openapi: 3.1.0 info: title: DTZ Identity version: 2.0.4 description: a generated client for the DTZ Identity API license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html contact: name: Jens Walter email: jens@apimeister.com servers: - url: https://identity.dtz.rocks/api/2021-02-21 paths: /auth/apikey: post: summary: authenticate with apikey operationId: authenticateApikey requestBody: content: application/json: schema: $ref: '#/components/schemas/ApikeyRequest' responses: "200": description: success content: application/json: schema: $ref: '#/components/schemas/TokenResponse' /signup: post: summary: create a new identity with the given email as account email, also create an authentication with the given credentials to allow a login, creates a default context operationId: userSignup security: [] requestBody: description: signup content: application/json: schema: $ref: '#/components/schemas/SignupRequest' required: true responses: "200": description: user created content: application/json: schema: $ref: '#/components/schemas/TokenResponse' "500": description: server error content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' /authentication: get: summary: list user authentications operationId: listAuthentication responses: "200": description: list of authentication content: application/json: schema: type: object properties: identityId: type: string format: IdentityId userAuth: type: array items: type: object properties: userName: type: string defaultContextId: type: string format: ContextId required: - userName apiKeyAuth: type: array items: type: object properties: apiKey: type: string defaultContextId: type: string format: ContextId alias: type: string createdAt: type: string format: date-time lastUsedAt: type: string format: date-time oauthAuth: type: array post: summary: update the user authentication, aka change you password or default context operationId: changeAuthentication requestBody: description: update an existing authentication content: application/json: schema: type: object properties: email: type: string oldPassword: type: string newPassword: type: string defaultContextId: type: string format: ContextId required: - email responses: "200": description: success /context: get: summary: get a list of contexts that the user has access to operationId: listAvailableContexts responses: "200": description: all context ids content: application/json: schema: type: array items: type: object properties: contextId: type: string format: ContextId /context/{context_id}: delete: summary: delete all roles attached to this context operationId: deleteContextRoles parameters: - in: path name: context_id schema: type: string pattern: 'context-[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}' examples: - sample_id: value: context-01909cb6-225b-7f11-8779-c401fbee19ff required: true description: context_id responses: "200": description: status /context/{context_id}/new: post: summary: create identity requirements for a new context operationId: newContext parameters: - in: path name: context_id schema: type: string format: ContextId required: true description: context_id requestBody: description: context creation request content: application/json: schema: type: object properties: identity_id: type: string format: IdentityId service_principal_id: type: string format: IdentityId responses: "200": description: status /identity: get: summary: get a list of all available identities operationId: listIdentity responses: "200": description: success content: application/json: schema: type: object properties: currentIdentity: type: string identities: type: array items: type: object properties: identityId: type: string email: type: string description: type: string post: summary: creates a new identity operationId: newIdentity requestBody: description: create identity request content: application/json: schema: type: object properties: email: type: string description: type: string responses: "200": description: success content: application/json: schema: type: object properties: identityId: type: string email: type: string description: type: string /identity/assume: post: summary: assume identity operationId: assumeIdentity requestBody: description: assume different identity content: application/json: schema: type: object properties: email: type: string identityId: type: string format: IdentityId contextId: type: string format: ContextId description: target context the token is issued for, if not present, a random context will be chosen. responses: "200": description: success content: application/json: schema: $ref: '#/components/schemas/TokenResponse' "401": description: Invalid input content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' /identity/check: post: summary: checks whether an identity exists operationId: checkIdentity requestBody: description: checking for existing identity content: application/json: schema: type: object properties: email: type: string identityId: type: string format: IdentityId responses: "200": description: success content: application/json: schema: type: object properties: exists: type: boolean "401": description: Invalid input content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' /me: get: summary: get account stats operationId: getAccountStats responses: "200": description: success content: application/json: schema: type: object properties: roles: type: array items: type: object properties: contextId: type: string format: ContextId count: type: number identityCount: type: number authenticationCount: type: number /me/email: get: summary: Get account email operationId: getAccountEmail responses: "200": description: success content: application/json: schema: type: object properties: email: type: string "404": description: Email not found content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' /me/identity: delete: summary: delete current identity operationId: deleteIdentity responses: "200": description: success /me/identity/apikey: post: summary: create api key operationId: createApiKey requestBody: description: api key creation content: application/json: schema: type: object properties: contextId: type: string format: ContextId alias: type: string required: - contextId required: true responses: "200": description: success content: text/plain: schema: type: string examples: text: summary: api key value: apikey-00000000-0000-0000-0000-000000000000 /me/identity/apikey/{apikey}: delete: summary: delete api key operationId: deleteApiKey parameters: - in: path name: apikey schema: type: string format: ApikeyId required: true description: api key responses: "200": description: success patch: summary: update the api key alias operationId: updateApiKeyAlias parameters: - in: path name: apikey schema: type: string format: ApikeyId required: true description: api key requestBody: content: application/json: schema: type: object properties: alias: type: string responses: "200": description: success /me/roles/{roleId}: post: summary: create role assignment operationId: assignRole parameters: - in: path name: roleId schema: type: string format: RoleId required: true description: role id responses: "200": description: success delete: summary: remove role assignment from identity operationId: removeRoleAssignment parameters: - in: path name: roleId schema: type: string format: RoleId required: true description: role id responses: "200": description: success /token/auth: post: summary: user login operationId: userLogin security: [] requestBody: description: login content: application/json: schema: $ref: '#/components/schemas/AuthRequest' required: true responses: "200": description: success content: application/json: schema: $ref: '#/components/schemas/TokenResponse' "401": description: Invalid input content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' /token/refresh: post: summary: token refresh description: token refresh operationId: tokenRefresh requestBody: content: application/json: schema: $ref: '#/components/schemas/ChangeContextRequest' required: true responses: "200": description: success content: application/json: schema: $ref: '#/components/schemas/TokenResponse' /roles: get: summary: get roles which are abstract - not assigned to any context or identity operationId: getAbstractRoles responses: "200": description: success content: application/json: schema: type: object properties: roles: type: array items: $ref: '#/components/schemas/AbstractRole' /roles/context/{contextId}: get: summary: get roles for a certain context id operationId: getRolesForContext parameters: - in: path name: contextId schema: type: string format: ContextId required: true description: context id responses: "200": description: success content: application/json: schema: type: object properties: roles: type: array items: $ref: '#/components/schemas/ContextRole' post: summary: create role from abstract role (template) operationId: createRoleForContext parameters: - in: path name: contextId schema: type: string format: ContextId required: true description: context id requestBody: content: application/json: schema: type: object properties: roleId: type: string format: roleId responses: "200": description: success content: application/json: schema: $ref: '#/components/schemas/ContextRole' /roles/identity/{identityId}: get: summary: get roles for a certain identity id operationId: getRolesForIdentity parameters: - in: path name: identityId schema: type: string format: IdentityId required: true description: identity id responses: "200": description: success content: application/json: schema: type: object properties: roles: type: array items: $ref: '#/components/schemas/IdentityRole' /roles/context/{contextId}/{roleId}/share: post: summary: sharing a role with another identity operationId: shareRole parameters: - in: path name: contextId schema: type: string format: ContextId required: true description: context id - in: path name: roleId schema: type: string format: RoleId required: true description: role id requestBody: content: application/json: schema: type: object properties: email: type: string identityId: type: string format: IdentityId required: true responses: "200": description: success "401": description: forbidden "400": description: bad request content: application/json: schema: type: object properties: msg: type: string /oauth/authorize: get: summary: oauth authorize operationId: oauthAuthorize x-dtz-include-headers: true parameters: - in: query name: response_type schema: type: string required: true - in: query name: client_id schema: type: string required: true - in: query name: redirect_uri schema: type: string required: true - in: query name: scope schema: type: string required: true - in: query name: state schema: type: string - in: query name: nonce schema: type: string responses: "302": description: success headers: Location: schema: type: string description: redirect uri "401": description: unauthorized /oauth/token: post: summary: oauth token request description: oauth token request operationId: oauthToken security: [] requestBody: content: application/x-www-form-urlencoded: schema: $ref: '#/components/schemas/OauthTokenRequest' required: true responses: "200": description: success content: application/json: schema: $ref: '#/components/schemas/TokenResponse' components: schemas: ApikeyRequest: type: object properties: apiKey: type: string contextId: type: string format: ContextId required: - apiKey ErrorResponse: required: - status type: object properties: status: type: string SignupRequest: type: object properties: email: type: string password: type: string required: - email - password AuthRequest: type: object properties: username: type: string password: type: string scopes: type: array items: type: string required: - username - password ChangeContextRequest: type: object properties: contextId: type: string format: ContextId TokenResponse: type: object properties: access_token: type: string scope: type: string token_type: type: string expires_in: type: number required: - access_token - token_type - expires_in AbstractRole: type: object properties: roleId: type: string format: RoleId roleAlias: type: string roleScope: type: string required: - roleId - roleScope ContextRole: type: object properties: roleId: type: string format: RoleId abstractRoleId: type: string format: RoleId roleAlias: type: string roleScope: type: string assignedToUser: type: boolean required: - roleId - roleAlias - roleScope IdentityRole: type: object properties: roleId: type: string format: RoleId abstractRoleId: type: string format: RoleId roleAlias: type: string roleScope: type: string assignedToUser: type: boolean required: - roleId - roleAlias - roleScope - exposure Role: type: object properties: roleId: type: string format: RoleId roleAlias: type: string roleScope: type: string contextId: type: string format: ContextId exposure: type: string assignedToUser: type: boolean required: - roleId - roleAlias - roleScope - exposure OauthTokenRequest: type: object properties: grant_type: type: string client_id: type: string client_secret: type: string redirect_uri: type: string code: type: string required: - grant_type - client_id - client_secret - redirect_uri - code securitySchemes: dtz_oauth: type: oauth2 flows: authorizationCode: authorizationUrl: https://identity.dtz.rocks/api/2021-02-21/oauth/authorize tokenUrl: https://identity.dtz.rocks/api/2021-02-21/oauth/token scopes: {} dtz_apikey: type: apiKey in: header name: X-API-KEY dtz-cookie: type: apiKey in: cookie name: dtz_auth security: - dtz_apikey: [] - dtz_oauth: [] - dtz-cookie: []
Core Services
Container Registry
Containers
Identity
Objectstore
Observability
Logs
Sources
RSS to Email
Terraform
Data Sources
Resources