
- value.
+ description: Error in input data, for example, the group name is too long.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11729,44 +15669,65 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or identity provider not found.
+ description: A group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Generate a new service provider certificate.
+ summary: Update the group name.
tags:
- - Tenant accounts - identity providers
+ - Tenant accounts - policy groups
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/refresh-jwks:
- post:
+ /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys:
+ delete:
consumes:
- application/json
- description: Refreshes an OIDC IdP's signing keys.
- operationId: refreshAccountJwks
+ deprecated: true
+ description: 'Remove API keys from groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"apikeys": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
+
+ ```'
+ operationId: removeApiKeysFromAccountGroup
parameters:
- - description: The ID of the account to be managed.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the identity provider for which to refresh the signing
- keys.
+ - description: The ID of the group to remove API keys from.
in: path
- name: identity_provider_id
+ name: group_id
required: true
type: string
+ - description: A list of API keys to remove from the group.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
'200':
description: Successful operation.
- headers:
- Content-Location:
- description: /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
- type: string
schema:
- $ref: '#/definitions/IdentityProviderInfo'
+ $ref: '#/definitions/GroupSummary'
'400':
- description: Not an OIDC IdP or JWKS URI is unspecified.
+ description: Error in input data, for example, the array of API keys is
+ missing.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11778,36 +15739,79 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or identity provider not found.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Refreshes the OIDC signing keys.
+ summary: Remove API keys from a group.
tags:
- - Tenant accounts - identity providers
+ - Tenant accounts - policy groups
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/limitations:
get:
- description: An endpoint for retrieving all limitations of an account.
- operationId: aggregatorGetAccountLimitations
+ deprecated: true
+ description: 'Retrieve an array of API keys associated with a policy group.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getApiKeysOfAccountGroup
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: Filter for finding account limitations by inheritance. True returns
- also inherited limitations. False returns only non-inherited ones.
+ - description: The ID of the group to retrieve API keys for.
+ in: path
+ name: group_id
+ required: true
+ type: string
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
in: query
- name: inherited__eq
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
required: false
type: string
produces:
- application/json
responses:
'200':
- description: successful operation
+ description: Successful operation.
schema:
- $ref: '#/definitions/AccountLimitationList'
+ $ref: '#/definitions/ApiKeyInfoRespList'
'401':
description: Authentication failure.
schema:
@@ -11817,38 +15821,64 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account with the given ID not found.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get all limitations of an account.
+ summary: Get API keys in a group.
tags:
- - Tenant accounts - limitations
- x-filter:
- inherited:
- - eq
+ - Tenant accounts - policy groups
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/applications
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/limitations/{limitation_id}:
- get:
- description: An endpoint for retrieving a limitation of an account.
- operationId: aggregatorGetAccountLimitation
+ post:
+ deprecated: true
+ description: 'Add API keys to account groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: addApiKeysToAccountGroup
parameters:
- description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the limitation to be fetched.
+ - description: The ID of the group to retrieve API keys for.
in: path
- name: limitation_id
+ name: group_id
required: true
type: string
+ - description: A list of API keys to add to the group.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
'200':
- description: successful operation
+ description: Successful operation.
schema:
- $ref: '#/definitions/AccountLimitation'
+ $ref: '#/definitions/GroupSummary'
+ '400':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -11858,51 +15888,71 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Limitation or account with the given ID not found.
+ description: An account or group with that ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: The API Key is a member of the group or account already.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get a limitation of an account.
+ summary: Add API keys to Account group.
tags:
- - Tenant accounts - limitations
+ - Tenant accounts - policy groups
+ x-deprecation:
+ comment: This endpoint is deprecated. use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add/
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/notifications:
- get:
- description: Retrieve notifications.
- operationId: getAccountNofificationEntries
+ /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add:
+ post:
+ deprecated: true
+ description: 'Add API keys to account groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"apikeys": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
+
+ ```'
+ operationId: addListedApiKeysToAccountGroup
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - default: 50
- description: The number of results to return (2-1000). Default 50.
- format: int32
- in: query
- name: limit
- required: false
- type: integer
- - description: The entity ID to fetch after the given one.
- in: query
- name: after
- required: false
- type: string
- - default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
- in: query
- name: order
- required: false
+ - description: The ID of the group to remove API keys from.
+ in: path
+ name: group_id
+ required: true
type: string
+ - description: A list of API keys to add to the group.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/NotificationEntryList'
+ $ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, or missing or invalid parameters.
+ description: Successful operation.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11910,41 +15960,78 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account with the given ID not found.
+ description: An account or group with that ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: The API key is a member of the account group already.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get the notification events of an account.
+ summary: Add API keys to account group.
tags:
- - Tenant accounts - email notification logs
+ - Tenant accounts - policy groups
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/applications/add
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/notifications/{notification_id}:
- get:
- description: An endpoint for retrieving notification event details of an account.
- operationId: getAccountNofificationEntry
+ /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove:
+ post:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Remove API keys from groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"apikeys": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
+
+ ```'
+ operationId: removeListedApiKeysFromAccountGroup
parameters:
- - description: The ID of the account for which this notification should be retrieved.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the notification entry to be retrieved.
+ - description: The ID of the group to remove API keys from.
in: path
- name: notification_id
+ name: group_id
required: true
type: string
+ - description: A list of API keys to remove from the group.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
'200':
- description: successful operation
+ description: Successful operation.
schema:
- $ref: '#/definitions/NotificationEntry'
+ $ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, missing or invalid parameters.
+ description: Error in input data, for example, the array of API keys is
+ missing.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -11952,39 +16039,49 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: No entry found for the given ID.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get a notification event of an account.
+ summary: Remove API keys from a group.
tags:
- - Aggregator Account Admin
+ - Tenant accounts - policy groups
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/applications/remove
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups:
+ /v3/accounts/{account_id}/policy-groups/{group_id}/applications:
get:
- description: 'Retrieve all group information.
+ description: 'Retrieve an array of applications associated with a policy group.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/applications
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAllAccountGroups
+ operationId: getApplicationsOfAccountGroup
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
+ - description: The ID of the group to retrieve applications for.
+ in: path
+ name: group_id
+ required: true
+ type: string
- default: 50
description: The number of results to return (2-1000). Default 50.
format: int32
@@ -11992,14 +16089,14 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
@@ -12010,18 +16107,13 @@ paths:
name: include
required: false
type: string
- - description: Filter for group name.
- in: query
- name: name__eq
- required: false
- type: string
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/GroupSummaryList'
+ $ref: '#/definitions/ApplicationList'
'401':
description: Authentication failure.
schema:
@@ -12031,58 +16123,59 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account with the specified ID does not exist.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get all group information.
+ summary: Get applications in a group.
tags:
- Tenant accounts - policy groups
- x-filter:
- name:
- - eq
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/policy-groups/{group_id}/applications/add:
post:
- consumes:
- - application/json
- description: 'Create a new group.
+ description: 'Add applications to account groups.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/applications/add
\
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
- -d ''{"name": "MyGroup1"}''
+ -d ''{"applications": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
```'
- operationId: createAccountGroup
+ operationId: addListedApplicationsToAccountGroup
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: Details of the group to create.
+ - description: The ID of the group to add applications to.
+ in: path
+ name: group_id
+ required: true
+ type: string
+ - description: A list of applications to add to the group.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/GroupCreationInfo'
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
- '201':
- description: New entity created.
+ '200':
+ description: Successful operation.
schema:
$ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, for example, invalid group name.
+ description: Successful operation.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -12094,98 +16187,221 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account with the specified ID does not exist.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
'409':
- description: A group with that name already exists.
+ description: The application is a member of the group already.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Create a new group.
+ summary: Add applications to account group.
tags:
- Tenant accounts - policy groups
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups/{group_id}:
- delete:
- description: 'Delete a group.
+ /v3/accounts/{account_id}/policy-groups/{group_id}/applications/remove:
+ post:
+ consumes:
+ - application/json
+ description: 'Remove applications from groups.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/applications/remove
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"applications": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
```'
- operationId: deleteAccountGroup
+ operationId: removeListedApplicationsFromAccountGroup
+ parameters:
+ - description: The ID of the account.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the group to remove applications from.
+ in: path
+ name: group_id
+ required: true
+ type: string
+ - description: A list of applications to remove from the group.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/SubjectList'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/GroupSummary'
+ '400':
+ description: Error in input data, for example, the array of applications
+ is missing.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or group with that ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Remove applications from a group.
+ tags:
+ - Tenant accounts - policy groups
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/policy-groups/{group_id}/users:
+ delete:
+ consumes:
+ - application/json
+ deprecated: true
+ description: "Remove users from groups.\nNote: This endpoint is restricted\
+ \ to administrators.\n\n**Example:**\n```\ncurl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users\
+ \ \\\n-H 'Authorization: Bearer ' \\\n -H 'content-type: application/json'\
+ \ \\\n-d '{\"users\": [\"0162056a9a1586f30242590700000000\",\"0117056a9a1586f30242590700000000\"\
+ ]}'\n```"
+ operationId: removeUsersFromAccountGroup
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to delete.
+ - description: The ID of the group to remove users from.
in: path
name: group_id
required: true
type: string
+ - description: A list of users to remove from the group.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
- '204':
- description: Deleted successfully.
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/GroupSummary'
+ '400':
+ description: Error in input data, for example, the last user to remove from
+ Administrators group.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden, or Administrators group cannot be removed.
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete a group.
+ summary: Remove users from a group.
tags:
- Tenant accounts - policy groups
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/remove/
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
get:
- description: 'Retrieve general information about the group.
+ description: 'Retrieve an array of users associated with a policy group.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAccountGroupSummary
+ operationId: getUsersOfAccountGroup
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to retrieve.
+ - description: The ID of the group to retrieve users for.
in: path
name: group_id
required: true
type: string
+ - default: 50
+ description: The number of results to return (2-1000). Default 50.
+ format: int32
+ in: query
+ name: limit
+ required: false
+ type: integer
+ - description: The entity ID to retrieve after the given one.
+ in: query
+ name: after
+ required: false
+ type: string
+ - default: ASC
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
+ in: query
+ name: order
+ required: false
+ type: string
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
+ in: query
+ name: include
+ required: false
+ type: string
+ - description: An optional filter to retrieve users by status.
+ in: query
+ name: status__eq
+ required: false
+ type: string
+ - description: An optional filter to retrieve users with a specified set of
+ statuses.
+ in: query
+ name: status__in
+ required: false
+ type: string
+ - description: An optional filter to exclude users with a specified set of statuses.
+ in: query
+ name: status__nin
+ required: false
+ type: string
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/GroupSummary'
+ $ref: '#/definitions/UserInfoRespList'
'401':
description: Authentication failure.
schema:
@@ -12198,43 +16414,45 @@ paths:
description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get group information.
+ summary: Get users in a policy group.
tags:
- Tenant accounts - policy groups
+ x-filter:
+ status:
+ - eq
+ - in
+ - nin
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
- consumes:
- - application/json
- description: 'Add users and API keys to groups.
+ deprecated: true
+ description: 'Add users to account group.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''{"users": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
+ -H ''Authorization: Bearer ''
```'
- operationId: addSubjectsToAccountGroup
+ operationId: addUsersToAccountGroup
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to update.
+ - description: The ID of the group to add users to.
in: path
name: group_id
required: true
type: string
- - description: A list of users and API keys to add to the group.
+ - description: A list of user IDs to add to the group.
in: body
name: body
required: true
@@ -12248,8 +16466,7 @@ paths:
schema:
$ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, for example, the user or API key does
- not exist.
+ description: Successful operation.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -12265,51 +16482,53 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'409':
- description: The user of this API key is a member of the group already.
+ description: The user is a member of the account group already.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add members to a group.
+ summary: Add users to account group.
tags:
- Tenant accounts - policy groups
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/add/
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- put:
- consumes:
- - application/json
- description: 'Update a group name.
+ /v3/accounts/{account_id}/policy-groups/{group_id}/users/add:
+ post:
+ description: 'Add users to account group.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/add
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''{"name": "TestGroup2"}''
+ -H ''Authorization: Bearer ''
```'
- operationId: updateAccountGroupName
+ operationId: addListedUsersToAccountGroup
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to update.
+ - description: The ID of the group to retrieve users for.
in: path
name: group_id
required: true
type: string
- - description: Details of the group to create.
+ - description: A list of users to add to the group.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/GroupUpdateInfo'
+ $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
@@ -12318,7 +16537,7 @@ paths:
schema:
$ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, for example, the group name is too long.
+ description: Successful operation.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -12330,48 +16549,39 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: A group with that ID does not exist.
+ description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Update the group name.
+ '409':
+ description: The user is a member of the account group already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Add users to account group.
tags:
- Tenant accounts - policy groups
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys:
- delete:
+ /v3/accounts/{account_id}/policy-groups/{group_id}/users/remove:
+ post:
consumes:
- application/json
- deprecated: true
- description: 'Remove API keys from groups.
-
-
- **Example:**
-
- ```
-
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
- \
-
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''{"apikeys": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
-
- ```'
- operationId: removeApiKeysFromAccountGroup
+ description: "Remove users from groups.\nNote: This endpoint is restricted\
+ \ to administrators.\n\n**Example:**\n```\ncurl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/remove\
+ \ \\\n-H 'Authorization: Bearer ' \\\n -H 'content-type: application/json'\
+ \ \\\n-d '{\"users\": [\"0162056a9a1586f30242590700000000\",\"0117056a9a1586f30242590700000000\"\
+ ]}'\n```"
+ operationId: removeListedUsersFromAccountGroup
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to remove API keys from.
+ - description: The ID of the group to remove users from.
in: path
name: group_id
required: true
type: string
- - description: A list of API keys to remove from the group.
+ - description: A list of users to remove from the group.
in: body
name: body
required: true
@@ -12385,8 +16595,8 @@ paths:
schema:
$ref: '#/definitions/GroupSummary'
'400':
- description: Error in input data, for example, the array of API keys is
- missing.
+ description: Error in input data, for example, the last user to remove from
+ Administrators group.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -12401,41 +16611,34 @@ paths:
description: An account or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Remove API keys from a group.
+ summary: Remove users from a group.
tags:
- Tenant accounts - policy groups
- x-deprecation:
- comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove
- end_of_life_at: '2020-07-11T11:04:57+00:00'
- issued_at: '2019-07-11T11:04:57+00:00'
- links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/trusted-certificates:
get:
- description: 'List the API keys of the group with details.
+ description: 'Retrieve an array of trusted certificates.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getApiKeysOfAccountGroup
+ operationId: getAllAccountCertificates
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to retrieve API keys for.
- in: path
- name: group_id
- required: true
- type: string
- default: 50
description: The number of results to return (2-1000). Default 50.
format: int32
@@ -12443,14 +16646,14 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
@@ -12461,267 +16664,325 @@ paths:
name: include
required: false
type: string
+ - description: Filter for certificate name.
+ in: query
+ name: name__eq
+ required: false
+ type: string
+ - description: Filter for service.
+ in: query
+ name: service__eq
+ required: false
+ type: string
+ - description: Filter for expire.
+ format: int32
+ in: query
+ name: expire__eq
+ required: false
+ type: integer
+ - description: Filter for developer certificates.
+ format: int32
+ in: query
+ name: device_execution_mode__eq
+ required: false
+ type: integer
+ - description: Filter for not developer certificates.
+ format: int32
+ in: query
+ name: device_execution_mode__neq
+ required: false
+ type: integer
+ - description: Owner name filter.
+ in: query
+ name: owner__eq
+ required: false
+ type: string
+ - description: Enrollment mode filter.
+ in: query
+ name: enrollment_mode__eq
+ required: false
+ type: boolean
+ - description: Filter for certificate status.
+ in: query
+ name: status__eq
+ required: false
+ type: string
+ - description: 'Filter for issuer. Finds all matches where the filter value
+ is a case-insensitive substring of the result. Example: issuer__like=cn=iss
+ matches CN=issuer.'
+ in: query
+ name: issuer__like
+ required: false
+ type: string
+ - description: 'Filter for subject. Finds all matches where the filter value
+ is a case-insensitive substring of the result. Example: subject__like=cn=su
+ matches CN=subject.'
+ in: query
+ name: subject__like
+ required: false
+ type: string
+ - description: Filter for certificate fingerprint.
+ in: query
+ name: certificate_fingerprint__eq
+ required: false
+ type: string
+ - description: Filter for finding certificates by validity. True returns certificates
+ which are not yet expired. False returns certificates which have expired.
+ in: query
+ name: valid__eq
+ required: false
+ type: boolean
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ $ref: '#/definitions/TrustedCertificateRespList'
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden, only available for administrators of commercial
+ accounts.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
+ description: An account with the given ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get API keys of a group.
+ summary: Get trusted certificates.
tags:
- - Tenant accounts - policy groups
+ - Tenant security and identity - certificates
+ x-filter:
+ certificate_fingerprint:
+ - eq
+ device_execution_mode:
+ - eq
+ - neq
+ enrollment_mode:
+ - eq
+ expire:
+ - eq
+ issuer:
+ - like
+ name:
+ - eq
+ owner:
+ - eq
+ service:
+ - eq
+ status:
+ - eq
+ subject:
+ - like
+ valid:
+ - eq
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
- deprecated: true
- description: 'Add API keys to account groups.
+ consumes:
+ - application/json
+ description: 'Upload new trusted certificate.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d {"name": "myCert1", "description": "very important cert", "certificate":
+ "certificate_data", "service": "lwm2m"}
```'
- operationId: addApiKeysToAccountGroup
+ operationId: addAccountCertificate
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to retrieve API keys for.
- in: path
- name: group_id
- required: true
- type: string
- - description: A list of API keys to add to the group.
+ - description: A trusted certificate object with attributes. Signature is optional.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/SubjectList'
+ $ref: '#/definitions/TrustedCertificateReq'
produces:
- application/json
responses:
- '200':
- description: Successful operation.
+ '201':
+ description: New entity created.
schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ $ref: '#/definitions/TrustedCertificateResp'
'400':
- description: Successful operation.
+ description: Invalid certificate data, certificate validation failed, certificate
+ already expired or certificate uses unsupported, or weak cipher.
schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden, only available for administrators of commercial
+ accounts.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: The API Key is a member of the group or account already.
+ description: An account with the given ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add API keys to Account group.
+ summary: Upload new trusted certificate.
tags:
- - Tenant accounts - policy groups
- x-deprecation:
- comment: This endpoint is deprecated. use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add/
- end_of_life_at: '2020-07-11T11:04:57+00:00'
- issued_at: '2019-07-11T11:04:57+00:00'
- links: []
+ - Tenant security and identity - certificates
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add:
- post:
- description: 'Add API keys to account groups.
+ /v3/accounts/{account_id}/trusted-certificates/{cert_id}:
+ delete:
+ description: 'Delete a trusted certificate.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: addListedApiKeysToAccountGroup
+ operationId: deleteAccountCertificate
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to retrieve API keys for.
+ - description: The ID of the trusted certificate to delete.
in: path
- name: group_id
+ name: cert_id
required: true
type: string
- - description: A list of API keys to add to the group.
- in: body
- name: body
- required: true
- schema:
- $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
- '400':
- description: Successful operation.
- schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ '204':
+ description: Deleted successfully.
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden, only available for administrators of commercial
+ accounts.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: The API key is a member of the account group already.
+ description: An account or certificate with the given ID not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add API keys to account group.
+ summary: Delete a trusted certificate by ID.
tags:
- - Tenant accounts - policy groups
+ - Tenant security and identity - certificates
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove:
- post:
- consumes:
- - application/json
- description: 'Remove API keys from groups.
+ get:
+ description: 'Retrieve a trusted certificate.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id}
\
- -H ''Authorization: Bearer '' \
-
- -H ''content-type: application/json'' \
-
- -d ''{"apikeys": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}''
+ -H ''Authorization: Bearer ''
```'
- operationId: removeListedApiKeysFromAccountGroup
+ operationId: getAccountCertificate
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to remove API keys from.
+ - description: The ID of the trusted certificate to retrieve.
in: path
- name: group_id
+ name: cert_id
required: true
type: string
- - description: A list of API keys to remove from the group.
- in: body
- name: body
- required: true
- schema:
- $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/GroupSummary'
- '400':
- description: Error in input data, for example, the array of API keys is
- missing.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/TrustedCertificateResp'
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden, only available for administrators of commercial
+ accounts.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
+ description: An account or certificate with the given ID not found.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Remove API keys from a group.
+ summary: Get a trusted certificate.
tags:
- - Tenant accounts - policy groups
+ - Tenant security and identity - certificates
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups/{group_id}/users:
- delete:
+ put:
consumes:
- application/json
- deprecated: true
- description: "Remove users from groups.\n\n**Example:**\n```\ncurl -X DELETE\
- \ https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users\
- \ \\\n-H 'Authorization: Bearer ' \\\n -H 'content-type: application/json'\
- \ \\\n-d '{\"users\": [\"0162056a9a1586f30242590700000000\",\"0117056a9a1586f30242590700000000\"\
- ]}'\n```"
- operationId: removeUsersFromAccountGroup
+ description: "Update a trusted certificate.\nNote: This endpoint is restricted\
+ \ to administrators.\n\n**Example:**\n```\ncurl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id}\
+ \ \\\n -H 'Authorization: Bearer ' \\\n -H 'content-type: application/json'\
+ \ \\\n -d {\"description\": \"very important cert\"}\n ```"
+ operationId: updateAccountCertificate
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to remove users from.
+ - description: The ID of the trusted certificate to update.
in: path
- name: group_id
+ name: cert_id
required: true
type: string
- - description: A list of users to remove from the group.
+ - description: A trusted certificate object with attributes.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/SubjectList'
+ $ref: '#/definitions/TrustedCertificateUpdateReq'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/GroupSummary'
+ $ref: '#/definitions/TrustedCertificateResp'
'400':
- description: Error in input data, for example, the last user to remove from
- Administrators group.
+ description: Invalid certificate data, certificate validation failed, certificate
+ already expired or certificate uses unsupported, or weak cipher.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -12729,48 +16990,42 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden, only available for administrators of commercial
+ accounts.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
+ description: An account or certificate with the given ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Remove users from a group.
+ summary: Update trusted certificate.
tags:
- - Tenant accounts - policy groups
- x-deprecation:
- comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/remove/
- end_of_life_at: '2020-07-11T11:04:57+00:00'
- issued_at: '2019-07-11T11:04:57+00:00'
- links: []
+ - Tenant security and identity - certificates
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/user-invitations:
get:
- description: 'List a group''s users, with details.
+ description: 'Retrieve an array of active user invitations.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getUsersOfAccountGroup
+ operationId: getAllAccountInvitations
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to retrieve users for.
- in: path
- name: group_id
- required: true
- type: string
- default: 50
description: The number of results to return (2-1000). Default 50.
format: int32
@@ -12778,38 +17033,21 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
type: string
- - description: 'Comma-separated additional data to return. Currently supported:
- total_count.'
- in: query
- name: include
- required: false
- type: string
- - description: An optional filter to retrieve users by status.
- in: query
- name: status__eq
- required: false
- type: string
- - description: An optional filter to retrieve users with a specified set of
- statuses.
- in: query
- name: status__in
- required: false
- type: string
- - description: An optional filter to exclude users with a specified set of statuses.
+ - description: Filter to retrieve user invitations by a specified login profile.
in: query
- name: status__nin
+ name: login_profiles__eq
required: false
type: string
produces:
@@ -12818,7 +17056,7 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoRespList'
+ $ref: '#/definitions/UserInvitationRespList'
'401':
description: Authentication failure.
schema:
@@ -12828,62 +17066,62 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
+ description: An account with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get users of a group.
+ summary: Get user invitations.
tags:
- - Tenant accounts - policy groups
+ - Tenant accounts - user invitations
x-filter:
- status:
+ login_profiles:
- eq
- - in
- - nin
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
- deprecated: true
- description: 'Add users to account group.
+ consumes:
+ - application/json
+ description: 'Invite a new or existing user.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accouns/{account_id}/user-invitations
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d {"email": "myemail@company.com"}
```'
- operationId: addUsersToAccountGroup
+ operationId: createAccountInvitation
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to retrieve API keys for.
- in: path
- name: group_id
- required: true
- type: string
- - description: A list of API keys to add to the group.
+ - description: A user invitation object with attributes.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/SubjectList'
+ $ref: '#/definitions/UserInvitationReq'
produces:
- application/json
responses:
- '200':
- description: Successful operation.
+ '201':
+ description: New entity created.
schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ $ref: '#/definitions/UserInvitationResp'
'400':
- description: Successful operation.
+ description: Error in input data, for example, invalid email address.
schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -12892,67 +17130,44 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: An account or group with that ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: The user is a member of the account group already.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Add users to account group.
+ summary: Create a user invitation.
tags:
- - Tenant accounts - policy groups
- x-deprecation:
- comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/add/
- end_of_life_at: '2020-07-11T11:04:57+00:00'
- issued_at: '2019-07-11T11:04:57+00:00'
- links: []
+ - Tenant accounts - user invitations
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups/{group_id}/users/add:
- post:
- description: 'Add users to account group.
+ /v3/accounts/{account_id}/user-invitations/{invitation_id}:
+ delete:
+ description: 'Delete an active user invitation sent to a new or existing user.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/add
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations/{invitation_id}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: addListedUsersToAccountGroup
+ operationId: deleteAccountInvitation
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to retrieve API keys for.
+ - description: The ID of the invitation to delete.
in: path
- name: group_id
+ name: invitation_id
required: true
type: string
- - description: A list of API keys to add to the group.
- in: body
- name: body
- required: true
- schema:
- $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
- '400':
- description: Successful operation.
- schema:
- $ref: '#/definitions/ApiKeyInfoRespList'
+ '204':
+ description: Deleted successfully.
'401':
description: Authentication failure.
schema:
@@ -12962,55 +17177,49 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: The user is a member of the account group already.
+ description: An account or invitation with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add users to account group.
+ summary: Delete a user invitation.
tags:
- - Tenant accounts - policy groups
+ - Tenant accounts - user invitations
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/policy-groups/{group_id}/users/remove:
- post:
- consumes:
- - application/json
- description: "Remove users from groups.\n\n**Example:**\n```\ncurl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users\
- \ \\\n-H 'Authorization: Bearer ' \\\n -H 'content-type: application/json'\
- \ \\\n-d '{\"users\": [\"0162056a9a1586f30242590700000000\",\"0117056a9a1586f30242590700000000\"\
- ]}'\n```"
- operationId: removeListedUsersFromAccountGroup
+ get:
+ description: 'Retrieve details of an active user invitation sent for a new or
+ existing user.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations/{invitation_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getAccountInvitation
parameters:
- - description: The ID of the account.
+ - description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the group to remove users from.
+ - description: The ID of the invitation to retrieve.
in: path
- name: group_id
+ name: invitation_id
required: true
type: string
- - description: A list of users to remove from the group.
- in: body
- name: body
- required: true
- schema:
- $ref: '#/definitions/SubjectList'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/GroupSummary'
- '400':
- description: Error in input data, for example, the last user to remove from
- Administrators group.
- schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/UserInvitationResp'
'401':
description: Authentication failure.
schema:
@@ -13020,29 +17229,31 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or group with that ID does not exist.
+ description: An account or invitation with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Remove users from a group.
+ summary: Details of a user invitation.
tags:
- - Tenant accounts - policy groups
+ - Tenant accounts - user invitations
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/trusted-certificates:
+ /v3/accounts/{account_id}/users:
get:
- description: 'Retrieve trusted certificates in an array.
+ description: 'Retrieve an array of users.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAllAccountCertificates
+ operationId: getAllAccountUsers
parameters:
- description: Account ID.
in: path
@@ -13056,14 +17267,14 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
@@ -13074,158 +17285,115 @@ paths:
name: include
required: false
type: string
- - description: Filter for certificate name.
- in: query
- name: name__eq
- required: false
- type: string
- - description: Filter for service.
- in: query
- name: service__eq
- required: false
- type: string
- - description: Filter for expire.
- format: int32
- in: query
- name: expire__eq
- required: false
- type: integer
- - description: Filter for developer certificates.
- format: int32
- in: query
- name: device_execution_mode__eq
- required: false
- type: integer
- - description: Filter for not developer certificates.
- format: int32
- in: query
- name: device_execution_mode__neq
- required: false
- type: integer
- - description: Owner name filter.
+ - description: Filter for email address.
in: query
- name: owner__eq
+ name: email__eq
required: false
type: string
- - description: Enrollment mode filter.
- in: query
- name: enrollment_mode__eq
- required: false
- type: boolean
- - description: Filter for certificate status.
+ - description: Filter for status.
in: query
name: status__eq
required: false
type: string
- - description: 'Filter for issuer. Finds all matches where the filter value
- is a case-insensitive substring of the result. Example: issuer__like=cn=iss
- matches CN=issuer.'
+ - description: An optional filter to retrieve users with a specified set of
+ statuses.
in: query
- name: issuer__like
+ name: status__in
required: false
type: string
- - description: 'Filter for subject. Finds all matches where the filter value
- is a case-insensitive substring of the result. Example: subject__like=cn=su
- matches CN=subject.'
+ - description: An optional filter to exclude users with a specified set of statuses.
in: query
- name: subject__like
+ name: status__nin
required: false
type: string
- - description: Filter for finding certificates by validity. True returns certificates
- which are not yet expired. False returns certificates which have expired.
+ - description: An optional filter to retrieve users with a specified login profile.
in: query
- name: valid__eq
+ name: login_profiles__eq
required: false
- type: boolean
+ type: string
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/TrustedCertificateRespList'
+ $ref: '#/definitions/UserInfoRespList'
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden, only available for admins of commercial accounts.
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
description: An account with the given ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get all trusted certificates.
+ summary: Get users.
tags:
- - Tenant device security - certificates
+ - Tenant accounts - users
x-filter:
- device_execution_mode:
- - eq
- - neq
- enrollment_mode:
- - eq
- expire:
- - eq
- issuer:
- - like
- name:
- - eq
- owner:
+ email:
- eq
- service:
+ login_profiles:
- eq
status:
- eq
- subject:
- - like
- valid:
- - eq
+ - in
+ - nin
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
consumes:
- application/json
- description: 'Upload new trusted certificates.
+ description: 'Create or invite a new user to the account. Only email address
+ is used; other attributes are set in the second step.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users
\
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
- -d {"name": "myCert1", "description": "very important cert", "certificate":
- "certificate_data", "service": "lwm2m"}
+ -d {"email": "myemail@company.com"}
```'
- operationId: addAccountCertificate
+ operationId: createAccountUser
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: A trusted certificate object with attributes. Signature is optional.
+ - description: A user object with attributes.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/TrustedCertificateReq'
+ $ref: '#/definitions/UserInfoReq'
+ - default: create
+ description: Create or invite user.
+ in: query
+ name: action
+ required: false
+ type: string
produces:
- application/json
responses:
'201':
description: New entity created.
schema:
- $ref: '#/definitions/TrustedCertificateResp'
+ $ref: '#/definitions/UserInfoResp'
'400':
- description: Invalid certificate data, certificate validation failed, certificate
- already expired or certificate uses unsupported, or weak cipher.
+ description: Error in input data, for example, an invalid email address.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -13233,42 +17401,48 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden, only available for admins of commercial accounts.
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account with the given ID does not exist.
+ description: An account with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Upload new trusted certificate.
+ '409':
+ description: A user with the given username or email already exists.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Create a new user.
tags:
- - Tenant device security - certificates
+ - Tenant accounts - users
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/trusted-certificates/{cert_id}:
+ /v3/accounts/{account_id}/users/{user_id}:
delete:
- description: 'Delete the trusted certificate.
+ description: 'Delete a user.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id}
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: deleteAccountCertificate
+ operationId: deleteAccountUser
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the trusted certificate to delete.
+ - description: The ID of the user to delete.
in: path
- name: cert_id
+ name: user_id
required: true
type: string
produces:
@@ -13276,46 +17450,52 @@ paths:
responses:
'204':
description: Deleted successfully.
+ '400':
+ description: Bad request, for example, trying to delete an active user.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden, only available for admins of commercial accounts.
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or certificate with the given ID not found.
+ description: An account or user with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete trusted certificate by ID.
+ summary: Delete a user.
tags:
- - Tenant device security - certificates
+ - Tenant accounts - users
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
get:
- description: 'Retrieve a trusted certificate by ID.
+ description: 'Retrieve user details.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id}
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAccountCertificate
+ operationId: getAccountUser
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the trusted certificate to retrieve.
+ - description: The ID of the user to retrieve.
in: path
- name: cert_id
+ name: user_id
required: true
type: string
produces:
@@ -13324,58 +17504,147 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/TrustedCertificateResp'
+ $ref: '#/definitions/UserInfoResp'
'401':
description: Authentication failure.
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden, only available for admins of commercial accounts.
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: Account or certificate with the given ID not found.
+ description: An account or user with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get trusted certificate by ID.
+ summary: Details of the user.
tags:
- - Tenant device security - certificates
+ - Tenant accounts - users
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
put:
consumes:
- application/json
- description: "Update existing trusted certificates.\n\n**Example:**\n```\ncurl\
- \ -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id}\
- \ \\\n -H 'Authorization: Bearer ' \\\n -H 'content-type: application/json'\
- \ \\\n -d {\"description\": \"very important cert\"}\n ```"
- operationId: updateAccountCertificate
+ description: 'Update user details.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''{"username": "myusername"}''
+
+ ```'
+ operationId: updateAccountUser
+ parameters:
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the user to update.
+ in: path
+ name: user_id
+ required: true
+ type: string
+ - description: A user object with attributes.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/UserUpdateReq'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/UserInfoResp'
+ '400':
+ description: Error in input data, for example, an invalid email address.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account or user with the given ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: A user with the given username or email already exists.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Update user details.
+ tags:
+ - Tenant accounts - users
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/users/{user_id}/groups:
+ delete:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Remove user from groups.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+
+ ```'
+ operationId: removeAccountUserFromGroups
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the trusted certificate to update.
+ - description: The ID of the user to remove from the group.
in: path
- name: cert_id
+ name: user_id
required: true
type: string
- - description: A trusted certificate object with attributes.
+ - description: A list of IDs of the groups to update.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/TrustedCertificateUpdateReq'
+ items:
+ type: string
+ type: array
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/TrustedCertificateResp'
+ $ref: '#/definitions/UserInfoResp'
'400':
- description: Invalid certificate data, certificate validation failed, certificate
- already expired or certificate uses unsupported, or weak cipher.
+ description: Error in input data.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -13383,40 +17652,40 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden, only available for admins of commercial accounts.
+ description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or certificate with the given ID does not exist.
+ description: An account, user, or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Update trusted certificate.
+ summary: Remove user from groups.
tags:
- - Tenant device security - certificates
+ - Tenant accounts - users
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/remove/
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/user-invitations:
get:
- description: 'Retrieve details of all active user invitations sent for new or
- existing users.
+ description: 'Retrieve an array of policy groups associated with a user.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAllAccountInvitations
+ operationId: getGroupsOfAccountUser
parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- default: 50
description: The number of results to return (2-1000). Default 50.
format: int32
@@ -13424,30 +17693,41 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
type: string
- - description: Filter to retrieve user invitations by a specified login profile.
+ - description: 'Comma-separated additional data to return. Currently supported:
+ total_count.'
in: query
- name: login_profiles__eq
+ name: include
required: false
type: string
+ - description: Account ID.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the user.
+ in: path
+ name: user_id
+ required: true
+ type: string
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInvitationRespList'
+ $ref: '#/definitions/GroupSummaryList'
'401':
description: Authentication failure.
schema:
@@ -13457,58 +17737,65 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account with the specified ID does not exist.
+ description: An account or user with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Get the details of all user invitations.
+ summary: Get policy groups for a user.
tags:
- - Tenant accounts - user invitations
- x-filter:
- login_profiles:
- - eq
+ - Tenant accounts - users
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
consumes:
- application/json
- description: 'Invite a new or existing user.
+ deprecated: true
+ description: 'Add user to groups.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accouns/{account_id}/user-invitations
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups
\
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
- -d {"email": "myemail@company.com"}
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: createAccountInvitation
+ operationId: addAccountUserToGroups
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: A user invitation object with attributes.
+ - description: The ID of the user to add to the group.
+ in: path
+ name: user_id
+ required: true
+ type: string
+ - description: A list of IDs of the groups to update.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/UserInvitationReq'
+ items:
+ type: string
+ type: array
produces:
- application/json
responses:
- '201':
- description: New entity created.
+ '200':
+ description: Successful operation.
schema:
- $ref: '#/definitions/UserInvitationResp'
+ $ref: '#/definitions/UserInfoResp'
'400':
- description: Error in input data, for example, invalid email address.
+ description: Error in input data.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -13519,42 +17806,75 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Create a user invitation.
+ '404':
+ description: An account, user, or group with that ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: The user is a member of the group already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Add user to a list of groups.
tags:
- - Tenant accounts - user invitations
+ - Tenant accounts - users
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/add/
+ end_of_life_at: '2020-07-11T11:04:57+00:00'
+ issued_at: '2019-07-11T11:04:57+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/user-invitations/{invitation_id}:
- delete:
- description: 'Delete an active user invitation sent to a new or existing user.
+ /v3/accounts/{account_id}/users/{user_id}/groups/add:
+ post:
+ consumes:
+ - application/json
+ description: 'Add a user to groups.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations/{invitation_id}
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/add
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: deleteAccountInvitation
+ operationId: addAccountUserToListedGroups
parameters:
- - description: Account ID.
+ - description: The ID of the account.
in: path
name: account_id
required: true
type: string
- - description: The ID of the invitation to delete.
+ - description: The ID of the user to add to the group.
in: path
- name: invitation_id
+ name: user_id
required: true
type: string
+ - description: A list of IDs of the groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/GroupIdList'
produces:
- application/json
responses:
- '204':
- description: Deleted successfully.
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/UserInfoResp'
+ '400':
+ description: Error in input data.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
'401':
description: Authentication failure.
schema:
@@ -13564,47 +17884,119 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or invitation with the specified ID does not exist.
+ description: An account, user, or group with that ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Delete a user invitation.
+ '409':
+ description: The user is a member of the group already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Add user to a list of groups.
tags:
- - Tenant accounts - user invitations
+ - Tenant accounts - users
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- get:
- description: 'Retrieve details of an active user invitation sent for a new or
- existing user.
+ /v3/accounts/{account_id}/users/{user_id}/groups/remove:
+ post:
+ consumes:
+ - application/json
+ description: 'Remove a user from groups.
+
+ Note: This endpoint is restricted to administrators.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations/{invitation_id}
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/remove
\
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: getAccountInvitation
+ operationId: removeAccountUserFromListedGroups
+ parameters:
+ - description: The ID of the account.
+ in: path
+ name: account_id
+ required: true
+ type: string
+ - description: The ID of the user to remove from the group.
+ in: path
+ name: user_id
+ required: true
+ type: string
+ - description: A list of IDs of the groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/GroupIdList'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/UserInfoResp'
+ '400':
+ description: Error in input data.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An account, user, or group with that ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Remove user from groups.
+ tags:
+ - Tenant accounts - users
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/accounts/{account_id}/users/{user_id}/validate-email:
+ post:
+ description: 'Validate user email.
+
+ Note: This endpoint is restricted to administrators.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/validate-email
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: validateAccountUserEmail
parameters:
- description: Account ID.
in: path
name: account_id
required: true
type: string
- - description: The ID of the invitation to retrieve.
+ - description: The ID of the user.
in: path
- name: invitation_id
+ name: user_id
required: true
type: string
produces:
- application/json
responses:
- '200':
- description: Successful operation.
- schema:
- $ref: '#/definitions/UserInvitationResp'
+ '204':
+ description: Email validation successfully requested.
'401':
description: Authentication failure.
schema:
@@ -13614,35 +18006,30 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account or invitation with the specified ID does not exist.
+ description: An account or user with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Details of a user invitation.
+ summary: Validate the user email.
tags:
- - Tenant accounts - user invitations
+ - Tenant accounts - users
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/users:
+ /v3/api-keys:
get:
- description: 'Retrieve details of all users.
+ deprecated: true
+ description: 'Retrieve an array of API keys, optionally filtered by the owner.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users
- \
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAllAccountUsers
+ operationId: getAllApiKeys
parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- default: 50
description: The number of results to return (2-1000). Default 50.
format: int32
@@ -13650,14 +18037,14 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
@@ -13668,30 +18055,17 @@ paths:
name: include
required: false
type: string
- - description: Filter for email address.
- in: query
- name: email__eq
- required: false
- type: string
- - description: Filter for status.
- in: query
- name: status__eq
- required: false
- type: string
- - description: An optional filter to retrieve users with a specified set of
- statuses.
- in: query
- name: status__in
- required: false
- type: string
- - description: An optional filter to exclude users with a specified set of statuses.
+ - description: API key filter. Do not include the private portion of the API
+ key (the last 32 characters).
in: query
- name: status__nin
+ name: key__eq
required: false
type: string
- - description: An optional filter to retrieve users with a specified login profile.
+ - description: 'Owner name filter.
+
+ Note: This parameter is restricted to administrators.'
in: query
- name: login_profiles__eq
+ name: owner__eq
required: false
type: string
produces:
@@ -13700,7 +18074,7 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoRespList'
+ $ref: '#/definitions/ApiKeyInfoRespList'
'401':
description: Authentication failure.
schema:
@@ -13709,128 +18083,56 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: An account with the given ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Get the details of all users.
+ summary: Get all API keys.
tags:
- - Tenant accounts - users
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/applications/{application_id}/access-keys
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-filter:
- email:
- - eq
- login_profiles:
+ key:
- eq
- status:
+ owner:
- eq
- - in
- - nin
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
consumes:
- application/json
- description: 'Create or invite a new user to the account. Only email address
- is used; other attributes are set in the second step.
+ deprecated: true
+ description: 'Create a new API key.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users
- \
-
- -H ''Authorization: Bearer '' \
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys -d ''{"name":
+ "MyKey1"}'' \
- -H ''content-type: application/json'' \
+ -H ''Authorization: Bearer '' \
- -d {"email": "myemail@company.com"}
+ -H ''content-type: application/json''
```'
- operationId: createAccountUser
+ operationId: createApiKey
parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: A user object with attributes.
+ - description: The details of the API key to create.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/UserInfoReq'
- - default: create
- description: Create or invite user.
- in: query
- name: action
- required: false
- type: string
+ $ref: '#/definitions/ApiKeyInfoReq'
produces:
- application/json
responses:
'201':
description: New entity created.
schema:
- $ref: '#/definitions/UserInfoResp'
- '400':
- description: Error in input data, for example, an invalid email address.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '401':
- description: Authentication failure.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '403':
- description: Forbidden.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '404':
- description: An account with the specified ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: A user with the given username or email already exists.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Create a new user.
- tags:
- - Tenant accounts - users
- x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/users/{user_id}:
- delete:
- description: 'Delete a user.
-
-
- **Example:**
-
- ```
-
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}
- \
-
- -H ''Authorization: Bearer ''
-
- ```'
- operationId: deleteAccountUser
- parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user to delete.
- in: path
- name: user_id
- required: true
- type: string
- produces:
- - application/json
- responses:
- '204':
- description: Deleted successfully.
+ $ref: '#/definitions/ApiKeyInfoResp'
'400':
- description: Bad request, for example, trying to delete an active user.
+ description: Error in input data, for example, missing API key name.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -13841,47 +18143,39 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: An account or user with the specified ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Delete a user.
+ summary: Create a new API key.
tags:
- - Tenant accounts - users
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/applications/{application_id}/access-keys
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/api-keys/me:
get:
- description: 'Retrieve user details.
+ deprecated: true
+ description: 'Retrieve details of current API key.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}
- \
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys/me \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getAccountUser
- parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user to retrieve.
- in: path
- name: user_id
- required: true
- type: string
+ operationId: getMyApiKey
+ parameters: []
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoResp'
+ $ref: '#/definitions/ApiKeyInfoResp'
'401':
description: Authentication failure.
schema:
@@ -13890,61 +18184,50 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: An account or user with the specified ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Details of the user.
+ summary: Get current API key.
tags:
- - Tenant accounts - users
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated.
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
put:
- consumes:
- - application/json
- description: 'Update user details.
+ deprecated: true
+ description: 'Update API key details.
**Example:**
```
- curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}
- \
+ curl -X PUT https://api.us-east-1.mbedcloud.com/v3/api-keys/me \
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
- -d ''{"username": "myusername"}''
+ -d ''{"name": "TestApiKey25"}''
```'
- operationId: updateAccountUser
+ operationId: updateMyApiKey
parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user to update.
- in: path
- name: user_id
- required: true
- type: string
- - description: A user object with attributes.
+ - description: New API key attributes to store.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/UserUpdateReq'
+ $ref: '#/definitions/ApiKeyUpdateReq'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoResp'
+ $ref: '#/definitions/ApiKeyInfoResp'
'400':
- description: Error in input data, for example, an invalid email address.
+ description: Error in input data, for example, invalid API key name.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -13955,67 +18238,51 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: An account or user with the given ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: A user with the given username or email already exists.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Update user details.
+ summary: Update API key details.
tags:
- - Tenant accounts - users
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated.
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/users/{user_id}/groups:
+ /v3/api-keys/me/groups:
delete:
consumes:
- application/json
deprecated: true
- description: 'Remove user from groups.
+ description: 'Remove API key from groups.
**Example:**
```
- curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups
- \
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups \
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
-d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: removeAccountUserFromGroups
+ operationId: removeMyApiKeyListedGroups
parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user to remove from the group.
- in: path
- name: user_id
- required: true
- type: string
- - description: A list of IDs of the groups to update.
+ - description: A list of IDs of groups to update.
in: body
name: body
required: true
schema:
- items:
- type: string
- type: array
+ $ref: '#/definitions/GroupIdList'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoResp'
+ $ref: '#/definitions/ApiKeyInfoResp'
'400':
description: Error in input data.
schema:
@@ -14028,34 +18295,31 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: An account, user, or group with that ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Remove user from groups.
+ summary: Remove API key from groups.
tags:
- - Tenant accounts - users
+ - Account - API keys
x-deprecation:
- comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/remove/
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/remove/
end_of_life_at: '2020-07-11T11:04:57+00:00'
issued_at: '2019-07-11T11:04:57+00:00'
links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
get:
- description: 'Retrieve user''s groups.
+ deprecated: true
+ description: 'Retrieve an array of policy groups associated with the current
+ API key.
**Example:**
```
- curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups
- \
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups \
- -H ''Authorization: Bearer ''
+ -H ''Authorization: Bearer ''
```'
- operationId: getGroupsOfAccountUser
+ operationId: getGroupsOfMyApiKey
parameters:
- default: 50
description: The number of results to return (2-1000). Default 50.
@@ -14064,14 +18328,14 @@ paths:
name: limit
required: false
type: integer
- - description: The entity ID to fetch after the given one.
+ - description: The entity ID to retrieve after the given one.
in: query
name: after
required: false
type: string
- default: ASC
- description: 'Record order based on creation time. Acceptable values: ASC,
- DESC. Default: ASC.'
+ description: 'Record order based on creation. Acceptable values: ASC, DESC.
+ Default: ASC.'
in: query
name: order
required: false
@@ -14082,16 +18346,6 @@ paths:
name: include
required: false
type: string
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user.
- in: path
- name: user_id
- required: true
- type: string
produces:
- application/json
responses:
@@ -14107,47 +18361,37 @@ paths:
description: Forbidden.
schema:
$ref: '#/definitions/ErrorResponse'
- '404':
- description: An account or user with the specified ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- summary: Get user's groups.
+ summary: Get policy groups of the current API key.
tags:
- - Tenant accounts - users
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated.
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
post:
consumes:
- application/json
deprecated: true
- description: 'Add user to groups.
+ description: 'Add API key to groups.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups
- \
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups \
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
-d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: addAccountUserToGroups
+ operationId: addMyApiKeyToGroups
parameters:
- - description: Account ID.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user to add to the group.
- in: path
- name: user_id
- required: true
- type: string
- description: A list of IDs of the groups to update.
in: body
name: body
@@ -14162,7 +18406,7 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoResp'
+ $ref: '#/definitions/ApiKeyInfoResp'
'400':
description: Error in input data.
schema:
@@ -14172,59 +18416,47 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '404':
- description: An account, user, or group with that ID does not exist.
+ description: Forbidden. Adding API key to the 'Administrators' group is
+ restricted to administrators.
schema:
$ref: '#/definitions/ErrorResponse'
'409':
- description: The user is a member of the group already.
+ description: The API key is a member of the group already.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add user to a list of groups.
+ summary: Add API key to a list of groups.
tags:
- - Tenant accounts - users
+ - Account - API keys
x-deprecation:
- comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/add/
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/add/
end_of_life_at: '2020-07-11T11:04:57+00:00'
issued_at: '2019-07-11T11:04:57+00:00'
links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/users/{user_id}/groups/add:
+ /v3/api-keys/me/groups/add:
post:
consumes:
- application/json
- description: 'Add a user to groups.
+ deprecated: true
+ description: 'Add API key to groups.
**Example:**
```
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/add
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/add/
\
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
-d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
```'
- operationId: addAccountUserToListedGroups
+ operationId: addMyApiKeyToListedGroups
parameters:
- - description: The ID of the account.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user to add to the group.
- in: path
- name: user_id
- required: true
- type: string
- description: A list of IDs of the groups to update.
in: body
name: body
@@ -14237,11 +18469,169 @@ paths:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoResp'
+ $ref: '#/definitions/ApiKeyInfoResp'
+ '400':
+ description: Error in input data.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden. Adding API key to the 'Administrators' group is
+ restricted to administrators.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '409':
+ description: The API key is a member of the group already.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Add API key to a list of groups.
+ tags:
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/applications/{application_id}/groups/add
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/api-keys/me/groups/remove:
+ post:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Remove API key from groups.
+
+
+ **Example:**
+
+ ```
+
+ curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/remove
+ \
+
+ -H ''Authorization: Bearer '' \
+
+ -H ''content-type: application/json'' \
+
+ -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+
+ ```'
+ operationId: removeMyApiKeyFromListedGroups
+ parameters:
+ - description: A list of IDs of groups to update.
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/GroupIdList'
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
'400':
description: Error in input data.
schema:
- $ref: '#/definitions/ErrorResponse'
+ $ref: '#/definitions/ErrorResponse'
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Remove API key from groups.
+ tags:
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/applications/{application_id}/groups/remove
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ /v3/api-keys/{apikey_id}:
+ delete:
+ deprecated: true
+ description: 'Delete the API key.
+
+
+ **Example:**
+
+ ```
+
+ curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}
+ \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: deleteApiKey
+ parameters:
+ - description: The ID of the API key to delete.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '204':
+ description: Deleted successfully.
+ '401':
+ description: Authentication failure.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '403':
+ description: Forbidden. Only the owner of the API key or an administrator
+ can delete an API key.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ '404':
+ description: An API key with the specified ID does not exist.
+ schema:
+ $ref: '#/definitions/ErrorResponse'
+ summary: Delete API key.
+ tags:
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use DELETE https://api.us-east-1.mbedcloud.com/v3/applications/{application_id}/access-keys/{access_key_id}
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
+ x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
+ get:
+ deprecated: true
+ description: 'Retrieve details of an API key.
+
+
+ **Example:**
+
+ ```
+
+ curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id} \
+
+ -H ''Authorization: Bearer ''
+
+ ```'
+ operationId: getApiKey
+ parameters:
+ - description: The ID of the API key to retrieve.
+ in: path
+ name: apikey_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ '200':
+ description: Successful operation.
+ schema:
+ $ref: '#/definitions/ApiKeyInfoResp'
'401':
description: Authentication failure.
schema:
@@ -14251,65 +18641,56 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account, user, or group with that ID does not exist.
- schema:
- $ref: '#/definitions/ErrorResponse'
- '409':
- description: The user is a member of the group already.
+ description: An API key with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Add user to a list of groups.
+ summary: Get API key.
tags:
- - Tenant accounts - users
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use GET https://api.us-east-1.mbedcloud.com/v3/applications/{application_id}/access-keys/{access_key_id}
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/users/{user_id}/groups/remove:
- post:
- consumes:
- - application/json
- description: 'Remove a user from groups.
+ put:
+ deprecated: true
+ description: 'Update API key details.
**Example:**
- ```
-
- curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/remove
- \
+ `curl -X PUT https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id} \
- -H ''Authorization: Bearer '' \
+ -H ''Authorization: Bearer '' \
-H ''content-type: application/json'' \
- -d ''["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]''
+ -d ''{"name": "TestApiKey25"}''
```'
- operationId: removeAccountUserFromListedGroups
+ operationId: updateApiKey
parameters:
- - description: The ID of the account.
- in: path
- name: account_id
- required: true
- type: string
- - description: The ID of the user to remove from the group.
+ - description: The ID of the API key to update.
in: path
- name: user_id
+ name: apikey_id
required: true
type: string
- - description: A list of IDs of the groups to update.
+ - description: New API key attributes to store.
in: body
name: body
required: true
schema:
- $ref: '#/definitions/GroupIdList'
+ $ref: '#/definitions/ApiKeyUpdateReq'
produces:
- application/json
responses:
'200':
description: Successful operation.
schema:
- $ref: '#/definitions/UserInfoResp'
+ $ref: '#/definitions/ApiKeyInfoResp'
'400':
- description: Error in input data.
+ description: Error in input data, for example, invalid API key name.
schema:
$ref: '#/definitions/ErrorResponse'
'401':
@@ -14317,49 +18698,73 @@ paths:
schema:
$ref: '#/definitions/ErrorResponse'
'403':
- description: Forbidden.
+ description: Forbidden. Only the owner of the API key or an administrator
+ can update an API key.
schema:
$ref: '#/definitions/ErrorResponse'
'404':
- description: An account, user, or group with that ID does not exist.
+ description: An API key with the specified ID does not exist.
schema:
$ref: '#/definitions/ErrorResponse'
- summary: Remove user from groups.
+ summary: Update API key details.
tags:
- - Tenant accounts - users
+ - Account - API keys
+ x-deprecation:
+ comment: This endpoint is deprecated. Use PUT https://api.us-east-1.mbedcloud.com/v3/applications/{application_id}/access-keys/{access_key_id}
+ end_of_life_at: '2021-08-01T00:00:00+00:00'
+ issued_at: '2020-08-01T00:00:00+00:00'
+ links: []
x-origin: /home/circleci/project/auth/public/iam-identity-swagger.yaml
- /v3/accounts/{account_id}/users/{user_id}/validate-email:
- post:
- description: 'Validate user email.
+ /v3/api-keys/{apikey_id}/groups:
+ delete:
+ consumes:
+ - application/json
+ deprecated: true
+ description: 'Remove API key from groups.
+
+