From f4cc88e56e132ab0ac075590278f7b2edbfad09e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rune=20T=C3=B8mmer=C3=A5s=20Larsen?= Date: Fri, 11 Oct 2024 13:02:49 +0200 Subject: [PATCH] more swagger (#1825) --- .../altinn-platform-authentication-v1.json | 3793 ++++++----------- 1 file changed, 1249 insertions(+), 2544 deletions(-) diff --git a/static/swagger/altinn-platform-authentication-v1.json b/static/swagger/altinn-platform-authentication-v1.json index 5223b3d444..a477c1465a 100644 --- a/static/swagger/altinn-platform-authentication-v1.json +++ b/static/swagger/altinn-platform-authentication-v1.json @@ -1,435 +1,339 @@ { "openapi": "3.0.1", "info": { - "title": "Altinn.ResourceRegistry", - "version": "1.0" + "title": "Altinn Platform Authentication", + "version": "v1" }, "paths": { - "/access-lists/memberships": { + "/authentication": { "get": { "tags": [ - "AccessListMemberships" + "Authentication" ], - "summary": "\r\n\r\n Gets memberships for a party for a set of resources/parties.\r\n \r\n\r\n\r\n This is an internal API and requires an administrative token.\r\n ", + "summary": "Request that handles the form authentication cookie from SBL", "parameters": [ { - "name": "party", + "name": "goTo", "in": "query", - "description": "Parties to include.", + "description": "The url to redirect to if everything validates ok", "schema": { - "type": "array", - "items": { - "type": "string" - } + "type": "string" } }, { - "name": "resource", + "name": "dontChooseReportee", "in": "query", - "description": "Resources to include.", + "description": "Parameter to indicate disabling of reportee selection in Altinn Portal.", "schema": { - "type": "array", - "items": { - "type": "string" - } + "type": "boolean" } } ], "responses": { - "200": { - "description": "OK", + "302": { + "description": "Found" + }, + "400": { + "description": "Bad Request", "content": { + "text/plain": { + "schema": { + "type": "string" + } + }, "application/json": { "schema": { - "$ref": "#/components/schemas/AccessListResourceMembershipWithActionFilterDtoListObject" + "type": "string" + } + }, + "text/json": { + "schema": { + "type": "string" } } } }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "PlatformComponentOnly" - ] + "503": { + "description": "Service Unavailable" } - ] + } } }, - "/access-lists/{owner}": { + "/refresh": { "get": { "tags": [ - "Access List" - ], - "summary": "Get all access lists for a given resource owner.", - "operationId": "access-lists/get-by-owner", - "parameters": [ - { - "name": "owner", - "in": "path", - "description": "The resource owner", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "token", - "in": "query", - "description": "Optional continuation token", - "schema": { - "$ref": "#/components/schemas/StringOpaque" - } - }, - { - "name": "include", - "in": "query", - "description": "What additional information to include in the response", - "schema": { - "$ref": "#/components/schemas/AccessListIncludes" - } - }, - { - "name": "resource", - "in": "query", - "description": "Optional resource identifier. Required if include has flag Altinn.ResourceRegistry.Core.AccessLists.AccessListIncludes.ResourceConnections\r\nset. This is used to filter the resource connections included in the access lists to only the provided resource.", - "schema": { - "type": "string" - } - } + "Authentication" ], + "summary": "Refreshes JwtToken.", "responses": { "200": { "description": "OK", "content": { + "text/plain": { + "schema": { + "type": "string" + } + }, "application/json": { "schema": { - "$ref": "#/components/schemas/AccessListInfoDtoPaginated" + "type": "string" + } + }, + "text/json": { + "schema": { + "type": "string" } } } }, "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead" - ] + "description": "Unauthorized", + "content": { + "text/plain": { + "schema": { + "type": "string" + } + }, + "application/json": { + "schema": { + "type": "string" + } + }, + "text/json": { + "schema": { + "type": "string" + } + } + } } - ] + } } }, - "/access-lists/{owner}/{identifier}": { + "/exchange/{tokenProvider}": { "get": { "tags": [ - "Access List" + "Authentication" ], - "summary": "Gets an access list by owner and identifier.", + "summary": "Action for exchanging a JWT generated by a trusted token provider with a new JWT for further use as authentication against rest of Altinn.", "parameters": [ { - "name": "owner", - "in": "path", - "description": "The resource owner", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "identifier", + "name": "tokenProvider", "in": "path", - "description": "The resource owner-unique identifier", "required": true, "schema": { "type": "string" } }, { - "name": "include", + "name": "test", "in": "query", - "description": "What additional information to include in the response", - "schema": { - "$ref": "#/components/schemas/AccessListIncludes" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", "schema": { - "type": "string" + "type": "boolean" } } ], "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { + "schema": { + "type": "string" + } + }, + "application/json": { "schema": { "type": "string" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "text/json": { "schema": { "type": "string" } } - }, + } + }, + "401": { + "description": "Unauthorized", "content": { + "text/plain": { + "schema": { + "type": "string" + } + }, "application/json": { "schema": { - "$ref": "#/components/schemas/AccessListInfoDto" + "type": "string" + } + }, + "text/json": { + "schema": { + "type": "string" } } } }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "304": { - "description": "Not Modified", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "400": { + "description": "Bad Request", + "content": { + "text/plain": { + "schema": { + "type": "string" + } + }, + "application/json": { "schema": { "type": "string" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "text/json": { "schema": { "type": "string" } } } }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead" - ] + "429": { + "description": "Too Many Requests" } - ] - }, - "delete": { + } + } + }, + "/introspection": { + "post": { "tags": [ - "Access List" - ], - "summary": "Deletes an access list by owner and identifier.", - "parameters": [ - { - "name": "owner", - "in": "path", - "description": "The resource owner", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "identifier", - "in": "path", - "description": "The resource owner-unique identifier", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", - "schema": { - "type": "string" - } - } + "Introspection" ], - "responses": { - "200": { - "description": "The list was deleted", - "headers": { - "ETag": { - "description": "The version tag of the resource", - "schema": { - "type": "string" + "summary": "Validates provided token.", + "requestBody": { + "content": { + "application/x-www-form-urlencoded": { + "schema": { + "type": "object", + "properties": { + "token": { + "type": "string", + "description": "Gets or sets the token" + }, + "token_type_hint": { + "type": "string", + "description": "Gets or sets the token type hint" + } } }, - "Last-Modified": { - "description": "The last modified date of the resource", - "schema": { - "type": "string" + "encoding": { + "token": { + "style": "form" + }, + "token_type_hint": { + "style": "form" } } - }, + } + } + }, + "responses": { + "200": { + "description": "OK", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/AccessListInfoDto" + "$ref": "#/components/schemas/IntrospectionResponse" } } } - }, - "204": { - "description": "The access list did not exist or was already deleted" - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] + } + } + }, + "/logout": { + "get": { + "tags": [ + "Logout" + ], + "summary": "Logs out user", + "responses": { + "302": { + "description": "Found" } - ] - }, - "put": { + } + } + }, + "/frontchannel_logout": { + "get": { "tags": [ - "Access List" + "Logout" ], - "summary": "Create or update an access list.", - "parameters": [ - { - "name": "owner", - "in": "path", - "description": "The resource owner", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "identifier", - "in": "path", - "description": "The resource owner-unique identifier", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" + "summary": "Frontchannel logout for OIDC", + "responses": { + "200": { + "description": "OK" + } + } + } + }, + "/openid/.well-known/openid-configuration": { + "get": { + "tags": [ + "OpenId" + ], + "summary": "Returns a discovery document", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/DiscoveryDocument" + } + } } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", - "schema": { - "type": "string" + } + } + } + }, + "/openid/.well-known/openid-configuration/jwks": { + "get": { + "tags": [ + "OpenId" + ], + "summary": "Returns the JSON Web Key Set to use when validating a token.", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/JwksDocument" + } + } } } + } + } + }, + "/systemuser/request/vendor": { + "post": { + "tags": [ + "RequestSystemUser" ], + "summary": "Creates a new Request based on a SystemId for a SystemUser.", "requestBody": { - "description": "Information about the access list", + "description": "The request model", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CreateAccessListModel" + "$ref": "#/components/schemas/CreateRequestSystemUser" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/CreateRequestSystemUser" + } + }, + "application/*+json": { + "schema": { + "$ref": "#/components/schemas/CreateRequestSystemUser" } } } @@ -437,181 +341,138 @@ "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } - } - }, - "content": { - "application/json": { + }, + "text/json": { "schema": { - "$ref": "#/components/schemas/AccessListInfoDto" + "$ref": "#/components/schemas/RequestSystemResponse" } } } - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] } - ] - }, - "patch": { + } + } + }, + "/systemuser/request/vendor/{requestId}": { + "get": { "tags": [ - "Access List" + "RequestSystemUser" ], - "summary": "Update an access list.", - "description": "This method is not implemented yet. See the put method instead.", + "summary": "Retrieves the Status (Response model) for a Request\r\nbased only on the Request.Id GUID", "parameters": [ { - "name": "owner", + "name": "requestId", "in": "path", - "description": "The resource owner", + "description": "The UUID for the Request", "required": true, "schema": { - "type": "string" + "type": "string", + "format": "uuid" } - }, + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/RequestSystemResponse" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/RequestSystemResponse" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/RequestSystemResponse" + } + } + } + } + } + }, + "delete": { + "tags": [ + "RequestSystemUser" + ], + "summary": "Used by the Vendors to delete the chosen Request by guid", + "parameters": [ { - "name": "identifier", + "name": "requestId", "in": "path", - "description": "The resource owner-unique identifier", "required": true, "schema": { - "type": "string" + "type": "string", + "format": "uuid" } } ], - "requestBody": { - "description": "The patch document containing what to update", - "content": { - "application/json-patch+json": { - "schema": { - "$ref": "#/components/schemas/JsonPatchDocument" - } - }, - "application/json": { - "schema": { - "$ref": "#/components/schemas/JsonPatchDocument" - } - } - } - }, "responses": { "200": { "description": "OK", "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/RequestSystemResponse" + } + }, "application/json": { "schema": { - "$ref": "#/components/schemas/AccessListInfoDto" + "$ref": "#/components/schemas/RequestSystemResponse" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/RequestSystemResponse" } } } - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] } - ] + } } }, - "/access-lists/{owner}/{identifier}/members": { + "/systemuser/request/vendor/byexternalref/{systemId}/{orgNo}/{externalRef}": { "get": { "tags": [ - "Access List Members" + "RequestSystemUser" ], - "summary": "Get access list members.", - "operationId": "access-lists/get-members", + "summary": "Retrieves the Status (Response model) for a Request\r\nbased on the SystemId, OrgNo and the ExternalRef \r\n( which is enforced as a unique combination )", "parameters": [ { - "name": "owner", + "name": "systemId", "in": "path", - "description": "The resource owner", + "description": "The Id for the chosen Registered System.", "required": true, "schema": { "type": "string" } }, { - "name": "identifier", + "name": "externalRef", "in": "path", - "description": "The resource owner-unique identifier", + "description": "The chosen external ref the Vendor sent in to the Create Request", "required": true, "schema": { "type": "string" } }, { - "name": "token", - "in": "query", - "description": "Optional continuation token", - "schema": { - "$ref": "#/components/schemas/AccessListMembersContinuationTokenOpaque" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", + "name": "orgNo", + "in": "path", + "description": "The organisation number for the customer", + "required": true, "schema": { "type": "string" } @@ -620,861 +481,443 @@ "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } }, - "Last-Modified": { - "description": "The last modified date of the resource", - "schema": { - "type": "string" - } - } - }, - "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/AccessListMembershipDtoAggregateVersionVersionedPaginated" - } - } - } - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "304": { - "description": "Not Modified", - "headers": { - "ETag": { - "description": "The version tag of the resource", - "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "text/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } } } - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead" - ] } - ] - }, - "put": { + } + } + }, + "/systemuser/request/{party}/{requestId}": { + "get": { "tags": [ - "Access List Members" + "RequestSystemUser" ], - "summary": "Replace access list members.", - "description": "This effectively overwrites all members with the ones included in the request. It should not be used for lists with more than 100 members.", + "summary": "Used by the BFF to authenticate the PartyId to retrieve the chosen Request by guid", "parameters": [ { - "name": "owner", + "name": "party", "in": "path", - "description": "The resource owner", "required": true, "schema": { - "type": "string" + "type": "integer", + "format": "int32" } }, { - "name": "identifier", + "name": "requestId", "in": "path", - "description": "The resource owner-unique identifier", "required": true, "schema": { - "type": "string" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", - "schema": { - "type": "string" + "type": "string", + "format": "uuid" } } ], - "requestBody": { - "description": "The new members-list", - "content": { - "application/json": { - "schema": { - "required": [ - "data" - ], - "type": "object", - "items": { - "$ref": "#/components/schemas/PartyUrn" - }, - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/PartyUrn" - } - } - }, - "description": "Object sent to the API to add/remove/overwrite members from an access list." - } - } - } - }, "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } - } - }, - "content": { - "application/json": { + }, + "text/json": { "schema": { - "$ref": "#/components/schemas/AccessListMembershipDtoAggregateVersionVersionedPaginated" + "$ref": "#/components/schemas/RequestSystemResponse" } } } - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] } - ] - }, + } + } + }, + "/systemuser/request/{party}/{requestId}/approve": { "post": { "tags": [ - "Access List Members" + "RequestSystemUser" ], - "summary": "Add new members to an access list.", - "description": "This method is idempotent, meaning that if a member already exists, it will not be added again.", + "summary": "Approves the systemuser requet and creates a system user", "parameters": [ { - "name": "owner", + "name": "party", "in": "path", - "description": "The resource owner", + "description": "the partyId", "required": true, "schema": { - "type": "string" + "type": "integer", + "format": "int32" } }, { - "name": "identifier", + "name": "requestId", "in": "path", - "description": "The resource owner-unique identifier", + "description": "The UUID of the request to be approved", "required": true, "schema": { - "type": "string" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", - "schema": { - "type": "string" + "type": "string", + "format": "uuid" } } ], - "requestBody": { - "description": "The new members-list", - "content": { - "application/json": { - "schema": { - "required": [ - "data" - ], - "type": "object", - "items": { - "$ref": "#/components/schemas/PartyUrn" - }, - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/PartyUrn" - } - } - }, - "description": "Object sent to the API to add/remove/overwrite members from an access list." - } - } - } - }, "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } - } - }, - "content": { - "application/json": { + }, + "text/json": { "schema": { - "$ref": "#/components/schemas/AccessListMembershipDtoAggregateVersionVersionedPaginated" + "$ref": "#/components/schemas/RequestSystemResponse" } } } - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] } - ] - }, - "delete": { + } + } + }, + "/systemuser/request/vendor/bysystem/{systemId}": { + "get": { "tags": [ - "Access List Members" + "RequestSystemUser" ], - "summary": "Remove members from an access list if they exist.", - "description": "This method is idempotent, meaning that if a member does not exist, it will not be removed.", + "summary": "Retrieves a list of Status-Response-model for all Requests that the Vendor has for a given system they own.", + "operationId": "vendor/bysystem", "parameters": [ { - "name": "owner", - "in": "path", - "description": "The resource owner", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "identifier", + "name": "systemId", "in": "path", - "description": "The resource owner-unique identifier", + "description": "The system the Vendor wants the list for", "required": true, "schema": { "type": "string" } }, { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", + "name": "token", + "in": "query", + "description": "Optional continuation token", "schema": { - "type": "string" + "$ref": "#/components/schemas/GuidOpaque" } } ], - "requestBody": { - "description": "The new members-list", - "content": { - "application/json": { - "schema": { - "required": [ - "data" - ], - "type": "object", - "items": { - "$ref": "#/components/schemas/PartyUrn" - }, - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/PartyUrn" - } - } - }, - "description": "Object sent to the API to add/remove/overwrite members from an access list." - } - } - } - }, "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponsePaginated" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponsePaginated" } - } - }, - "content": { - "application/json": { + }, + "text/json": { "schema": { - "$ref": "#/components/schemas/AccessListMembershipDtoAggregateVersionVersionedPaginated" + "$ref": "#/components/schemas/RequestSystemResponsePaginated" } } } - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] } - ] + } } }, - "/access-lists/{owner}/{identifier}/resource-connections": { - "get": { + "/systemuser/request/{party}/{requestId}/reject": { + "post": { "tags": [ - "Access List Resource Connections" + "RequestSystemUser" ], - "summary": "Get all resource connections for an access list.", - "operationId": "access-lists/get-resource-connections", + "summary": "Rejects the systemuser request", "parameters": [ { - "name": "owner", + "name": "party", "in": "path", - "description": "The resource owner", + "description": "the partyId", "required": true, "schema": { - "type": "string" + "type": "integer", + "format": "int32" } }, { - "name": "identifier", + "name": "requestId", "in": "path", - "description": "The resource owner-unique identifier", + "description": "The UUID of the request to be rejected", "required": true, "schema": { - "type": "string" - } - }, - { - "name": "token", - "in": "query", - "description": "Optional continuation token", - "schema": { - "$ref": "#/components/schemas/AccessListResourceConnectionContinuationTokenOpaque" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", - "schema": { - "type": "string" + "type": "string", + "format": "uuid" } } ], "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RequestSystemResponse" } - } - }, - "content": { - "application/json": { + }, + "text/json": { "schema": { - "$ref": "#/components/schemas/AccessListResourceConnectionDtoAggregateVersionVersionedPaginated" + "$ref": "#/components/schemas/RequestSystemResponse" } } } - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "304": { - "description": "Not Modified", - "headers": { - "ETag": { - "description": "The version tag of the resource", + } + } + } + }, + "/systemregister": { + "get": { + "tags": [ + "SystemRegister" + ], + "summary": "Retrieves the List of all the Registered Systems, except those marked as deleted.", + "responses": { + "200": { + "description": "OK", + "content": { + "text/plain": { "schema": { - "type": "string" + "type": "array", + "items": { + "$ref": "#/components/schemas/RegisteredSystemDTO" + } } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "type": "array", + "items": { + "$ref": "#/components/schemas/RegisteredSystemDTO" + } + } + }, + "text/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/RegisteredSystemDTO" + } } } } - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead" - ] } - ] + } } }, - "/access-lists/{owner}/{identifier}/resource-connections/{resourceIdentifier}": { - "put": { + "/systemregister/{systemId}": { + "get": { "tags": [ - "Access List Resource Connections" + "SystemRegister" ], - "summary": "Creates or update a resource connection to an access list.", - "description": "This method is idempotent, meaning that if a resource connection already exists, it will be updated.", + "summary": "Retrieves a Registered System frontend DTO for the systemId.", "parameters": [ { - "name": "owner", + "name": "systemId", "in": "path", - "description": "The resource owner", + "description": "The Id of the Registered System", "required": true, "schema": { "type": "string" } - }, + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/RegisteredSystemDTO" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/RegisteredSystemDTO" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/RegisteredSystemDTO" + } + } + } + } + } + } + }, + "/systemregister/vendor/{systemId}": { + "get": { + "tags": [ + "SystemRegister" + ], + "summary": "Retrieves a Registered System for the systemId.", + "parameters": [ { - "name": "identifier", + "name": "systemId", "in": "path", - "description": "The resource owner-unique identifier", + "description": "The Id of the Registered System", "required": true, "schema": { "type": "string" } - }, - { - "name": "resourceIdentifier", - "in": "path", - "description": "The resource identifier", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", - "schema": { - "type": "string" - } } ], - "requestBody": { - "description": "The resource connection info", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/UpsertAccessListResourceConnectionDto" - } - } - } - }, "responses": { "200": { "description": "OK", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RegisteredSystem" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/RegisteredSystem" } - } - }, - "content": { - "application/json": { + }, + "text/json": { "schema": { - "$ref": "#/components/schemas/AccessListResourceConnectionWithVersionDto" + "$ref": "#/components/schemas/RegisteredSystem" } } } - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] - } - ] + } }, - "delete": { + "put": { "tags": [ - "Access List Resource Connections" + "SystemRegister" ], - "summary": "Removes a resource connection from an access list if it exists.", - "description": "This method is idempotent, meaning that if a resource connection does not exist, it will not be removed.", + "summary": "Replaces the entire registered system", "parameters": [ { - "name": "owner", - "in": "path", - "description": "The resource owner", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "identifier", - "in": "path", - "description": "The resource owner-unique identifier", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "resourceIdentifier", + "name": "systemId", "in": "path", - "description": "The resource identifier", + "description": "The Id of the Registered System", "required": true, "schema": { "type": "string" } - }, - { - "name": "If-Match", - "in": "header", - "description": "If-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-None-Match", - "in": "header", - "description": "If-None-Match header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Modified-Since", - "in": "header", - "description": "If-Modified-Since header", - "schema": { - "type": "string" - } - }, - { - "name": "If-Unmodified-Since", - "in": "header", - "description": "If-Unmodified-Since header", - "schema": { - "type": "string" - } } ], + "requestBody": { + "description": "The updated system model", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/RegisterSystemRequest" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/RegisterSystemRequest" + } + }, + "application/*+json": { + "schema": { + "$ref": "#/components/schemas/RegisterSystemRequest" + } + } + } + }, "responses": { "200": { - "description": "The resource connection was removed", - "headers": { - "ETag": { - "description": "The version tag of the resource", + "description": "OK", + "content": { + "text/plain": { "schema": { - "type": "string" + "$ref": "#/components/schemas/SystemRegisterUpdateResult" } }, - "Last-Modified": { - "description": "The last modified date of the resource", + "application/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/SystemRegisterUpdateResult" } - } - }, - "content": { - "application/json": { + }, + "text/json": { "schema": { - "$ref": "#/components/schemas/AccessListResourceConnectionWithVersionDto" + "$ref": "#/components/schemas/SystemRegisterUpdateResult" } } } - }, - "204": { - "description": "The resource connection did not exist" - }, - "404": { - "description": "Not Found" - }, - "412": { - "description": "Precondition Failed" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "AccessListRead", - "AccessListWrite" - ] } - ] - } - }, - "/altinn2export/resource": { - "get": { + } + }, + "delete": { "tags": [ - "Altinn2Export" + "SystemRegister" ], - "summary": "Returns a Service Resources based on Altinn 2 ServiceMetadata for a service", + "summary": "Set the registered system to be deleted.", "parameters": [ { - "name": "serviceCode", - "in": "query", + "name": "systemId", + "in": "path", + "description": "The human readable string id", + "required": true, "schema": { "type": "string" } - }, - { - "name": "serviceEditionCode", - "in": "query", - "schema": { - "type": "integer", - "format": "int32" - } } ], "responses": { "200": { "description": "OK", "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/SystemRegisterUpdateResult" + } + }, "application/json": { "schema": { - "$ref": "#/components/schemas/ServiceResource" + "$ref": "#/components/schemas/SystemRegisterUpdateResult" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/SystemRegisterUpdateResult" } } } @@ -1482,64 +925,21 @@ } } }, - "/altinn2export/policy": { - "get": { - "tags": [ - "Altinn2Export" - ], - "summary": "Returns a Service Resources based on Altinn 2 ServiceMetadata for a service", - "parameters": [ - { - "name": "serviceCode", - "in": "query", - "schema": { - "type": "string" - } - }, - { - "name": "serviceEditionCode", - "in": "query", - "schema": { - "type": "integer", - "format": "int32" - } - }, - { - "name": "resourceIdentifier", - "in": "query", - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "OK" - } - } - } - }, - "/altinn2export/delegationcount": { + "/systemregister/{systemId}/rights": { "get": { "tags": [ - "Altinn2Export" + "SystemRegister" ], - "summary": "Information about number of delegations for a service", + "summary": "Retrieves a list of the predfined default rights for the Product type, if any", "parameters": [ { - "name": "serviceCode", - "in": "query", + "name": "systemId", + "in": "path", + "description": "The Id of the Product", + "required": true, "schema": { "type": "string" } - }, - { - "name": "serviceEditionCode", - "in": "query", - "schema": { - "type": "integer", - "format": "int32" - } } ], "responses": { @@ -1548,186 +948,149 @@ "content": { "text/plain": { "schema": { - "$ref": "#/components/schemas/DelegationCountOverview" + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + } } }, "application/json": { "schema": { - "$ref": "#/components/schemas/DelegationCountOverview" + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + } } }, "text/json": { "schema": { - "$ref": "#/components/schemas/DelegationCountOverview" - } - }, - "application/xml+rdf": { - "schema": { - "$ref": "#/components/schemas/DelegationCountOverview" + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + } } } } - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "Admin" - ] } - ] + } } }, - "/altinn2export/exportdelegations": { + "/systemregister/vendor": { "post": { "tags": [ - "Altinn2Export" + "SystemRegister" ], - "summary": "Request a batch run of delegations from service in Altinn 2 to resource in Altinn 3", + "summary": "Create a new System", "requestBody": { + "description": "The descriptor model of a new Registered System", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/ExportDelegationsRequestBE" + "$ref": "#/components/schemas/RegisterSystemRequest" } }, "text/json": { "schema": { - "$ref": "#/components/schemas/ExportDelegationsRequestBE" + "$ref": "#/components/schemas/RegisterSystemRequest" } }, "application/*+json": { "schema": { - "$ref": "#/components/schemas/ExportDelegationsRequestBE" + "$ref": "#/components/schemas/RegisterSystemRequest" } } } }, "responses": { "200": { - "description": "OK" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "Admin" - ] + "description": "OK", + "content": { + "text/plain": { + "schema": { + "type": "string", + "format": "uuid" + } + }, + "application/json": { + "schema": { + "type": "string", + "format": "uuid" + } + }, + "text/json": { + "schema": { + "type": "string", + "format": "uuid" + } + } + } } - ] + } } }, - "/altinn2export/setserviceeditionexpired": { - "get": { + "/systemregister/vendor/{systemId}/rights": { + "put": { "tags": [ - "Altinn2Export" + "SystemRegister" ], - "summary": "Sets a given service expired to hide delegation functionality. Proxy for bridge functionality. Called by Altinn Studio and used as part of the migration of delegation process", + "summary": "Updates the rights on a registered system", "parameters": [ { - "name": "externalServiceCode", - "in": "query", + "name": "systemId", + "in": "path", + "description": "The human readable string id", + "required": true, "schema": { "type": "string" } - }, - { - "name": "externalServiceEditionCode", - "in": "query", - "schema": { - "type": "integer", - "format": "int32" - } } ], - "responses": { - "200": { - "description": "OK" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "Admin" - ] - } - ] - } - }, - "/resource/resourcelist": { - "get": { - "tags": [ - "Resource" - ], - "summary": "List of all resources", - "parameters": [ - { - "name": "includeApps", - "in": "query", - "description": "Include App resources", - "schema": { - "type": "boolean", - "default": true - } - }, - { - "name": "includeAltinn2", - "in": "query", - "description": "Include Altinn 2 resources", - "schema": { - "type": "boolean", - "default": true + "requestBody": { + "description": "A list of rights", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + } + } + }, + "text/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + } + } + }, + "application/*+json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + } + } } } - ], + }, "responses": { "200": { "description": "OK", "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/SystemRegisterUpdateResult" + } + }, "application/json": { "schema": { - "type": "array", - "items": { - "$ref": "#/components/schemas/ServiceResource" - } + "$ref": "#/components/schemas/SystemRegisterUpdateResult" } - } - } - } - } - } - }, - "/resource/export": { - "get": { - "tags": [ - "Resource" - ], - "summary": "List of all resources", - "responses": { - "200": { - "description": "OK", - "content": { - "application/xml+rdf": { + }, + "text/json": { "schema": { - "type": "string" + "$ref": "#/components/schemas/SystemRegisterUpdateResult" } } } @@ -1735,46 +1098,58 @@ } } }, - "/resource/{id}": { + "/systemuser/{party}": { "get": { "tags": [ - "Resource" + "SystemUser" ], - "summary": "Gets a single resource by its resource identifier if it exists in the resource registry", + "summary": "Returns the list of SystemUsers this PartyID has registered", "parameters": [ { - "name": "id", + "name": "party", "in": "path", - "description": "The resource identifier to retrieve", "required": true, "schema": { - "type": "string" + "type": "integer", + "format": "int32" } } ], "responses": { "200": { - "description": "OK", + "description": "OK" + }, + "404": { + "description": "Not Found", "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + } + }, "application/json": { "schema": { - "$ref": "#/components/schemas/ServiceResource" + "$ref": "#/components/schemas/ProblemDetails" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" } } } } } }, - "put": { + "post": { "tags": [ - "Resource" + "SystemUser" ], - "summary": "Updates a service resource in the resource registry if it pass all validation checks", + "summary": "Creates a new SystemUser\r\nThe unique Id for the systemuser is handled by the db.\r\nBut the calling client may send a guid for the request of creating a new system user\r\nto ensure that there is no mismatch if the same partyId creates several new SystemUsers at the same time", "parameters": [ { - "name": "id", + "name": "party", "in": "path", - "description": "Resource ID", "required": true, "schema": { "type": "string" @@ -1782,367 +1157,235 @@ } ], "requestBody": { - "description": "Service resource model for update in the resource registry", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/ServiceResource" + "$ref": "#/components/schemas/SystemUserRequestDto" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/SystemUserRequestDto" + } + }, + "application/*+json": { + "schema": { + "$ref": "#/components/schemas/SystemUserRequestDto" } } } }, "responses": { - "200": { - "description": "OK" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "ScopeResourceRegistryWrite" - ] - } - ] - }, - "delete": { - "tags": [ - "Resource" - ], - "summary": "Deletes a resource from the resource registry", - "parameters": [ - { - "name": "id", - "in": "path", - "description": "The resource identifier to delete", - "required": true, - "schema": { - "type": "string" + "201": { + "description": "Created", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SystemUser" + } + } } - } - ], - "responses": { - "200": { - "description": "OK" }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "ScopeResourceRegistryWrite" - ] - } - ] - } - }, - "/resource": { - "post": { - "tags": [ - "Resource" - ], - "summary": "Creates a service resource in the resource registry if it pass all validation checks", - "requestBody": { - "description": "Service resource model to create in the resource registry", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ServiceResource" + "404": { + "description": "Not Found", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + } } } } - }, - "responses": { - "200": { - "description": "OK" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "ScopeResourceRegistryWrite" - ] - } - ] + } } }, - "/resource/{id}/policy": { + "/systemuser/{party}/{systemUserId}": { "get": { "tags": [ - "Resource" + "SystemUser" ], - "summary": "Returns the XACML policy for a resource in resource registry.", + "summary": "Return a single SystemUser by PartyId and SystemUserId", "parameters": [ { - "name": "id", + "name": "party", "in": "path", - "description": "Resource Id", "required": true, "schema": { - "type": "string" + "type": "integer", + "format": "int32" } - } - ], - "responses": { - "200": { - "description": "OK" - } - } - }, - "post": { - "tags": [ - "Resource" - ], - "summary": "Creates or overwrites the existing XACML policy for the resource, if it pass all validation checks.\r\nThe XACML policy must define at least a subject and resource, and will be used to restrict access for the resource.", - "parameters": [ + }, { - "name": "id", + "name": "systemUserId", "in": "path", - "description": "The resource identifier to store the policy for", "required": true, "schema": { - "type": "string" + "type": "string", + "format": "uuid" } } ], - "requestBody": { - "description": "The XACML policy file", - "content": { - "multipart/form-data": { - "schema": { - "type": "object", - "properties": { - "policyFile": { - "type": "string", - "format": "binary" - } + "responses": { + "200": { + "description": "OK" + }, + "404": { + "description": "Not Found", + "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" } }, - "encoding": { - "policyFile": { - "style": "form" + "application/json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" } } } } - }, - "responses": { - "200": { - "description": "OK" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "ScopeResourceRegistryWrite" - ] - } - ] + } }, - "put": { + "delete": { "tags": [ - "Resource" + "SystemUser" ], - "summary": "Creates or overwrites the existing XACML policy for the resource, if it pass all validation checks.\r\nThe XACML policy must define at least a subject and resource, and will be used to restrict access for the resource.", + "summary": "Set the Delete flag on the identified SystemUser", "parameters": [ { - "name": "id", + "name": "systemUserId", + "in": "path", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + }, + { + "name": "party", "in": "path", - "description": "The resource identifier to store the policy for", "required": true, "schema": { "type": "string" } } ], - "requestBody": { - "description": "The XACML policy file", - "content": { - "multipart/form-data": { - "schema": { - "type": "object", - "properties": { - "policyFile": { - "type": "string", - "format": "binary" - } + "responses": { + "200": { + "description": "OK" + }, + "404": { + "description": "Not Found", + "content": { + "text/plain": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" } }, - "encoding": { - "policyFile": { - "style": "form" + "application/json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" } } } } - }, - "responses": { - "200": { - "description": "OK" - }, - "401": { - "description": "Unauthorized" - }, - "403": { - "description": "Forbidden" - } - }, - "security": [ - { - "oauth2": [ - "ScopeResourceRegistryWrite" - ] - } - ] + } } }, - "/resource/{id}/policy/subjects": { + "/systemuser/byExternalId": { "get": { "tags": [ - "Resource" + "SystemUser" ], - "summary": "Returns the XACML policy for a resource in resource registry.", + "summary": "Used by MaskinPorten, to find if a given systemOrg owns a SystemUser Integration for a Vendor's Product, by an ExternalId", "parameters": [ { - "name": "id", - "in": "path", - "description": "Resource Id", - "required": true, + "name": "clientId", + "in": "query", + "description": "The unique id maintained by MaskinPorten tying their clients to the Registered Systems the ServiceProivders have created in our db.", "schema": { "type": "string" } }, { - "name": "reloadFromXacml", + "name": "systemProviderOrgNo", "in": "query", - "description": "Defines if subjects should be reloaded from Xacml", + "description": "The legal number (Orgno) of the Vendor creating the Registered System (Accounting system)", "schema": { - "type": "boolean" + "type": "string" } - } - ], - "responses": { - "200": { - "description": "OK", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/AttributeMatchV2Paginated" - } - } + }, + { + "name": "systemUserOwnerOrgNo", + "in": "query", + "description": "The legal number (Orgno) of the party owning the System User Integration", + "schema": { + "type": "string" } } + ], + "responses": { + "200": { + "description": "OK" + } } } }, - "/resource/bysubjects": { - "post": { + "/systemuser": { + "put": { "tags": [ - "Resource" + "SystemUser" ], - "summary": "Returns a list of Subject resources. For each which subject and then a list of all resources that are connected.", + "summary": "Replaces the values for the existing system user with those from the update", "requestBody": { - "description": "List of subjects for resource information is needed", "content": { "application/json": { "schema": { - "type": "array", - "items": { - "type": "string" - } + "$ref": "#/components/schemas/SystemUserUpdateDto" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/SystemUserUpdateDto" + } + }, + "application/*+json": { + "schema": { + "$ref": "#/components/schemas/SystemUserUpdateDto" } } } }, "responses": { "200": { - "description": "OK", + "description": "OK" + }, + "404": { + "description": "Not Found", "content": { - "application/json": { + "text/plain": { "schema": { - "$ref": "#/components/schemas/SubjectResourcesPaginated" + "$ref": "#/components/schemas/ProblemDetails" } - } - } - } - } - } - }, - "/resource/Search": { - "get": { - "tags": [ - "Resource" - ], - "summary": "Allows for searching for resources in the resource registry", - "parameters": [ - { - "name": "Id", - "in": "query", - "schema": { - "type": "string" - } - }, - { - "name": "Title", - "in": "query", - "schema": { - "type": "string" - } - }, - { - "name": "Description", - "in": "query", - "schema": { - "type": "string" - } - }, - { - "name": "ResourceType", - "in": "query", - "schema": { - "$ref": "#/components/schemas/ResourceType" - } - }, - { - "name": "Keyword", - "in": "query", - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "OK", - "content": { + }, "application/json": { "schema": { - "type": "array", - "items": { - "$ref": "#/components/schemas/ServiceResource" - } + "$ref": "#/components/schemas/ProblemDetails" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/ProblemDetails" } } } @@ -2150,39 +1393,29 @@ } } }, - "/resource/updated": { + "/systemuser/vendor/bysystem/{systemId}": { "get": { "tags": [ - "Resource" + "SystemUser" ], - "summary": "Gets the updated resources since the provided last updated time (inclusive)", - "operationId": "updated", + "summary": "Retrieves a list of SystemUsers the Vendor has for a given system they own.", + "operationId": "vendor/systemusers/bysystem", "parameters": [ { - "name": "since", - "in": "query", - "description": "Date time used for filtering", + "name": "systemId", + "in": "path", + "description": "The system the Vendor wants the list for", + "required": true, "schema": { - "type": "string", - "format": "date-time" + "type": "string" } }, { "name": "token", "in": "query", - "description": "Opaque continuation token containing ResourceUrn,SubjectUrn pair to skip past on rows matching \"since\" exactly", - "schema": { - "$ref": "#/components/schemas/UpdatedResourceSubjectsContinuationTokenOpaque" - } - }, - { - "name": "limit", - "in": "query", - "description": "Maximum number of pairs returned (1-1000, default: 1000)", + "description": "Optional continuation token", "schema": { - "type": "integer", - "format": "int32", - "default": 1000 + "$ref": "#/components/schemas/StringOpaque" } } ], @@ -2190,29 +1423,19 @@ "200": { "description": "OK", "content": { - "application/json": { + "text/plain": { "schema": { - "$ref": "#/components/schemas/UpdatedResourceSubjectPaginated" + "$ref": "#/components/schemas/SystemUserPaginated" } - } - } - } - } - } - }, - "/resource/orgs": { - "get": { - "tags": [ - "ResourceOwner" - ], - "summary": "Endpoint to get the org list from CDN", - "responses": { - "200": { - "description": "OK", - "content": { + }, "application/json": { "schema": { - "$ref": "#/components/schemas/OrgList" + "$ref": "#/components/schemas/SystemUserPaginated" + } + }, + "text/json": { + "schema": { + "$ref": "#/components/schemas/SystemUserPaginated" } } } @@ -2223,1235 +1446,717 @@ }, "components": { "schemas": { - "AccessListIncludes": { - "type": "array", - "items": { - "enum": [ - "resources", - "resource-actions", - "members" - ], - "type": "string" - } - }, - "AccessListInfoDto": { - "required": [ - "createdAt", - "description", - "identifier", - "name", - "updatedAt" - ], - "type": "object", - "properties": { - "identifier": { - "type": "string", - "description": "The access list identifier", - "format": "slug", - "example": "godkjente-banker" - }, - "name": { - "type": "string", - "description": "The access list name", - "example": "Godkjente banker" - }, - "description": { - "type": "string", - "description": "The access list description", - "example": "En liste over godkjente banker" - }, - "createdAt": { - "type": "string", - "description": "When the access list was created", - "format": "date-time" - }, - "updatedAt": { - "type": "string", - "description": "When the access list was updated", - "format": "date-time" - }, - "resourceConnections": { - "type": "array", - "items": { - "$ref": "#/components/schemas/AccessListResourceConnectionDto" - }, - "description": "The resource connections", - "nullable": true - } - }, - "additionalProperties": false, - "description": "Represents public access list metadata." - }, - "AccessListInfoDtoPaginated": { - "required": [ - "data", - "links" - ], - "type": "object", - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/AccessListInfoDto" - }, - "description": "The items." - }, - "links": { - "$ref": "#/components/schemas/PaginatedLinks" - } - }, - "additionalProperties": false, - "description": "A paginated Altinn.ResourceRegistry.Models.ListObject`1." - }, - "AccessListMembersContinuationTokenOpaque": { - "type": "string", - "properties": { - "value": { - "$ref": "#/components/schemas/AccessListsController.AccessListMembersContinuationToken" - } - }, - "additionalProperties": false, - "description": "\r\n\r\n An opaque value is a value that can be transmitted to another party\r\n without divulging any type information or expectations about the value.\r\n \r\n\r\n\r\n Opaque values are typically usefull in APIs where the server wants to\r\n be able to return a value that the client later needs to send back to\r\n the server, but where the server does not want to expose the type of\r\n the value to the client. For instance, in a pagination scenario, the\r\n server can use an opaque int to do pagination by page number, while\r\n allowing itself to later change the implementation to use a cursor\r\n instead of a page number without breaking the API.\r\n " - }, - "AccessListMembershipDto": { + "AttributePair": { "required": [ "id", - "since" - ], - "type": "object", - "properties": { - "id": { - "$ref": "#/components/schemas/PartyUrn.PartyUuid" - }, - "since": { - "type": "string", - "description": "Since when the party has been a member of the access list.", - "format": "date-time" - }, - "identifiers": { - "type": "object", - "properties": { - "urn:altinn:party:id": { - "type": "integer", - "format": "int32" - }, - "urn:altinn:party:uuid": { - "type": "string", - "format": "uuid" - }, - "urn:altinn:organization:identifier-no": { - "$ref": "#/components/schemas/OrganizationNumber" - } - }, - "additionalProperties": false, - "description": "An optional set of identifiers.", - "nullable": true - } - }, - "additionalProperties": false, - "description": "Represents an access list membership." - }, - "AccessListMembershipDtoAggregateVersionVersionedPaginated": { - "required": [ - "data", - "links" - ], - "type": "object", - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/AccessListMembershipDto" - }, - "description": "The items." - }, - "links": { - "$ref": "#/components/schemas/PaginatedLinks" - } - }, - "additionalProperties": false, - "description": "A paginated Altinn.ResourceRegistry.Models.ListObject`1 with version information." - }, - "AccessListResourceConnectionContinuationTokenOpaque": { - "type": "string", - "properties": { - "value": { - "$ref": "#/components/schemas/AccessListsController.AccessListResourceConnectionContinuationToken" - } - }, - "additionalProperties": false, - "description": "\r\n\r\n An opaque value is a value that can be transmitted to another party\r\n without divulging any type information or expectations about the value.\r\n \r\n\r\n\r\n Opaque values are typically usefull in APIs where the server wants to\r\n be able to return a value that the client later needs to send back to\r\n the server, but where the server does not want to expose the type of\r\n the value to the client. For instance, in a pagination scenario, the\r\n server can use an opaque int to do pagination by page number, while\r\n allowing itself to later change the implementation to use a cursor\r\n instead of a page number without breaking the API.\r\n " - }, - "AccessListResourceConnectionDto": { - "required": [ - "createdAt", - "resourceIdentifier", - "updatedAt" - ], - "type": "object", - "properties": { - "resourceIdentifier": { - "type": "string", - "description": "The resource identifier." - }, - "createdAt": { - "type": "string", - "description": "When the connection was created.", - "format": "date-time" - }, - "updatedAt": { - "type": "string", - "description": "When the connection was last updated.", - "format": "date-time" - }, - "actionFilters": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Gets the allowed actions or null if all actions are allowed.", - "nullable": true - } - }, - "additionalProperties": false, - "description": "Model for creating an access list resource connection." - }, - "AccessListResourceConnectionDtoAggregateVersionVersionedPaginated": { - "required": [ - "data", - "links" - ], - "type": "object", - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/AccessListResourceConnectionDto" - }, - "description": "The items." - }, - "links": { - "$ref": "#/components/schemas/PaginatedLinks" - } - }, - "additionalProperties": false, - "description": "A paginated Altinn.ResourceRegistry.Models.ListObject`1 with version information." - }, - "AccessListResourceConnectionWithVersionDto": { - "required": [ - "createdAt", - "resourceIdentifier", - "updatedAt" - ], - "type": "object", - "properties": { - "resourceIdentifier": { - "type": "string", - "description": "The resource identifier." - }, - "createdAt": { - "type": "string", - "description": "When the connection was created.", - "format": "date-time" - }, - "updatedAt": { - "type": "string", - "description": "When the connection was last updated.", - "format": "date-time" - }, - "actionFilters": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Gets the allowed actions or null if all actions are allowed.", - "nullable": true - } - }, - "additionalProperties": false, - "description": "A Altinn.ResourceRegistry.Models.AccessListResourceConnectionDto with version information." - }, - "AccessListResourceMembershipWithActionFilterDto": { - "type": "object", - "properties": { - "party": { - "$ref": "#/components/schemas/PartyUrn.PartyUuid" - }, - "resource": { - "$ref": "#/components/schemas/ResourceUrn.ResourceId" - }, - "since": { - "type": "string", - "description": "Since when this party has been a member of the list connected to the party.", - "format": "date-time" - }, - "actionFilters": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Gets the allowed actions or null if all actions are allowed.", - "nullable": true - } - }, - "additionalProperties": false, - "description": "Represents a party's membership of a access list connected to a specific resource with an optional set of action filters." - }, - "AccessListResourceMembershipWithActionFilterDtoListObject": { - "required": [ - "data" - ], - "type": "object", - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/AccessListResourceMembershipWithActionFilterDto" - }, - "description": "The items." - } - }, - "additionalProperties": false, - "description": "A concrete list object." - }, - "AccessListsController.AccessListMembersContinuationToken": { - "type": "object", - "properties": { - "version": { - "type": "integer", - "description": "The access list version.", - "format": "int64" - }, - "continueFrom": { - "type": "string", - "description": "What member to continue from.", - "format": "uuid" - } - }, - "additionalProperties": false, - "description": "Continuation token for access list members." - }, - "AccessListsController.AccessListResourceConnectionContinuationToken": { - "type": "object", - "properties": { - "version": { - "type": "integer", - "description": "The access list version.", - "format": "int64" - }, - "continueFrom": { - "type": "string", - "description": "What resource identifier to continue from." - } - }, - "additionalProperties": false, - "description": "Continuation token for access list resource connections." - }, - "AggregateVersionIVersionedEntityCondition": { - "type": "object", - "additionalProperties": false - }, - "AttributeMatchV2": { - "required": [ - "type", - "urn", "value" ], "type": "object", "properties": { - "type": { - "minLength": 1, - "type": "string" - }, - "value": { - "minLength": 1, - "type": "string" - }, - "urn": { - "minLength": 1, - "type": "string" - } - }, - "additionalProperties": false - }, - "AttributeMatchV2Paginated": { - "required": [ - "data", - "links" - ], - "type": "object", - "properties": { - "data": { - "type": "array", - "items": { - "$ref": "#/components/schemas/AttributeMatchV2" - }, - "description": "The items." - }, - "links": { - "$ref": "#/components/schemas/PaginatedLinks" - } - }, - "additionalProperties": false, - "description": "A paginated Altinn.ResourceRegistry.Models.ListObject`1." - }, - "AuthorizationReferenceAttribute": { - "type": "object", - "properties": { - "id": { - "type": "string", - "nullable": true - }, - "value": { - "type": "string", - "nullable": true - } - }, - "additionalProperties": false - }, - "CharReadOnlyMemory": { - "type": "object", - "properties": { - "length": { - "type": "integer", - "format": "int32", - "readOnly": true - }, - "isEmpty": { - "type": "boolean", - "readOnly": true - }, - "span": { - "$ref": "#/components/schemas/CharReadOnlySpan" - } - }, - "additionalProperties": false - }, - "CharReadOnlySpan": { - "type": "object", - "properties": { - "length": { - "type": "integer", - "format": "int32", - "readOnly": true + "id": { + "minLength": 1, + "type": "string" }, - "isEmpty": { - "type": "boolean", - "readOnly": true + "value": { + "minLength": 1, + "type": "string" } }, "additionalProperties": false }, - "CompetentAuthority": { + "CreateRequestSystemUser": { + "required": [ + "partyOrgNo", + "rights", + "systemId" + ], "type": "object", "properties": { - "organization": { + "externalRef": { "type": "string", "nullable": true }, - "orgcode": { - "type": "string", - "nullable": true + "systemId": { + "minLength": 1, + "type": "string" }, - "name": { - "type": "object", - "additionalProperties": { - "type": "string", - "nullable": true - }, + "partyOrgNo": { + "minLength": 1, + "type": "string" + }, + "rights": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + } + }, + "redirectUrl": { + "type": "string", "nullable": true } }, "additionalProperties": false }, - "ContactPoint": { + "DiscoveryDocument": { "type": "object", "properties": { - "category": { + "issuer": { "type": "string", + "description": "URL of the issuer", "nullable": true }, - "email": { + "jwks_uri": { "type": "string", + "description": "URL of the JSON Web Key Set document.", "nullable": true }, - "telephone": { + "authorization_endpoint": { "type": "string", + "description": "URL of the OAuth 2.0 Authorization Endpoint.", "nullable": true }, - "contactPage": { + "token_endpoint": { "type": "string", + "description": "URL of the OAuth 2.0 Token Endpoint.", "nullable": true - } - }, - "additionalProperties": false - }, - "CreateAccessListModel": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "The party registry name." }, - "description": { + "userinfo_endpoint": { "type": "string", - "description": "The (optional) party registry description.", + "description": "Url of the UserInfo Endpoint.", "nullable": true - } - }, - "additionalProperties": false, - "description": "Model used for creating or updating an access list." - }, - "DelegationCountOverview": { - "type": "object", - "properties": { - "numberOfDelegations": { - "type": "integer", - "format": "int32" - }, - "numberOfRelations": { - "type": "integer", - "format": "int32" - } - }, - "additionalProperties": false - }, - "ExportDelegationsRequestBE": { - "required": [ - "dateTimeForExport", - "resourceId", - "serviceCode", - "serviceEditionCode" - ], - "type": "object", - "properties": { - "serviceCode": { - "minLength": 1, - "type": "string" - }, - "serviceEditionCode": { - "type": "integer", - "format": "int32" }, - "resourceId": { - "minLength": 1, - "type": "string" - }, - "dateTimeForExport": { - "type": "string", - "format": "date-time" - } - }, - "additionalProperties": false - }, - "JsonPatchAddOperation": { - "required": [ - "op", - "path", - "value" - ], - "type": "object", - "properties": { - "op": { - "enum": [ - "add" - ], + "end_session_endpoint": { "type": "string", - "description": "The operation to perform" - }, - "path": { - "$ref": "#/components/schemas/JsonPointer" + "description": "URL of the end session Endpoint.", + "nullable": true }, - "value": { - "description": "The value to add." - } - }, - "additionalProperties": false - }, - "JsonPatchCopyOperation": { - "required": [ - "op", - "from", - "path" - ], - "type": "object", - "properties": { - "op": { - "enum": [ - "copy" - ], + "check_session_iframe": { "type": "string", - "description": "The operation to perform" + "description": "URL for the session check Endpoint.", + "nullable": true }, - "from": { - "$ref": "#/components/schemas/JsonPointer" + "revocation_endpoint": { + "type": "string", + "description": "URL for the revocation endpoint.", + "nullable": true }, - "path": { - "$ref": "#/components/schemas/JsonPointer" - } - }, - "additionalProperties": false - }, - "JsonPatchDocument": { - "type": "array", - "items": { - "$ref": "#/components/schemas/JsonPatchOperation" - }, - "description": "A RFC 6902 JSON Patch document." - }, - "JsonPatchMoveOperation": { - "required": [ - "op", - "from", - "path" - ], - "type": "object", - "properties": { - "op": { - "enum": [ - "move" - ], + "introspection_endpoint": { "type": "string", - "description": "The operation to perform" + "description": "URL for the introspection endpoint.", + "nullable": true }, - "from": { - "$ref": "#/components/schemas/JsonPointer" + "frontchannel_logout_supported": { + "type": "boolean", + "description": "Value indicating whether there is a front channel mechanism for logout.", + "nullable": true }, - "path": { - "$ref": "#/components/schemas/JsonPointer" - } - }, - "additionalProperties": false - }, - "JsonPatchOperation": { - "type": "object", - "oneOf": [ - { - "$ref": "#/components/schemas/JsonPatchAddOperation" + "frontchannel_logout_session_supported": { + "type": "boolean", + "description": "Value indicating wheter there is a front channel mechanism for session logout.", + "nullable": true }, - { - "$ref": "#/components/schemas/JsonPatchCopyOperation" + "scopes_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported scopes.", + "nullable": true }, - { - "$ref": "#/components/schemas/JsonPatchMoveOperation" + "claims_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported claims.", + "nullable": true }, - { - "$ref": "#/components/schemas/JsonPatchRemoveOperation" + "response_types_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported response types.", + "nullable": true }, - { - "$ref": "#/components/schemas/JsonPatchReplaceOperation" + "response_modes_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported response modes.", + "nullable": true }, - { - "$ref": "#/components/schemas/JsonPatchTestOperation" - } - ], - "additionalProperties": false, - "description": "Represents a RFC 6902 JSON Patch operation.", - "discriminator": { - "propertyName": "op", - "mapping": { - "add": "#/components/schemas/JsonPatchAddOperation", - "copy": "#/components/schemas/JsonPatchCopyOperation", - "move": "#/components/schemas/JsonPatchMoveOperation", - "remove": "#/components/schemas/JsonPatchRemoveOperation", - "replace": "#/components/schemas/JsonPatchReplaceOperation", - "test": "#/components/schemas/JsonPatchTestOperation" - } - } - }, - "JsonPatchOperationType": { - "enum": [ - null, - "add", - "remove", - "replace", - "move", - "copy", - "test" - ], - "type": "integer", - "description": "JSON Patch operation types.", - "format": "int32" - }, - "JsonPatchRemoveOperation": { - "required": [ - "op", - "path" - ], - "type": "object", - "properties": { - "op": { - "enum": [ - "remove" - ], - "type": "string", - "description": "The operation to perform" + "grant_types_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported grant types.", + "nullable": true }, - "path": { - "$ref": "#/components/schemas/JsonPointer" - } - }, - "additionalProperties": false - }, - "JsonPatchReplaceOperation": { - "required": [ - "op", - "path", - "value" - ], - "type": "object", - "properties": { - "op": { - "enum": [ - "replace" - ], - "type": "string", - "description": "The operation to perform" + "subject_types_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported subject types.", + "nullable": true + }, + "id_token_signing_alg_values_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported signing algorithms.", + "nullable": true }, - "path": { - "$ref": "#/components/schemas/JsonPointer" + "token_endpoint_auth_methods_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported authentication methods on the token endpoint.", + "nullable": true }, - "value": { - "description": "The value to replace with." + "code_challenge_methods_supported": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of supported code challenge methods.", + "nullable": true } }, - "additionalProperties": false + "additionalProperties": false, + "description": "Represents the well known discovery document described by \"OpenID Connect Discovery 1.0 incorporating errata set 1\"\r\nURL: https://openid.net/specs/openid-connect-discovery-1_0.html (and other specifications)" }, - "JsonPatchTestOperation": { - "required": [ - "op", - "path", - "value" - ], + "GuidOpaque": { "type": "object", "properties": { - "op": { - "enum": [ - "test" - ], - "type": "string", - "description": "The operation to perform" - }, - "path": { - "$ref": "#/components/schemas/JsonPointer" - }, "value": { - "description": "The value to match." + "type": "string", + "description": "Gets the inner value.", + "format": "uuid" } }, - "additionalProperties": false - }, - "JsonPointer": { - "type": "string", - "description": "Represents a JSON Pointer as defined in RFC 6901.", - "format": "json-pointer", - "example": "/foo/bar" + "additionalProperties": false, + "description": "\r\n\r\n An opaque value is a value that can be transmitted to another party\r\n without divulging any type information or expectations about the value.\r\n \r\n\r\n\r\n Opaque values are typically usefull in APIs where the server wants to\r\n be able to return a value that the client later needs to send back to\r\n the server, but where the server does not want to expose the type of\r\n the value to the client. For instance, in a pagination scenario, the\r\n server can use an opaque int to do pagination by page number, while\r\n allowing itself to later change the implementation to use a cursor\r\n instead of a page number without breaking the API.\r\n " }, - "JsonPointer.Segment": { + "IntrospectionResponse": { "type": "object", "properties": { - "isEmpty": { + "active": { "type": "boolean", - "description": "Gets weather the segment is empty.", - "readOnly": true + "description": "Gets or sects the active property indicating if the request token was valid" + }, + "iss": { + "type": "string", + "description": "Gets or sets the issuer of the validated request token.", + "nullable": true } }, "additionalProperties": false, - "description": "A segment of a JSON Pointer." + "description": "Introspection response object" }, - "Keyword": { + "JwkDocument": { "type": "object", "properties": { - "word": { + "kty": { "type": "string", + "description": "Gets or sets the type of key this is. E.g. RSA", "nullable": true }, - "language": { + "use": { "type": "string", - "nullable": true - } - }, - "additionalProperties": false - }, - "Org": { - "type": "object", - "properties": { - "name": { - "type": "object", - "additionalProperties": { - "type": "string", - "nullable": true - }, + "description": "Gets or sets the type of use. E.g. sig", "nullable": true }, - "logo": { + "kid": { "type": "string", + "description": "Gets or sets a unique id for the key.", "nullable": true }, - "orgnr": { + "e": { "type": "string", + "description": "Gets or sets the RSA exponent value of the key.", "nullable": true }, - "homepage": { + "n": { "type": "string", + "description": "Gets or sets the RSA modulus value of the key.", "nullable": true }, - "environments": { + "x5c": { "type": "array", "items": { "type": "string" }, + "description": "Gets or sets a list of base64 encoded certificate where each new item is the parent certificate of the previous in a certificate chain.", "nullable": true } }, - "additionalProperties": false + "additionalProperties": false, + "description": "Represents a Json Wen Key as described by \"JSON Web Key (JWK) draft-ietf-jose-json-web-key-41\"\r\nURL: https://tools.ietf.org/html/draft-ietf-jose-json-web-key-41" }, - "OrgList": { + "JwksDocument": { "type": "object", "properties": { - "orgs": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/Org" + "keys": { + "type": "array", + "items": { + "$ref": "#/components/schemas/JwkDocument" }, + "description": "Gets or sets the list of keys in the key set.", "nullable": true } }, - "additionalProperties": false - }, - "OrganizationNumber": { - "type": "object", - "additionalProperties": false + "additionalProperties": false, + "description": "Represents a Json Wen Key set as described by \"JSON Web Key (JWK) draft-ietf-jose-json-web-key-41\"\r\nURL: https://tools.ietf.org/html/draft-ietf-jose-json-web-key-41" }, "PaginatedLinks": { - "required": [ - "next" - ], "type": "object", "properties": { "next": { "type": "string", "description": "Link to the next page of items (if any).", - "format": "uri-reference", - "nullable": true, - "example": "/foo/bar/bat?page=2" - } - }, - "additionalProperties": false, - "description": "Pagination links." - }, - "PartyUrn": { - "type": "string", - "oneOf": [ - { - "$ref": "#/components/schemas/PartyUrn.PartyId" - }, - { - "$ref": "#/components/schemas/PartyUrn.PartyUuid" - }, - { - "$ref": "#/components/schemas/PartyUrn.OrganizationIdentifier" - } - ], - "additionalProperties": false, - "format": "urn", - "example": "urn:altinn:party:id:123" - }, - "PartyUrn.OrganizationIdentifier": { - "pattern": "^urn:altinn:organization:identifier-no:.+$", - "type": "string", - "additionalProperties": false, - "format": "urn", - "example": "urn:altinn:organization:identifier-no:123456789" - }, - "PartyUrn.PartyId": { - "pattern": "^urn:altinn:party:id:.+$", - "type": "string", - "additionalProperties": false, - "format": "urn", - "example": "urn:altinn:party:id:123" - }, - "PartyUrn.PartyUuid": { - "pattern": "^urn:altinn:party:uuid:.+$", - "type": "string", - "additionalProperties": false, - "format": "urn", - "example": "urn:altinn:party:uuid:049d6f78-f087-41c3-a4ec-c98f5451e387" - }, - "PartyUrn.Type": { - "enum": [ - 1, - 2, - 3 - ], - "type": "integer", - "format": "int32" - }, - "ReferenceSource": { - "enum": [ - 0, - 1, - 2, - 3, - 4 - ], - "type": "integer", - "format": "int32" - }, - "ReferenceType": { - "enum": [ - 0, - 1, - 2, - 3, - 4, - 5, - 6 - ], - "type": "integer", - "format": "int32" - }, - "ResourceAccessListMode": { - "enum": [ - 0, - 1 - ], - "type": "integer", - "format": "int32" - }, - "ResourceIdentifier": { - "type": "object", - "additionalProperties": false - }, - "ResourcePartyType": { - "enum": [ - "PrivatePerson", - "LegalEntityEnterprise", - "Company", - "BankruptcyEstate", - "SelfRegisteredUser" - ], - "type": "string" + "nullable": true + } + }, + "additionalProperties": false, + "description": "Pagination links." }, - "ResourceReference": { + "ProblemDetails": { "type": "object", "properties": { - "referenceSource": { - "$ref": "#/components/schemas/ReferenceSource" + "type": { + "type": "string", + "nullable": true + }, + "title": { + "type": "string", + "nullable": true + }, + "status": { + "type": "integer", + "format": "int32", + "nullable": true }, - "reference": { + "detail": { "type": "string", "nullable": true }, - "referenceType": { - "$ref": "#/components/schemas/ReferenceType" + "instance": { + "type": "string", + "nullable": true } }, - "additionalProperties": false - }, - "ResourceType": { - "enum": [ - 0, - 1, - 2, - 4, - 8, - 16, - 32, - 64 - ], - "type": "integer", - "format": "int32" - }, - "ResourceUrn.ResourceId": { - "pattern": "^urn:altinn:resource:.+$", - "type": "string", - "additionalProperties": false, - "format": "urn", - "example": "urn:altinn:resource:test" - }, - "ResourceUrn.Type": { - "enum": [ - 1 - ], - "type": "integer", - "format": "int32" + "additionalProperties": { } }, - "ServiceResource": { + "RegisterSystemRequest": { "required": [ - "contactPoints", + "clientId", "description", - "hasCompetentAuthority", - "identifier", - "title" + "id", + "name", + "vendor" ], "type": "object", "properties": { - "identifier": { - "minLength": 1, - "type": "string" - }, - "version": { + "id": { "type": "string", "nullable": true }, - "title": { - "type": "object", - "additionalProperties": { - "type": "string" - } + "vendor": { + "$ref": "#/components/schemas/VendorInfo" }, - "description": { + "name": { "type": "object", "additionalProperties": { "type": "string" - } + }, + "nullable": true }, - "rightDescription": { + "description": { "type": "object", "additionalProperties": { "type": "string" }, "nullable": true }, - "homepage": { - "type": "string", + "rights": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + }, "nullable": true }, - "status": { - "type": "string", - "nullable": true + "isDeleted": { + "type": "boolean" }, - "spatial": { + "clientId": { "type": "array", "items": { "type": "string" }, "nullable": true }, - "contactPoints": { - "type": "array", - "items": { - "$ref": "#/components/schemas/ContactPoint" - } + "isVisible": { + "type": "boolean" }, - "produces": { + "allowedRedirectUrls": { "type": "array", "items": { - "type": "string" + "type": "string", + "format": "uri" }, "nullable": true - }, - "isPartOf": { + } + }, + "additionalProperties": false + }, + "RegisteredSystem": { + "required": [ + "description", + "name", + "systemId", + "systemInternalId", + "systemName", + "systemVendorOrgName", + "systemVendorOrgNumber" + ], + "type": "object", + "properties": { + "systemInternalId": { "type": "string", - "nullable": true + "format": "uuid" }, - "thematicAreas": { - "type": "array", - "items": { + "systemId": { + "minLength": 1, + "type": "string" + }, + "systemVendorOrgNumber": { + "minLength": 1, + "type": "string" + }, + "systemVendorOrgName": { + "minLength": 1, + "type": "string" + }, + "systemName": { + "minLength": 1, + "type": "string" + }, + "name": { + "type": "object", + "additionalProperties": { "type": "string" }, "nullable": true }, - "resourceReferences": { - "type": "array", - "items": { - "$ref": "#/components/schemas/ResourceReference" + "description": { + "type": "object", + "additionalProperties": { + "type": "string" }, "nullable": true }, - "delegable": { - "type": "boolean" - }, - "visible": { - "type": "boolean" - }, - "hasCompetentAuthority": { - "$ref": "#/components/schemas/CompetentAuthority" - }, - "keywords": { + "rights": { "type": "array", "items": { - "$ref": "#/components/schemas/Keyword" + "$ref": "#/components/schemas/Right" }, "nullable": true }, - "accessListMode": { - "$ref": "#/components/schemas/ResourceAccessListMode" - }, - "selfIdentifiedUserEnabled": { - "type": "boolean" - }, - "enterpriseUserEnabled": { + "softDeleted": { "type": "boolean" }, - "resourceType": { - "$ref": "#/components/schemas/ResourceType" - }, - "availableForType": { + "clientId": { "type": "array", "items": { - "$ref": "#/components/schemas/ResourcePartyType" + "type": "string" }, "nullable": true }, - "authorizationReference": { + "isVisible": { + "type": "boolean" + }, + "allowedRedirectUrls": { "type": "array", "items": { - "$ref": "#/components/schemas/AuthorizationReferenceAttribute" + "type": "string", + "format": "uri" }, "nullable": true } }, "additionalProperties": false }, - "StringOpaque": { - "type": "string", + "RegisteredSystemDTO": { + "required": [ + "description", + "name", + "systemId", + "systemVendorOrgNumber" + ], + "type": "object", "properties": { - "value": { + "systemId": { "type": "string", - "description": "Gets the inner value.", + "nullable": true + }, + "systemVendorOrgNumber": { + "type": "string", + "nullable": true + }, + "systemVendorOrgName": { + "type": "string", + "nullable": true + }, + "name": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "nullable": true + }, + "description": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "nullable": true + }, + "rights": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Right" + }, "nullable": true } }, - "additionalProperties": false, - "description": "\r\n\r\n An opaque value is a value that can be transmitted to another party\r\n without divulging any type information or expectations about the value.\r\n \r\n\r\n\r\n Opaque values are typically usefull in APIs where the server wants to\r\n be able to return a value that the client later needs to send back to\r\n the server, but where the server does not want to expose the type of\r\n the value to the client. For instance, in a pagination scenario, the\r\n server can use an opaque int to do pagination by page number, while\r\n allowing itself to later change the implementation to use a cursor\r\n instead of a page number without breaking the API.\r\n " + "additionalProperties": false }, - "SubjectResources": { + "RequestSystemResponse": { "required": [ - "resources", - "subject" + "id", + "partyOrgNo", + "rights", + "status", + "systemId" ], "type": "object", "properties": { - "subject": { - "$ref": "#/components/schemas/AttributeMatchV2" + "id": { + "type": "string", + "format": "uuid" + }, + "externalRef": { + "type": "string", + "nullable": true + }, + "systemId": { + "minLength": 1, + "type": "string" + }, + "partyOrgNo": { + "minLength": 1, + "type": "string" }, - "resources": { + "rights": { "type": "array", "items": { - "$ref": "#/components/schemas/AttributeMatchV2" + "$ref": "#/components/schemas/Right" } + }, + "status": { + "minLength": 1, + "type": "string" + }, + "redirectUrl": { + "type": "string", + "nullable": true + }, + "confirmUrl": { + "type": "string", + "nullable": true } }, "additionalProperties": false }, - "SubjectResourcesPaginated": { - "required": [ - "data", - "links" - ], + "RequestSystemResponsePaginated": { "type": "object", "properties": { "data": { "type": "array", "items": { - "$ref": "#/components/schemas/SubjectResources" + "$ref": "#/components/schemas/RequestSystemResponse" }, - "description": "The items." + "description": "The items.", + "nullable": true }, "links": { "$ref": "#/components/schemas/PaginatedLinks" } }, "additionalProperties": false, - "description": "A paginated Altinn.ResourceRegistry.Models.ListObject`1." + "description": "A paginated Altinn.Platform.Authentication.Model.ListObject`1." + }, + "Right": { + "type": "object", + "properties": { + "action": { + "type": "string", + "nullable": true + }, + "resource": { + "type": "array", + "items": { + "$ref": "#/components/schemas/AttributePair" + }, + "nullable": true + } + }, + "additionalProperties": false + }, + "StringOpaque": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Gets the inner value.", + "nullable": true + } + }, + "additionalProperties": false, + "description": "\r\n\r\n An opaque value is a value that can be transmitted to another party\r\n without divulging any type information or expectations about the value.\r\n \r\n\r\n\r\n Opaque values are typically usefull in APIs where the server wants to\r\n be able to return a value that the client later needs to send back to\r\n the server, but where the server does not want to expose the type of\r\n the value to the client. For instance, in a pagination scenario, the\r\n server can use an opaque int to do pagination by page number, while\r\n allowing itself to later change the implementation to use a cursor\r\n instead of a page number without breaking the API.\r\n " + }, + "SystemRegisterUpdateResult": { + "type": "object", + "properties": { + "succeeded": { + "type": "boolean" + } + }, + "additionalProperties": false }, - "UpdatedResourceSubject": { + "SystemUser": { "type": "object", "properties": { - "subjectUrn": { + "id": { + "type": "string", + "nullable": true + }, + "integrationTitle": { + "type": "string", + "nullable": true + }, + "systemId": { + "type": "string", + "nullable": true + }, + "productName": { + "type": "string", + "nullable": true + }, + "systemInternalId": { + "type": "string", + "format": "uuid", + "nullable": true + }, + "partyId": { "type": "string", - "format": "uri", "nullable": true }, - "resourceUrn": { + "reporteeOrgNo": { "type": "string", - "format": "uri", "nullable": true }, - "updatedAt": { + "created": { "type": "string", "format": "date-time" }, - "deleted": { + "isDeleted": { "type": "boolean" + }, + "supplierName": { + "type": "string", + "nullable": true + }, + "supplierOrgno": { + "type": "string", + "nullable": true } }, "additionalProperties": false }, - "UpdatedResourceSubjectPaginated": { - "required": [ - "data", - "links" - ], + "SystemUserPaginated": { "type": "object", "properties": { "data": { "type": "array", "items": { - "$ref": "#/components/schemas/UpdatedResourceSubject" + "$ref": "#/components/schemas/SystemUser" }, - "description": "The items." + "description": "The items.", + "nullable": true }, "links": { "$ref": "#/components/schemas/PaginatedLinks" } }, "additionalProperties": false, - "description": "A paginated Altinn.ResourceRegistry.Models.ListObject`1." + "description": "A paginated Altinn.Platform.Authentication.Model.ListObject`1." }, - "UpdatedResourceSubjectsContinuationToken": { + "SystemUserRequestDto": { "type": "object", "properties": { - "resourceUrn": { + "integrationTitle": { "type": "string", - "description": "The resourceUrn.", - "format": "uri", "nullable": true }, - "subjectUrn": { + "systemId": { "type": "string", - "description": "The subjectUrn.", - "format": "uri", "nullable": true } }, - "additionalProperties": false, - "description": "Continuation token for updated resource subjects. Used with \"since\" value to serve\r\nas tiebreaker when paginating over resource subjects having the same \"updatedAt\" value\r\nsplit across pages" + "additionalProperties": false }, - "UpdatedResourceSubjectsContinuationTokenOpaque": { - "type": "string", + "SystemUserUpdateDto": { + "type": "object", "properties": { - "value": { - "$ref": "#/components/schemas/UpdatedResourceSubjectsContinuationToken" + "id": { + "type": "string", + "nullable": true + }, + "partyId": { + "type": "string", + "nullable": true + }, + "reporteeOrgNo": { + "type": "string", + "nullable": true + }, + "integrationTitle": { + "type": "string", + "nullable": true + }, + "systemId": { + "type": "string", + "nullable": true } }, - "additionalProperties": false, - "description": "\r\n\r\n An opaque value is a value that can be transmitted to another party\r\n without divulging any type information or expectations about the value.\r\n \r\n\r\n\r\n Opaque values are typically usefull in APIs where the server wants to\r\n be able to return a value that the client later needs to send back to\r\n the server, but where the server does not want to expose the type of\r\n the value to the client. For instance, in a pagination scenario, the\r\n server can use an opaque int to do pagination by page number, while\r\n allowing itself to later change the implementation to use a cursor\r\n instead of a page number without breaking the API.\r\n " + "additionalProperties": false }, - "UpsertAccessListResourceConnectionDto": { + "VendorInfo": { "type": "object", "properties": { - "actionFilters": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The allowed actions - if null or empty, all actions will be allowed.", + "ID": { + "type": "string", "nullable": true } }, - "additionalProperties": false, - "description": "Model for creating or updating an access list resource connection." - } - }, - "securitySchemes": { - "oauth2": { - "type": "apiKey", - "description": "Standard Authorization header using the Bearer scheme. Example: \"bearer {token}\"", - "name": "Authorization", - "in": "header" + "additionalProperties": false } } }