From 7916ed72eedd3046ad4bcc76b571dd1cdffbb5c8 Mon Sep 17 00:00:00 2001 From: Kumuditha - KD Date: Mon, 2 Dec 2024 08:43:34 +0530 Subject: [PATCH] Add required permissions to API descriptions --- .../6.1.0/docs/apis/restapis/application.yaml | 208 +++++++++++++----- 1 file changed, 158 insertions(+), 50 deletions(-) diff --git a/en/identity-server/6.1.0/docs/apis/restapis/application.yaml b/en/identity-server/6.1.0/docs/apis/restapis/application.yaml index ab0008eb7f..d862b00ca5 100644 --- a/en/identity-server/6.1.0/docs/apis/restapis/application.yaml +++ b/en/identity-server/6.1.0/docs/apis/restapis/application.yaml @@ -79,7 +79,10 @@ paths: operationId: createApplication description: > This API provides the capability to store the application information that is provided by users.
- Scope(Permission) required: `internal_application_mgt_create` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/create
+ Scope required:
+ * internal_application_mgt_create parameters: - in: query name: template @@ -136,12 +139,15 @@ paths: tags: - Applications summary: | - Create application from an exported XML, YAML, or JSON file. + Create application from an exported XML file. operationId: importApplication description: > This API provides the capability to create an application based on the - information provided in an XML, YAML, or JSON file.
- Scope(Permission) required: `internal_application_mgt_create` + information provided as a file.
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/create
+ Scope required:
+ * internal_application_mgt_create requestBody: content: multipart/form-data: @@ -182,12 +188,15 @@ paths: tags: - Applications summary: | - Update application from an exported XML, YAML, or JSON file. + Update application from an exported XML file. operationId: importApplicationForUpdate description: > This API provides the capability to update an application based on the - information provided in an XML, YAML, or JSON file.
- Scope(Permission) required: `internal_application_mgt_update` + information that has been provided as an XML file.
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update requestBody: content: multipart/form-data: @@ -239,7 +248,10 @@ paths: operationId: getApplication description: > This API provides the capability to retrieve the application information by ID.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view parameters: - name: applicationId in: path @@ -293,7 +305,10 @@ paths: operationId: patchApplication description: | This API provides the capability to partially update an application by ID.
- Scope(Permission) required: `internal_application_mgt_update` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update parameters: - name: applicationId in: path @@ -341,7 +356,10 @@ paths: operationId: deleteApplication description: | This API provides the capability to delete an application by ID.
- Scope(Permission) required: `internal_application_mgt_delete` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/delete
+ Scope required:
+ * internal_application_mgt_delete parameters: - name: applicationId in: path @@ -383,7 +401,10 @@ paths: Export application as an XML file. description: | This API provides the capability to retrieve the application as an XML file.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view parameters: - name: applicationId in: path @@ -430,7 +451,10 @@ paths: Change application owner. description: | This API provides the capability to change the application owner.
- Scope(Permission) required: `internal_organization_admin` + Permission required:
+ * /permission/admin
+ Scope required:
+ * SYSTEM parameters: - name: applicationId in: path @@ -477,7 +501,10 @@ paths: operationId: getConfiguredAuthenticators description: | This API provides the capability to retrieve the configured authenticators.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view parameters: - name: applicationId in: path @@ -525,7 +552,10 @@ paths: operationId: getResidentApplication description: | This API provides the capability to retrieve the resident application information.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view responses: '200': description: OK @@ -563,7 +593,10 @@ paths: operationId: updateResidentApplication description: > This API provides the capability to update the resident application configuration.
- Scope(Permission) required: `internal_application_mgt_update` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update responses: '200': description: Successful @@ -622,7 +655,10 @@ paths: operationId: getInboundAuthenticationConfigurations description: > This API provides the capability to retrieve authentication protocol configurations of an application.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view parameters: - name: applicationId in: path @@ -668,7 +704,10 @@ paths: operationId: getInboundSAMLConfiguration description: > This API provides the capability to retrieve SAML2 authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view parameters: - name: applicationId in: path @@ -713,7 +752,10 @@ paths: operationId: updateInboundSAMLConfiguration description: > This API provides the capability to store SAML2 authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_update` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update - There are three methods to create/update SAML2 authentication protocol configuration. 1. Metadata File (by sending the Base64 encoded content of the metadata file.) @@ -779,7 +821,10 @@ paths: operationId: deleteInboundSAMLConfiguration description: > This API provides the capability to delete SAML2 authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_delete` + Permissi on required:
+ * /permission/admin/manage/identity/applicationmgt/delete
+ Scope required:
+ * internal_application_mgt_delete parameters: - name: applicationId in: path @@ -820,7 +865,10 @@ paths: Retrieve OIDC authentication protocol parameters. description: > This API provides the capability to retrieve OIDC authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getInboundOAuthConfiguration parameters: - name: applicationId @@ -865,7 +913,10 @@ paths: Update OIDC authentication protocol parameters. description: > This API provides the capability to store OIDC authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_update` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update operationId: updateInboundOAuthConfiguration parameters: - name: applicationId @@ -928,7 +979,10 @@ paths: Delete OIDC authentication protocol parameters. description: > This API provides the capability to delete OIDC authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_delete` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/delete
+ Scope required:
+ * internal_application_mgt_delete operationId: deleteInboundOAuthConfiguration parameters: - name: applicationId @@ -970,7 +1024,10 @@ paths: Regenerate the OAuth2/OIDC client secret. description: | This API regenerates the OAuth2/OIDC client secret.
- Scope(Permission) required: `internal_application_mgt_create` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/create
+ Scope required:
+ * internal_application_mgt_create operationId: regenerateOAuthClientSecret parameters: - name: applicationId @@ -1015,9 +1072,11 @@ paths: summary: | Revoke the OAuth2/OIDC client of application. description: | - This API revokes the OAuth2/OIDC client secret. - To re-activate the client, the client secret needs to be regenerated.
- Scope(Permission) required: `internal_application_mgt_create` + This API revokes the OAuth2/OIDC client secret. To re-activate the client, the client secret needs to be regenerated.
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/create
+ Scope required:
+ * internal_application_mgt_create operationId: revokeOAuthClient parameters: - name: applicationId @@ -1060,7 +1119,10 @@ paths: description: > This API provides the capability to retrieve Passive STS authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getPassiveStsConfiguration parameters: - name: applicationId @@ -1105,7 +1167,10 @@ paths: Update Passive STS authentication protocol parameters. description: > This API provides the capability to store passive STS authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_update` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update operationId: updatePassiveStsConfiguration parameters: - name: applicationId @@ -1171,7 +1236,10 @@ paths: description: > This API provides the capability to delete Passive STS authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_delete` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/delete
+ Scope required:
+ * internal_application_mgt_delete operationId: deletePassiveStsConfiguration parameters: - name: applicationId @@ -1214,7 +1282,10 @@ paths: description: > This API provides the capability to retrieve Passive STS authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getWSTrustConfiguration parameters: - name: applicationId @@ -1259,7 +1330,10 @@ paths: Update WS Trust authentication protocol parameters. description: > This API provides the capability to store WS Trust authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_update` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update operationId: updateWSTrustConfiguration parameters: - name: applicationId @@ -1324,7 +1398,10 @@ paths: Delete WS Trust authentication protocol parameters. description: > This API provides the capability to delete WS Trust authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_delete` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/delete
+ Scope required:
+ * internal_application_mgt_delete operationId: deleteWSTrustConfiguration parameters: - name: applicationId @@ -1367,7 +1444,10 @@ paths: description: > This API provides the capability to retrieve custom inbound authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getCustomInboundConfiguration parameters: - name: applicationId @@ -1419,7 +1499,10 @@ paths: description: > This API provides the capability to store custom inbound authentication protocol parameters of an application.
- Scope(Permission) required: `internal_application_mgt_update` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update operationId: updateCustomInboundConfiguration parameters: - name: applicationId @@ -1490,7 +1573,10 @@ paths: Delete custom inbound authentication protocol parameters. description: > This API provides the capability to delete custom inbound authentication protocol of an application.
- Scope(Permission) required: `internal_application_mgt_delete` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/delete
+ Scope required:
+ * internal_application_mgt_delete operationId: deleteCustomInboundConfiguration parameters: - name: applicationId @@ -1539,7 +1625,10 @@ paths: description: > This API provides the capability to retrieve the list of inbound authentication protocols available. If the query parameter 'customOnly' is set to true, only custom inbound protocols will be listed.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getInboundProtocols parameters: - $ref: '#/components/parameters/inboundProtocolsCustomOnly' @@ -1579,7 +1668,10 @@ paths: Retrieve all the metadata related to the auth protocol SAML. description: > This API provides the capability to retrieve all the metadata related to the auth protocol SAML.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getSAMLMetadata responses: '200': @@ -1621,7 +1713,10 @@ paths: description: > This API provides the capability to retrieve all the metadata related to the authentication protocol OAuth / OIDC.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getOIDCMetadata responses: '200': @@ -1654,7 +1749,10 @@ paths: Retrieve all the metadata related to the auth protocol WS Trust. description: > This API provides the capability to retrieve all the metadata related to the auth protocol WS_Trust.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getWSTrustMetadata responses: '200': @@ -1688,7 +1786,10 @@ paths: description: > This API provides the capability to retrieve all the metadata related to the custom auth protocol identified by the inboundProtocolId. The URL encoded inbound protocol name is used as inboundProtocolId.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getCustomProtocolMetadata parameters: - name: inboundProtocolId @@ -1728,7 +1829,10 @@ paths: Retrieve adaptive authentication sample templates. description: > This API provides the capability to retrieve the sample adaptive authentication templates.
- Scope(Permission) required: `internal_application_mgt_view` + Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view operationId: getAdaptiveAuthTemplates responses: '200': @@ -1762,7 +1866,8 @@ paths: List application templates. description: | This API provides the capability to retrieve the list of templates available.
- Scope(Permission) required: `internal_application_mgt_view` + Scope required:
+ * internal_application_mgt_view parameters: - $ref: '#/components/parameters/limitWithoutDefaultQueryParam' - $ref: '#/components/parameters/offsetWithoutDefaultQueryParam' @@ -1810,7 +1915,8 @@ paths: operationId: createApplicationTemplate description: > This API provides the capability to store the application template provided by users.
- Scope(Permission) required: `internal_application_mgt_create` + Scope required:
+ * internal_application_mgt_create requestBody: content: application/json: @@ -1864,7 +1970,8 @@ paths: operationId: getApplicationTemplate description: > This API provides the capability to retrieve the application template from the template id.
- Scope(Permission) required: `internal_application_mgt_view` + Scope required:
+ * internal_application_mgt_view parameters: - $ref: '#/components/parameters/templateIdPathParam' responses: @@ -1913,7 +2020,8 @@ paths: operationId: updateApplicationTemplate description: | This API provides the capability to update an application template by the template ID.
- Scope(Permission) required: `internal_application_mgt_update` + Scope required:
+ * internal_application_mgt_update parameters: - $ref: '#/components/parameters/templateIdPathParam' requestBody: @@ -1962,7 +2070,8 @@ paths: operationId: deleteApplicationTemplate description: | This API provides the capability to delete an application template by template ID.
- Scope(Permission) required: `internal_application_mgt_delete` + Scope required:
+ * internal_application_mgt_delete parameters: - $ref: '#/components/parameters/templateIdPathParam' responses: @@ -2073,10 +2182,9 @@ components: required: false description: | Specifies the required parameters in the response. - Only 'advancedConfigurations', 'templateId', 'clientId', 'issuer', and 'associatedRoles.allowedAudience' - attributes are currently supported. + Currently supports for only 'advancedConfigurations', 'templateId', 'clientId', and 'issuer' attributes. - /applications?attributes=advancedConfigurations,templateId,clientId,issuer,associatedRoles.allowedAudience + /applications?attributes=advancedConfigurations,templateId,clientId schema: type: string exportSecretsQueryParam: @@ -2480,7 +2588,7 @@ components: example: "SAML2 Inbound" self: type: string - example: "/api/server/v1/applications/29048810-1447-4ea0-a348-30d15ab65fa3/inbound-protocols/saml" + example: "/t/carbon.super/api/server/v1/applications/29048810-1447-4ea0-a348-30d15ab65fa3/inbound-protocols/saml" ClaimConfiguration: type: object properties: