REST API
Tenant Manager REST API documentation version v1
{schema}://{host}/api/{version}
- schema: required(one of http, https - default: http)
- host: required(string - default: localhost)
- version: required(v1)
- Tenants
- Templates
- Scopes
- Roles
- Default resources
- Identity providers
- Keycloak servers
- Package types
- Subscriptions
- Index management
- Js policy
- Js policy mapping
Tenants
Operations on tenants and tenant users.
get /tenants
Returns information about tenants.
- kaa:tenant:read on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1 - realm_name: optional (string)
Filters tenants by realm name.
Example:
my-realm-name - status: optional (string)
Filters tenants by status.
Example:
CREATING - opendistro_enabled: optional (string)
Filters tenants by OpenDistro.
Example:
true - subscription_type: optional (string)
Filters tenants by subscription type.
Example:
PERMANENT
HTTP status code 200
Tenant list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of Tenant)
Items: Tenant
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: required(integer)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- user_roles: required(integer)
Defines user roles for the tenant.
- issuer: required(string)
URL of the auth service.
- internal_issuer: optional (string)
Internal URL of the auth service.
- status: required(one of AVAILABLE, SUSPENDED, CREATING, FAILED, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
- keycloak_server: required(integer)
Auth server.
- package_type: required(integer)
Package type of the tenant.
- opendistro_enabled: optional (boolean)
Open Distro status of the tenant.
- js_policies: required(array of items)
Array of JS policies.
- subscription_type: required(one of PERMANENT, RENEWAL)
Tenant subscription type.
- id: required(string)
Example:
{
"count": 2,
"results": [
{
"id": "80786da9-985a-4e01-a51a-c5872e03d44f",
"realm_name": "alpha-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"user_roles": 1,
"issuer": "https://{identity-provider-host}/auth/realms/80786da9-985a-4e01-a51a-c5872e03d44f",
"internal_issuer": "http://{internal-provider-host/auth/realms/80786da9-985a-4e01-a51a-c5872e03d44f",
"status": "AVAILABLE",
"created": "2020-03-06T14:49:08.339576Z",
"keycloak_server": 1,
"package_type": 5,
"opendistro_enabled": true,
"js_policies": [1],
"subscription_type": "PERMANENT"
},
{
"id": "6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
"realm_name": "beta-realm",
"client_frontend_id": "fb6d9435-448d-46b8-82b1-60e91c2e1307",
"client_backend_id": "d5cd59ff-6f1d-45f5-a84a-28877fa2cd36",
"client_backend_secret": "bda83b4a-4633-4767-a68b-6153c7901131",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 2,
"user_roles": 1,
"issuer": "https://{identity-provider-host}/auth/realms/6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
"internal_issuer": "http://{internal-provider-host/auth/realms/6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
"status": "AVAILABLE",
"created": "2020-03-06T14:49:11.180017Z",
"keycloak_server": 1,
"package_type": 5,
"opendistro_enabled": true,
"js_policies": [1],
"subscription_type": "RENEWAL"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /tenants
Registers new tenant.
- kaa:tenant:create on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- realm_name: required(string)
Realm name (not id!).
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: optional (boolean)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- user_roles: required(integer)
Defines user roles for the tenant.
- keycloak_server: required(integer)
Auth server.
- package_type: required(integer)
Package type of the tenant.
- subscription_type: required(one of PERMANENT, RENEWAL)
Tenant subscription type.
Example:
{
"realm_name": "delta-realm",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"user_roles": 1,
"keycloak_server": 1,
"package_type": 1,
"subscription_type": "RENEWAL"
}
HTTP status code 201
Tenant is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: required(integer)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- user_roles: required(integer)
Defines user roles for the tenant.
- issuer: required(string)
URL of the auth service.
- internal_issuer: optional (string)
Internal URL of the auth service.
- status: required(one of AVAILABLE, SUSPENDED, CREATING, FAILED, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
- keycloak_server: required(integer)
Auth server.
- package_type: required(integer)
Package type of the tenant.
- opendistro_enabled: optional (boolean)
Open Distro status of the tenant.
- js_policies: required(array of items)
Array of JS policies.
- subscription_type: required(one of PERMANENT, RENEWAL)
Tenant subscription type.
Example:
{
"id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
"realm_name": "delta-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"user_roles": 1,
"issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
"internal_issuer": "http://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
"status": "CREATING",
"created": "2020-02-24T10:46:29.657054Z",
"keycloak_server": 1,
"package_type": 5,
"opendistro_enabled": true,
"js_policies": [],
"subscription_type": "PERMANENT"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/{tenantId}
Retrieve tenant.
- kaa:tenant:read on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 200
Tenant is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: required(integer)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- user_roles: required(integer)
Defines user roles for the tenant.
- issuer: required(string)
URL of the auth service.
- internal_issuer: optional (string)
Internal URL of the auth service.
- status: required(one of AVAILABLE, SUSPENDED, CREATING, FAILED, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
- keycloak_server: required(integer)
Auth server.
- package_type: required(integer)
Package type of the tenant.
- opendistro_enabled: optional (boolean)
Open Distro status of the tenant.
- js_policies: required(array of items)
Array of JS policies.
- subscription_type: required(one of PERMANENT, RENEWAL)
Tenant subscription type.
Example:
{
"id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
"realm_name": "delta-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"user_roles": 1,
"issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
"internal_issuer": "http://{internal-provider-host/auth/realms/6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
"status": "AVAILABLE",
"created": "2020-02-24T10:46:29.657054Z",
"keycloak_server": 1,
"package_type": 5,
"opendistro_enabled": true,
"js_policies": [1],
"subscription_type": "RENEWAL"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /tenants/{tenantId}
Update tenant
- kaa:tenant:update on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
Body
Media type: application/json
Type: object
Properties
- realm_name: required(string)
Realm name (not id!).
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: optional (boolean)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- user_roles: required(integer)
Defines user roles for the tenant.
- keycloak_server: required(integer)
Auth server.
- package_type: required(integer)
Package type of the tenant.
- subscription_type: required(one of PERMANENT, RENEWAL)
Tenant subscription type.
Example:
{
"realm_name": "delta-realm",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"user_roles": 1,
"keycloak_server": 1,
"package_type": 1,
"subscription_type": "RENEWAL"
}
HTTP status code 201
Tenant is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: required(integer)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- user_roles: required(integer)
Defines user roles for the tenant.
- issuer: required(string)
URL of the auth service.
- internal_issuer: optional (string)
Internal URL of the auth service.
- status: required(one of AVAILABLE, SUSPENDED, CREATING, FAILED, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
- keycloak_server: required(integer)
Auth server.
- package_type: required(integer)
Package type of the tenant.
- opendistro_enabled: optional (boolean)
Open Distro status of the tenant.
- js_policies: required(array of items)
Array of JS policies.
- subscription_type: required(one of PERMANENT, RENEWAL)
Tenant subscription type.
Example:
{
"id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
"realm_name": "delta-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"user_roles": 1,
"issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
"internal_issuer": "http://{internal-provider-host/auth/realms/6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
"status": "UPDATING",
"created": "2020-02-24T10:46:29.657054Z",
"keycloak_server": 1,
"package_type": 5,
"opendistro_enabled": true,
"js_policies": [1],
"subscription_type": "RENEWAL"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /tenants/{tenantId}
Delete tenant.
- kaa:tenant:delete on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 204
Tenant is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/{tenantId}/credentials
Retrieve tenant's credentials.
- kaa:tenant:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 200
Tenant's credentials are successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret.
- client_frontend_id: required(string)
Identifier of a client frontend.
- issuer: required(string)
URL of the auth service.
- internal_issuer: required(string)
Internal URL of the auth service.
- minio_secret: required(string)
Secret of the Minio service.
Example:
{
"id": "1957f6df-ca08-4052-962b-b14ec96ab8f5",
"realm_name": "delta-realm",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"issuer": "https://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5",
"internal_issuer": "http://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5",
"minio_secret": "e4ad7a8c-6f51-48d5-a851-ad709b7b2c2a"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /tenants/{tenantId}/credentials
Update tenant's credentials.
- kaa:tenant:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
Body
Media type: application/json
Type: object
Properties
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret.
- client_frontend_id: required(string)
Identifier of a client frontend.
Example:
{
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460"
}
HTTP status code 201
Tenant's credentials are successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret.
- client_frontend_id: required(string)
Identifier of a client frontend.
- issuer: required(string)
URL of the auth service.
- internal_issuer: required(string)
Internal URL of the auth service.
- minio_secret: required(string)
Secret of the Minio service.
Example:
{
"id": "1957f6df-ca08-4052-962b-b14ec96ab8f5",
"realm_name": "delta-realm",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"issuer": "https://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5",
"internal_issuer": "http://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5",
"minio_secret": "e4ad7a8c-6f51-48d5-a851-ad709b7b2c2a"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
/tenants/{tenantId}/resources get
get /tenants/{tenantId}/resources
Retrieve tenant's resources.
- kaa:tenant:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 200
Tenant's resources are successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- resources: required(object)
Tenant's resources.
Example:
{
"id": "ad1c734d-b2b0-4119-95be-b3e4e764d183",
"realm_name": "delta-realm",
"resources": {
"application": {
"count": 2,
"names": [
"application-20245dee3e56wk2p22eg",
"application-389ddbfc1o2n10iv596r0"
]
},
"dashboard": {
"count": 4,
"names": [
"dashboard-b0df883e-da00-4bb3-9c59-2586ae039e51",
"dashboard-525a304b-e811-4ad4-aa2a-e5131c8ac601",
"dashboard-000b6e9a-d383-4d51-a957-e6242a7e4309",
"dashboard-6bebac82-c603-4102-ad2e-61200659b121"
]
},
"endpoint": {
"count": 2,
"names": [
"endpoint-5ea39bfb-2171-43ad-a5ac-2b9c4bafbe5d",
"endpoint-22e587b3-ca5a-43a5-a56d-f72a3768c096"
]
}
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
/tenants/{tenantId}/package-type get
get /tenants/{tenantId}/package-type
Retrieve tenant's pacakge.
- kaa:tenant:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 200
Tenant's pacakge is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- package_type: required(integer)
Chosen package type.
- limits: required(object)
Package details.
- id: required(integer)
Unique identifier of a package type.
- name: required(string)
Name of the a package type.
- devices: required(integer)
Number of devices available within package type.
- applications: required(integer)
Number of applications available within package type.
- disk_size: required(integer)
Disk size of the package type.
- traffic: required(integer)
Traffic of the package type.
- description: required(string)
Explanation of the package type.
- id: required(integer)
Example:
{
"package_type": 5,
"limits": {
"id": 5,
"name": "cloud-5",
"devices": 5,
"applications": 5,
"disk_size": 5,
"traffic": 5,
"description": "Cloud package for 5 devices"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
/tenants/update post
post /tenants/update
Bulk update tenants.
- kaa:tenant:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- only_failed: optional (boolean)
Indicates updates only failed tenants.
- full_update: optional (boolean)
Fully update tenant.
- users: optional (boolean)
Updates users in Keycloak.
- clients: optional (boolean)
Indicates to update clients.
- scopes: optional (boolean)
Indicates to update scopes.
- roles: optional (boolean)
Indicates to update roles.
- resources: optional (boolean)
Indicates to update resources.
- realm_events: required(boolean)
Indicates to update realm events.
- kibana: required(boolean)
Indicates to update kibana.
- minio: optional (boolean)
Indicates to update minio.
Example:
{
"scopes": true,
"roles": true,
"resources": true
}HTTP status code 200
Bulk update tenants has started.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
/tenants/update/status get
get /tenants/update/status
Retrieve active celery tasks.
- kaa:tenant:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 200
Celery tasks are successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- tasks: required(object)
Active celery tasks.
- results: required(array of items)
Result of the runing tasks.
Example:
{
"tasks": {},
"results": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/users
Retrieve tenant users list.
- kaa:tenant:tenant-user:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Tenant users list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of TenantUser)
Items: TenantUser
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
- id: required(integer)
Example:
{
"count": 1,
"results": [
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /tenants/users
Create a new tenant user.
- kaa:tenant:tenant-user:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 201
Tenant user is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/users/{userId}
Retrieve tenant user.
- kaa:tenant:tenant-user:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- userId: required(integer)
Identifier of the tenant user to operate on.
Example:
2
HTTP status code 200
Tenant user is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /tenants/users/{userId}
Update user.
- kaa:tenant:tenant-user:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- userId: required(integer)
Identifier of the tenant user to operate on.
Example:
2
Body
Media type: application/json
Type: object
Properties
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 201
Tenant user is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /tenants/users/{userId}
Delete user.
- kaa:tenant:tenant-user:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- userId: required(integer)
Identifier of the tenant user to operate on.
Example:
2
HTTP status code 204
Tenant user is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Templates
Operations on realm, frontend client and backend client templates.
get /templates/realms
Retrieve realm templates list.
- kaa:tenant:realm-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm templates list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmTemplate)
Items: RealmTemplate
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
- id: required(integer)
Example:
{
"count": 1,
"results": [
{
"id": 1,
"template": {
"enabled": true,
"attributes": {
"failureFactor": "30",
"permanentLockout": "false",
"bruteForceProtected": "false",
"maxDeltaTimeSeconds": "43200",
"waitIncrementSeconds": "60",
"maxFailureWaitSeconds": "900",
"offlineSessionMaxLifespan": "5184000",
"_browser_header.xRobotsTag": "none",
"quickLoginCheckMilliSeconds": "1000",
"minimumQuickLoginWaitSeconds": "60",
"_browser_header.xFrameOptions": "SAMEORIGIN",
"_browser_header.xXSSProtection": "1; mode=block",
"offlineSessionMaxLifespanEnabled": "false",
"actionTokenGeneratedByUserLifespan": "300",
"_browser_header.xContentTypeOptions": "nosniff",
"actionTokenGeneratedByAdminLifespan": "43200",
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains",
"_browser_header.contentSecurityPolicyReportOnly": ""
},
"loginTheme": "kaa",
"rememberMe": false,
"smtpServer": {},
"browserFlow": "browser",
"sslRequired": "none",
"verifyEmail": false,
"defaultRoles": ["uma_authorization", "offline_access"],
"eventsEnabled": false,
"failureFactor": 30,
"otpPolicyType": "totp",
"directGrantFlow": "direct grant",
"eventsListeners": ["jboss-logging"],
"otpPolicyDigits": 6,
"otpPolicyPeriod": 30,
"permanentLockout": false,
"registrationFlow": "registration",
"supportedLocales": [],
"enabledEventTypes": [],
"accessCodeLifespan": 36000,
"adminEventsEnabled": false,
"otpPolicyAlgorithm": "HmacSHA1",
"revokeRefreshToken": false,
"accessTokenLifespan": 2592000,
"bruteForceProtected": false,
"editUsernameAllowed": false,
"maxDeltaTimeSeconds": 43200,
"registrationAllowed": false,
"requiredCredentials": ["password"],
"refreshTokenMaxReuse": 0,
"resetCredentialsFlow": "reset credentials",
"resetPasswordAllowed": false,
"waitIncrementSeconds": 60,
"loginWithEmailAllowed": true,
"maxFailureWaitSeconds": 900,
"ssoSessionIdleTimeout": 2592000,
"ssoSessionMaxLifespan": 2592000,
"browserSecurityHeaders": {
"xRobotsTag": "none",
"xFrameOptions": "SAMEORIGIN",
"xXSSProtection": "1; mode=block",
"xContentTypeOptions": "nosniff",
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"strictTransportSecurity": "max-age=31536000; includeSubDomains",
"contentSecurityPolicyReportOnly": ""
},
"duplicateEmailsAllowed": false,
"accessCodeLifespanLogin": 108000,
"otpPolicyInitialCounter": 0,
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth",
"otpPolicyLookAheadWindow": 1,
"otpSupportedApplications": ["FreeOTP", "Google Authenticator"],
"userManagedAccessAllowed": false,
"adminEventsDetailsEnabled": false,
"offlineSessionIdleTimeout": 2592000,
"offlineSessionMaxLifespan": 5184000,
"internationalizationEnabled": false,
"quickLoginCheckMilliSeconds": 1000,
"registrationEmailAsUsername": false,
"accessCodeLifespanUserAction": 18000,
"minimumQuickLoginWaitSeconds": 60,
"ssoSessionIdleTimeoutRememberMe": 0,
"ssoSessionMaxLifespanRememberMe": 0,
"offlineSessionMaxLifespanEnabled": false,
"accessTokenLifespanForImplicitFlow": 2592000,
"actionTokenGeneratedByUserLifespan": 18000,
"actionTokenGeneratedByAdminLifespan": 43200
},
"description": "realm template description"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /templates/realms
Create a new realm template.
- kaa:tenant:realm-template:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"template": {
"enabled": true,
"attributes": {
"failureFactor": "30",
"permanentLockout": "false",
"bruteForceProtected": "false",
"maxDeltaTimeSeconds": "43200",
"waitIncrementSeconds": "60",
"maxFailureWaitSeconds": "900",
"offlineSessionMaxLifespan": "5184000",
"_browser_header.xRobotsTag": "none",
"quickLoginCheckMilliSeconds": "1000",
"minimumQuickLoginWaitSeconds": "60",
"_browser_header.xFrameOptions": "SAMEORIGIN",
"_browser_header.xXSSProtection": "1; mode=block",
"offlineSessionMaxLifespanEnabled": "false",
"actionTokenGeneratedByUserLifespan": "300",
"_browser_header.xContentTypeOptions": "nosniff",
"actionTokenGeneratedByAdminLifespan": "43200",
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains",
"_browser_header.contentSecurityPolicyReportOnly": ""
},
"loginTheme": "kaa",
"rememberMe": false,
"smtpServer": {},
"browserFlow": "browser",
"sslRequired": "none",
"verifyEmail": false,
"defaultRoles": ["uma_authorization", "offline_access"],
"eventsEnabled": false,
"failureFactor": 30,
"otpPolicyType": "totp",
"directGrantFlow": "direct grant",
"eventsListeners": ["jboss-logging"],
"otpPolicyDigits": 6,
"otpPolicyPeriod": 30,
"permanentLockout": false,
"registrationFlow": "registration",
"supportedLocales": [],
"enabledEventTypes": [],
"accessCodeLifespan": 36000,
"adminEventsEnabled": false,
"otpPolicyAlgorithm": "HmacSHA1",
"revokeRefreshToken": false,
"accessTokenLifespan": 2592000,
"bruteForceProtected": false,
"editUsernameAllowed": false,
"maxDeltaTimeSeconds": 43200,
"registrationAllowed": false,
"requiredCredentials": ["password"],
"refreshTokenMaxReuse": 0,
"resetCredentialsFlow": "reset credentials",
"resetPasswordAllowed": false,
"waitIncrementSeconds": 60,
"loginWithEmailAllowed": true,
"maxFailureWaitSeconds": 900,
"ssoSessionIdleTimeout": 2592000,
"ssoSessionMaxLifespan": 2592000,
"browserSecurityHeaders": {
"xRobotsTag": "none",
"xFrameOptions": "SAMEORIGIN",
"xXSSProtection": "1; mode=block",
"xContentTypeOptions": "nosniff",
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"strictTransportSecurity": "max-age=31536000; includeSubDomains",
"contentSecurityPolicyReportOnly": ""
},
"duplicateEmailsAllowed": false,
"accessCodeLifespanLogin": 108000,
"otpPolicyInitialCounter": 0,
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth",
"otpPolicyLookAheadWindow": 1,
"otpSupportedApplications": ["FreeOTP", "Google Authenticator"],
"userManagedAccessAllowed": false,
"adminEventsDetailsEnabled": false,
"offlineSessionIdleTimeout": 2592000,
"offlineSessionMaxLifespan": 5184000,
"internationalizationEnabled": false,
"quickLoginCheckMilliSeconds": 1000,
"registrationEmailAsUsername": false,
"accessCodeLifespanUserAction": 18000,
"minimumQuickLoginWaitSeconds": 60,
"ssoSessionIdleTimeoutRememberMe": 0,
"ssoSessionMaxLifespanRememberMe": 0,
"offlineSessionMaxLifespanEnabled": false,
"accessTokenLifespanForImplicitFlow": 2592000,
"actionTokenGeneratedByUserLifespan": 18000,
"actionTokenGeneratedByAdminLifespan": 43200
},
"description": "realm template description"
}
HTTP status code 201
Realm template is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"id": 1,
"template": {
"enabled": true,
"attributes": {
"failureFactor": "30",
"permanentLockout": "false",
"bruteForceProtected": "false",
"maxDeltaTimeSeconds": "43200",
"waitIncrementSeconds": "60",
"maxFailureWaitSeconds": "900",
"offlineSessionMaxLifespan": "5184000",
"_browser_header.xRobotsTag": "none",
"quickLoginCheckMilliSeconds": "1000",
"minimumQuickLoginWaitSeconds": "60",
"_browser_header.xFrameOptions": "SAMEORIGIN",
"_browser_header.xXSSProtection": "1; mode=block",
"offlineSessionMaxLifespanEnabled": "false",
"actionTokenGeneratedByUserLifespan": "300",
"_browser_header.xContentTypeOptions": "nosniff",
"actionTokenGeneratedByAdminLifespan": "43200",
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains",
"_browser_header.contentSecurityPolicyReportOnly": ""
},
"loginTheme": "kaa",
"rememberMe": false,
"smtpServer": {},
"browserFlow": "browser",
"sslRequired": "none",
"verifyEmail": false,
"defaultRoles": ["uma_authorization", "offline_access"],
"eventsEnabled": false,
"failureFactor": 30,
"otpPolicyType": "totp",
"directGrantFlow": "direct grant",
"eventsListeners": ["jboss-logging"],
"otpPolicyDigits": 6,
"otpPolicyPeriod": 30,
"permanentLockout": false,
"registrationFlow": "registration",
"supportedLocales": [],
"enabledEventTypes": [],
"accessCodeLifespan": 36000,
"adminEventsEnabled": false,
"otpPolicyAlgorithm": "HmacSHA1",
"revokeRefreshToken": false,
"accessTokenLifespan": 2592000,
"bruteForceProtected": false,
"editUsernameAllowed": false,
"maxDeltaTimeSeconds": 43200,
"registrationAllowed": false,
"requiredCredentials": ["password"],
"refreshTokenMaxReuse": 0,
"resetCredentialsFlow": "reset credentials",
"resetPasswordAllowed": false,
"waitIncrementSeconds": 60,
"loginWithEmailAllowed": true,
"maxFailureWaitSeconds": 900,
"ssoSessionIdleTimeout": 2592000,
"ssoSessionMaxLifespan": 2592000,
"browserSecurityHeaders": {
"xRobotsTag": "none",
"xFrameOptions": "SAMEORIGIN",
"xXSSProtection": "1; mode=block",
"xContentTypeOptions": "nosniff",
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"strictTransportSecurity": "max-age=31536000; includeSubDomains",
"contentSecurityPolicyReportOnly": ""
},
"duplicateEmailsAllowed": false,
"accessCodeLifespanLogin": 108000,
"otpPolicyInitialCounter": 0,
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth",
"otpPolicyLookAheadWindow": 1,
"otpSupportedApplications": ["FreeOTP", "Google Authenticator"],
"userManagedAccessAllowed": false,
"adminEventsDetailsEnabled": false,
"offlineSessionIdleTimeout": 2592000,
"offlineSessionMaxLifespan": 5184000,
"internationalizationEnabled": false,
"quickLoginCheckMilliSeconds": 1000,
"registrationEmailAsUsername": false,
"accessCodeLifespanUserAction": 18000,
"minimumQuickLoginWaitSeconds": 60,
"ssoSessionIdleTimeoutRememberMe": 0,
"ssoSessionMaxLifespanRememberMe": 0,
"offlineSessionMaxLifespanEnabled": false,
"accessTokenLifespanForImplicitFlow": 2592000,
"actionTokenGeneratedByUserLifespan": 18000,
"actionTokenGeneratedByAdminLifespan": 43200
},
"description": "realm template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realms/{id}
Retrieve realm template.
- kaa:tenant:realm-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm template to operate on.
Example:
1
HTTP status code 200
Realm template is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"id": 1,
"template": {
"enabled": true,
"attributes": {
"failureFactor": "30",
"permanentLockout": "false",
"bruteForceProtected": "false",
"maxDeltaTimeSeconds": "43200",
"waitIncrementSeconds": "60",
"maxFailureWaitSeconds": "900",
"offlineSessionMaxLifespan": "5184000",
"_browser_header.xRobotsTag": "none",
"quickLoginCheckMilliSeconds": "1000",
"minimumQuickLoginWaitSeconds": "60",
"_browser_header.xFrameOptions": "SAMEORIGIN",
"_browser_header.xXSSProtection": "1; mode=block",
"offlineSessionMaxLifespanEnabled": "false",
"actionTokenGeneratedByUserLifespan": "300",
"_browser_header.xContentTypeOptions": "nosniff",
"actionTokenGeneratedByAdminLifespan": "43200",
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains",
"_browser_header.contentSecurityPolicyReportOnly": ""
},
"loginTheme": "kaa",
"rememberMe": false,
"smtpServer": {},
"browserFlow": "browser",
"sslRequired": "none",
"verifyEmail": false,
"defaultRoles": ["uma_authorization", "offline_access"],
"eventsEnabled": false,
"failureFactor": 30,
"otpPolicyType": "totp",
"directGrantFlow": "direct grant",
"eventsListeners": ["jboss-logging"],
"otpPolicyDigits": 6,
"otpPolicyPeriod": 30,
"permanentLockout": false,
"registrationFlow": "registration",
"supportedLocales": [],
"enabledEventTypes": [],
"accessCodeLifespan": 36000,
"adminEventsEnabled": false,
"otpPolicyAlgorithm": "HmacSHA1",
"revokeRefreshToken": false,
"accessTokenLifespan": 2592000,
"bruteForceProtected": false,
"editUsernameAllowed": false,
"maxDeltaTimeSeconds": 43200,
"registrationAllowed": false,
"requiredCredentials": ["password"],
"refreshTokenMaxReuse": 0,
"resetCredentialsFlow": "reset credentials",
"resetPasswordAllowed": false,
"waitIncrementSeconds": 60,
"loginWithEmailAllowed": true,
"maxFailureWaitSeconds": 900,
"ssoSessionIdleTimeout": 2592000,
"ssoSessionMaxLifespan": 2592000,
"browserSecurityHeaders": {
"xRobotsTag": "none",
"xFrameOptions": "SAMEORIGIN",
"xXSSProtection": "1; mode=block",
"xContentTypeOptions": "nosniff",
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"strictTransportSecurity": "max-age=31536000; includeSubDomains",
"contentSecurityPolicyReportOnly": ""
},
"duplicateEmailsAllowed": false,
"accessCodeLifespanLogin": 108000,
"otpPolicyInitialCounter": 0,
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth",
"otpPolicyLookAheadWindow": 1,
"otpSupportedApplications": ["FreeOTP", "Google Authenticator"],
"userManagedAccessAllowed": false,
"adminEventsDetailsEnabled": false,
"offlineSessionIdleTimeout": 2592000,
"offlineSessionMaxLifespan": 5184000,
"internationalizationEnabled": false,
"quickLoginCheckMilliSeconds": 1000,
"registrationEmailAsUsername": false,
"accessCodeLifespanUserAction": 18000,
"minimumQuickLoginWaitSeconds": 60,
"ssoSessionIdleTimeoutRememberMe": 0,
"ssoSessionMaxLifespanRememberMe": 0,
"offlineSessionMaxLifespanEnabled": false,
"accessTokenLifespanForImplicitFlow": 2592000,
"actionTokenGeneratedByUserLifespan": 18000,
"actionTokenGeneratedByAdminLifespan": 43200
},
"description": "realm template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /templates/realms/{id}
Update realm template
- kaa:tenant:realm-template:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm template to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"template": {
"enabled": true,
"attributes": {
"failureFactor": "30",
"permanentLockout": "false",
"bruteForceProtected": "false",
"maxDeltaTimeSeconds": "43200",
"waitIncrementSeconds": "60",
"maxFailureWaitSeconds": "900",
"offlineSessionMaxLifespan": "5184000",
"_browser_header.xRobotsTag": "none",
"quickLoginCheckMilliSeconds": "1000",
"minimumQuickLoginWaitSeconds": "60",
"_browser_header.xFrameOptions": "SAMEORIGIN",
"_browser_header.xXSSProtection": "1; mode=block",
"offlineSessionMaxLifespanEnabled": "false",
"actionTokenGeneratedByUserLifespan": "300",
"_browser_header.xContentTypeOptions": "nosniff",
"actionTokenGeneratedByAdminLifespan": "43200",
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains",
"_browser_header.contentSecurityPolicyReportOnly": ""
},
"loginTheme": "kaa",
"rememberMe": false,
"smtpServer": {},
"browserFlow": "browser",
"sslRequired": "none",
"verifyEmail": false,
"defaultRoles": ["uma_authorization", "offline_access"],
"eventsEnabled": false,
"failureFactor": 30,
"otpPolicyType": "totp",
"directGrantFlow": "direct grant",
"eventsListeners": ["jboss-logging"],
"otpPolicyDigits": 6,
"otpPolicyPeriod": 30,
"permanentLockout": false,
"registrationFlow": "registration",
"supportedLocales": [],
"enabledEventTypes": [],
"accessCodeLifespan": 36000,
"adminEventsEnabled": false,
"otpPolicyAlgorithm": "HmacSHA1",
"revokeRefreshToken": false,
"accessTokenLifespan": 2592000,
"bruteForceProtected": false,
"editUsernameAllowed": false,
"maxDeltaTimeSeconds": 43200,
"registrationAllowed": false,
"requiredCredentials": ["password"],
"refreshTokenMaxReuse": 0,
"resetCredentialsFlow": "reset credentials",
"resetPasswordAllowed": false,
"waitIncrementSeconds": 60,
"loginWithEmailAllowed": true,
"maxFailureWaitSeconds": 900,
"ssoSessionIdleTimeout": 2592000,
"ssoSessionMaxLifespan": 2592000,
"browserSecurityHeaders": {
"xRobotsTag": "none",
"xFrameOptions": "SAMEORIGIN",
"xXSSProtection": "1; mode=block",
"xContentTypeOptions": "nosniff",
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"strictTransportSecurity": "max-age=31536000; includeSubDomains",
"contentSecurityPolicyReportOnly": ""
},
"duplicateEmailsAllowed": false,
"accessCodeLifespanLogin": 108000,
"otpPolicyInitialCounter": 0,
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth",
"otpPolicyLookAheadWindow": 1,
"otpSupportedApplications": ["FreeOTP", "Google Authenticator"],
"userManagedAccessAllowed": false,
"adminEventsDetailsEnabled": false,
"offlineSessionIdleTimeout": 2592000,
"offlineSessionMaxLifespan": 5184000,
"internationalizationEnabled": false,
"quickLoginCheckMilliSeconds": 1000,
"registrationEmailAsUsername": false,
"accessCodeLifespanUserAction": 18000,
"minimumQuickLoginWaitSeconds": 60,
"ssoSessionIdleTimeoutRememberMe": 0,
"ssoSessionMaxLifespanRememberMe": 0,
"offlineSessionMaxLifespanEnabled": false,
"accessTokenLifespanForImplicitFlow": 2592000,
"actionTokenGeneratedByUserLifespan": 18000,
"actionTokenGeneratedByAdminLifespan": 43200
},
"description": "realm template description"
}
HTTP status code 200
The realm template is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"id": 1,
"template": {
"enabled": true,
"attributes": {
"failureFactor": "30",
"permanentLockout": "false",
"bruteForceProtected": "false",
"maxDeltaTimeSeconds": "43200",
"waitIncrementSeconds": "60",
"maxFailureWaitSeconds": "900",
"offlineSessionMaxLifespan": "5184000",
"_browser_header.xRobotsTag": "none",
"quickLoginCheckMilliSeconds": "1000",
"minimumQuickLoginWaitSeconds": "60",
"_browser_header.xFrameOptions": "SAMEORIGIN",
"_browser_header.xXSSProtection": "1; mode=block",
"offlineSessionMaxLifespanEnabled": "false",
"actionTokenGeneratedByUserLifespan": "300",
"_browser_header.xContentTypeOptions": "nosniff",
"actionTokenGeneratedByAdminLifespan": "43200",
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains",
"_browser_header.contentSecurityPolicyReportOnly": ""
},
"loginTheme": "kaa",
"rememberMe": false,
"smtpServer": {},
"browserFlow": "browser",
"sslRequired": "none",
"verifyEmail": false,
"defaultRoles": ["uma_authorization", "offline_access"],
"eventsEnabled": false,
"failureFactor": 30,
"otpPolicyType": "totp",
"directGrantFlow": "direct grant",
"eventsListeners": ["jboss-logging"],
"otpPolicyDigits": 6,
"otpPolicyPeriod": 30,
"permanentLockout": false,
"registrationFlow": "registration",
"supportedLocales": [],
"enabledEventTypes": [],
"accessCodeLifespan": 36000,
"adminEventsEnabled": false,
"otpPolicyAlgorithm": "HmacSHA1",
"revokeRefreshToken": false,
"accessTokenLifespan": 2592000,
"bruteForceProtected": false,
"editUsernameAllowed": false,
"maxDeltaTimeSeconds": 43200,
"registrationAllowed": false,
"requiredCredentials": ["password"],
"refreshTokenMaxReuse": 0,
"resetCredentialsFlow": "reset credentials",
"resetPasswordAllowed": false,
"waitIncrementSeconds": 60,
"loginWithEmailAllowed": true,
"maxFailureWaitSeconds": 900,
"ssoSessionIdleTimeout": 2592000,
"ssoSessionMaxLifespan": 2592000,
"browserSecurityHeaders": {
"xRobotsTag": "none",
"xFrameOptions": "SAMEORIGIN",
"xXSSProtection": "1; mode=block",
"xContentTypeOptions": "nosniff",
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"strictTransportSecurity": "max-age=31536000; includeSubDomains",
"contentSecurityPolicyReportOnly": ""
},
"duplicateEmailsAllowed": false,
"accessCodeLifespanLogin": 108000,
"otpPolicyInitialCounter": 0,
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth",
"otpPolicyLookAheadWindow": 1,
"otpSupportedApplications": ["FreeOTP", "Google Authenticator"],
"userManagedAccessAllowed": false,
"adminEventsDetailsEnabled": false,
"offlineSessionIdleTimeout": 2592000,
"offlineSessionMaxLifespan": 5184000,
"internationalizationEnabled": false,
"quickLoginCheckMilliSeconds": 1000,
"registrationEmailAsUsername": false,
"accessCodeLifespanUserAction": 18000,
"minimumQuickLoginWaitSeconds": 60,
"ssoSessionIdleTimeoutRememberMe": 0,
"ssoSessionMaxLifespanRememberMe": 0,
"offlineSessionMaxLifespanEnabled": false,
"accessTokenLifespanForImplicitFlow": 2592000,
"actionTokenGeneratedByUserLifespan": 18000,
"actionTokenGeneratedByAdminLifespan": 43200
},
"description": "realm template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /templates/realms/{id}
Delete realm template.
- kaa:tenant:realm-template:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm template to operate on.
Example:
1
HTTP status code 204
Realm template is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-frontend-clients
Retrieve realm frontend client template list.
- kaa:tenant:realm-frontend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm frontend client template list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmFrontendClientTemplate)
Items: RealmFrontendClientTemplate
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
- id: required(integer)
Example:
{
"count": 1,
"results": [
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": true,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /templates/realm-frontend-clients
Create a new realm frontend client template.
- kaa:tenant:realm-frontend-client-template:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": true,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 201
Realm frontend client template is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": true,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-frontend-clients/{id}
Retrieve realm frontend client template.
- kaa:tenant:realm-frontend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm frontend client template to operate on.
Example:
2
HTTP status code 200
Realm frontend client template is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": true,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /templates/realm-frontend-clients/{id}
Update realm frontend client template
- kaa:tenant:realm-frontend-client-template:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm frontend client template to operate on.
Example:
2
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": true,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 200
Realm frontend client template is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": true,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /templates/realm-frontend-clients/{id}
Delete realm frontend client template.
- kaa:tenant:realm-frontend-client-template:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm frontend client template to operate on.
Example:
2
HTTP status code 204
Realm frontend client template is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-backend-clients
Retrieve realm backend client template list.
- kaa:tenant:realm-backend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm backend client template list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmBackendClientTemplate)
Items: RealmBackendClientTemplate
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
- id: required(integer)
Example:
{
"count": 1,
"results": [
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": false,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /templates/realm-backend-clients
Create a new realm backend client template.
- kaa:tenant:realm-backend-client-template:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": false,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 201
Realm backend client template is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": false,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-backend-clients/{id}
Retrieve realm backend client template.
- kaa:tenant:realm-backend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm backend client template to operate on.
Example:
2
HTTP status code 200
Realm backend client template is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": false,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /templates/realm-backend-clients/{id}
Update realm backend client template
- kaa:tenant:realm-backend-client-template:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm backend client template to operate on.
Example:
2
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": false,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 200
Realm backend client template is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": ["+"],
"publicClient": false,
"redirectUris": ["*"],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /templates/realm-backend-clients/{id}
Delete realm backend client template.
- kaa:tenant:realm-backend-client-template:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm backend client template to operate on.
Example:
2
HTTP status code 204
Realm backend client template is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Scopes
Operations on realm scopes.
get /scopes
Retrieve realm scopes list.
- kaa:tenant:scope:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm scopes list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmScope)
Items: RealmScope
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
- name: required(string)
Example:
{
"count": 10,
"results": [
{
"name": "application:read",
"displayName": "application:read"
},
{
"name": "application:software:read",
"displayName": "application:software:read"
},
{
"name": "application:software:update",
"displayName": "application:software:update"
},
{
"name": "application:timeseries-config:read",
"displayName": "application:timeseries-config:read"
},
{
"name": "application:update",
"displayName": "application:update"
},
{
"name": "dashboard:read",
"displayName": "dashboard:read"
},
{
"name": "endpoint:delete",
"displayName": "endpoint:delete"
},
{
"name": "endpoint:read",
"displayName": "endpoint:read"
},
{
"name": "endpoint:update",
"displayName": "endpoint:update"
},
{
"name": "kaa:application:create",
"displayName": "kaa:application:create"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /scopes
Create new realm scope.
- kaa:tenant:scope:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 201
Realm scope is successfully created.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/{id}
Retrieve realm scope.
- kaa:tenant:scope:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm scope to operate on.
Example:
application:read
HTTP status code 200
Realm scope is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /scopes/{id}
Update realm scope
- kaa:tenant:scope:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm scope to operate on.
Example:
application:read
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 200
Realm scope is successfully updated.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /scopes/{id}
Delete realm scope.
- kaa:tenant:scope:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm scope to operate on.
Example:
application:read
HTTP status code 204
Realm scope is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions
Retrieve realm scopes versions list.
- kaa:tenant:keycloak-scopes-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm scopes versions list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmScopeVersion)
Items: RealmScopeVersion
- id: required(integer)
Unique identifier of a realm scope version.
- scopes: required(array of items)
Array of scopes.
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 1,
"scopes": [
"application:delete",
"application:endpoint-command:read",
"application:endpoint-config:delete",
"application:endpoint-config:read",
"application:endpoint-config:update",
"application:endpoint:create",
"application:endpoint-filter:create",
"application:endpoint-filter:delete",
"application:endpoint-filter:read",
"application:endpoint-filter:update",
"application:endpoints-metadata-keys:read",
"application:read",
"application:software:delete",
"application:software:read",
"application:software:update",
"application:timeseries-config:read",
"application:ttn-app-integration:create",
"application:update",
"dashboard:read",
"endpoint:delete",
"endpoint:read",
"endpoint:update",
"kaa:application:create",
"kaa:application:create",
"kaa:application:read",
"kaa:application:read",
"kaa:application:read",
"kaa:application:update",
"kaa:application:update",
"kaa:client-credentials:create",
"kaa:client-credentials:create",
"kaa:client-credentials:read",
"kaa:client-credentials:read",
"kaa:client-credentials:update",
"kaa:client-credentials:update",
"kaa:tenant:configuration:read",
"kaa:tenant:configuration:read",
"kaa:tenant:create",
"kaa:tenant:default-resource:create",
"kaa:tenant:default-resource:delete",
"kaa:tenant:default-resource:read",
"kaa:tenant:default-resource-scope-mapping:create",
"kaa:tenant:default-resource-scope-mapping:delete",
"kaa:tenant:default-resource-scope-mapping:read",
"kaa:tenant:default-resource-scope-mapping:update",
"kaa:tenant:default-resource:update",
"kaa:tenant:default-resource-version:create",
"kaa:tenant:default-resource-version:delete",
"kaa:tenant:default-resource-version-mapping:create",
"kaa:tenant:default-resource-version-mapping:delete",
"kaa:tenant:default-resource-version-mapping:read",
"kaa:tenant:default-resource-version-mapping:update",
"kaa:tenant:default-resource-version:read",
"kaa:tenant:default-resource-version:update",
"kaa:tenant:delete",
"kaa:tenant:files:update",
"kaa:tenant:idp:create",
"kaa:tenant:idp:delete",
"kaa:tenant:idp:read",
"kaa:tenant:idp:update",
"kaa:tenant:js-policy:create",
"kaa:tenant:js-policy:delete",
"kaa:tenant:js-policy:read",
"kaa:tenant:js-policy:update",
"kaa:tenant:keycloak-server:create",
"kaa:tenant:keycloak-server:delete",
"kaa:tenant:keycloak-server:read",
"kaa:tenant:keycloak-server:update",
"kaa:tenant:package-type:create",
"kaa:tenant:package-type:delete",
"kaa:tenant:package-type:read",
"kaa:tenant:package-type:update",
"kaa:tenant:read",
"kaa:tenant:realm-backend-client-template:create",
"kaa:tenant:realm-backend-client-template:delete",
"kaa:tenant:realm-backend-client-template:read",
"kaa:tenant:realm-backend-client-template:update",
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update",
"kaa:tenant:realm-template:create",
"kaa:tenant:realm-template:delete",
"kaa:tenant:realm-template:read",
"kaa:tenant:realm-template:update",
"kaa:tenant:role:create",
"kaa:tenant:role:delete",
"kaa:tenant:role:read",
"kaa:tenant:role-scope-mapping:create",
"kaa:tenant:role-scope-mapping:delete",
"kaa:tenant:role-scope-mapping:read",
"kaa:tenant:role-scope-mapping:update",
"kaa:tenant:role:update",
"kaa:tenant:role-version:create",
"kaa:tenant:role-version:delete",
"kaa:tenant:role-version-mapping:create",
"kaa:tenant:role-version-mapping:delete",
"kaa:tenant:role-version-mapping:read",
"kaa:tenant:role-version-mapping:update",
"kaa:tenant:role-version:read",
"kaa:tenant:role-version:update",
"kaa:tenant:scope:create",
"kaa:tenant:scope:delete",
"kaa:tenant:scope:read",
"kaa:tenant:scope:update",
"kaa:tenant:scope-version:create",
"kaa:tenant:scope-version:delete",
"kaa:tenant:scope-version-mapping:create",
"kaa:tenant:scope-version-mapping:delete",
"kaa:tenant:scope-version-mapping:read",
"kaa:tenant:scope-version-mapping:update",
"kaa:tenant:scope-version:read",
"kaa:tenant:scope-version:update",
"kaa:tenant:tenant-js-policy-mapping:create",
"kaa:tenant:tenant-js-policy-mapping:delete",
"kaa:tenant:tenant-js-policy-mapping:read",
"kaa:tenant:tenant-js-policy-mapping:update",
"kaa:tenant:tenant-subscription:create",
"kaa:tenant:tenant-subscription:delete",
"kaa:tenant:tenant-subscription:read",
"kaa:tenant:tenant-subscription:update",
"kaa:tenant:tenant-user:create",
"kaa:tenant:tenant-user:delete",
"kaa:tenant:tenant-user:read",
"kaa:tenant:tenant-user:update",
"kaa:tenant:update",
"kaa:ui:update",
"tenant:application:create",
"tenant:application:read",
"tenant:basic-credentials:create",
"tenant:basic-credentials:read",
"tenant:basic-credentials:update",
"tenant:branding:update",
"tenant:configuration:read",
"tenant:configuration:update",
"tenant:files:update",
"tenant:ttn-app-integration:create",
"tenant:ttn-app-integration:read",
"tenant:x509-credentials:create",
"tenant:x509-credentials:read",
"tenant:x509-credentials:update",
"traffic-statistic:read",
"ttn-app-integration:delete",
"ttn-app-integration:read",
"ttn-app-integration:ttn-device-integration:create",
"ttn-app-integration:update",
"ttn-device-integration:delete",
"ttn-device-integration:read",
"ttn-device-integration:update"
]
},
{
"id": 2,
"scopes": [
"application:delete",
"application:endpoint-command:read",
"application:endpoint-config:delete",
"application:endpoint-config:read",
"application:endpoint-config:update",
"application:endpoint:create",
"application:endpoint-filter:create",
"application:endpoint-filter:delete",
"application:endpoint-filter:read",
"application:endpoint-filter:update",
"application:endpoints-metadata-keys:read",
"application:read",
"application:software:delete",
"application:software:read",
"application:software:update",
"application:timeseries-config:read",
"application:ttn-app-integration:create",
"application:update",
"dashboard:read",
"endpoint:delete",
"endpoint:read",
"endpoint:update",
"kaa:application:create",
"kaa:application:create",
"kaa:application:read",
"kaa:application:update",
"kaa:application:update",
"kaa:client-credentials:create",
"kaa:client-credentials:create",
"kaa:client-credentials:read",
"kaa:client-credentials:read",
"kaa:client-credentials:update",
"kaa:client-credentials:update",
"kaa:tenant:files:update",
"tenant:application:create",
"tenant:application:read",
"tenant:basic-credentials:create",
"tenant:basic-credentials:read",
"tenant:basic-credentials:update",
"tenant:branding:update",
"tenant:configuration:read",
"tenant:configuration:update",
"tenant:files:update",
"tenant:ttn-app-integration:create",
"tenant:ttn-app-integration:read",
"tenant:x509-credentials:create",
"tenant:x509-credentials:read",
"tenant:x509-credentials:update",
"traffic-statistic:read",
"ttn-app-integration:delete",
"ttn-app-integration:read",
"ttn-app-integration:ttn-device-integration:create",
"ttn-app-integration:update",
"ttn-device-integration:delete",
"ttn-device-integration:read",
"ttn-device-integration:update"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /scopes/versions
Create a new realm scope version.
- kaa:tenant:keycloak-scopes-versions:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 201
Realm scope version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version.
- scopes: required(array of items)
Array of scopes.
Example:
{
"id": 1,
"scopes": []
}HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions/{id}
Retrieve realm scope version.
- kaa:tenant:keycloak-scopes-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version to operate on.
Example:
1
HTTP status code 200
Realm scope version is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version.
- scopes: required(array of items)
Array of scopes.
Example:
{
"id": 1,
"scopes": [
"kaa:tenant:realm-backend-client-template:create",
"kaa:tenant:realm-backend-client-template:delete",
"kaa:tenant:realm-backend-client-template:read",
"kaa:tenant:realm-backend-client-template:update",
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update",
"kaa:tenant:default-resource:create",
"kaa:tenant:default-resource:delete"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /scopes/versions/{id}
Delete realm scope version.
- kaa:tenant:keycloak-scopes-versions:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version to operate on.
Example:
1
HTTP status code 204
Realm scope version is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions-mappings
Retrieve realm scopes versions mappings list.
- kaa:tenant:keycloak-scopes-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm scopes versions mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmScopeVersionMapping)
Items: RealmScopeVersionMapping
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
- id: required(integer)
Example:
{
"count": 4,
"results": [
{
"id": 11,
"version": 1,
"scope": "application:endpoint-config:read"
},
{
"id": 12,
"version": 1,
"scope": "application:endpoint-config:update"
},
{
"id": 13,
"version": 1,
"scope": "application:endpoint-config:delete"
},
{
"id": 14,
"version": 1,
"scope": "application:software:read"
},
{
"id": 15,
"version": 1,
"scope": "application:software:update"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /scopes/versions-mappings
Create a new realm scope version.
- kaa:tenant:keycloak-scopes-versions-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"version": 1,
"scope": "application:read"
}
HTTP status code 201
The realm scope version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"version": 1,
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions-mappings/{id}
Retrieve realm scope version mapping.
- kaa:tenant:keycloak-scopes-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version mapping to operate on.
Example:
1
HTTP status code 200
Realm scope version mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"version": 1,
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /scopes/versions-mappings/{id}
Update realm scope version mapping.
- kaa:tenant:keycloak-scopes-versions-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"version": 1,
"scope": "application:read"
}
HTTP status code 200
Realm scope version mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"version": 1,
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /scopes/versions-mappings/{id}
Delete realm scope version mapping.
- kaa:tenant:keycloak-scopes-versions-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version mapping to operate on.
Example:
1
HTTP status code 204
Realm scope version mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Roles
Operations on realm roles.
get /roles
Retrieve realm roles list.
- kaa:tenant:role:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRole)
Items: RealmRole
- name: required(string)
Unique identifier of a realm role.
- scopes: required(array of items)
Array of scopes.
- name: required(string)
Example:
{
"count": 10,
"results": [
{
"name": "analytics-admin",
"scopes": []
},
{
"name": "analytics-reader",
"scopes": []
},
{
"name": "application-admin",
"scopes": [
"application:delete",
"application:endpoint-config:delete",
"application:endpoint-config:read",
"application:endpoint-config:update",
"application:endpoint:create",
"application:endpoint-filter:create",
"application:endpoint-filter:delete",
"application:endpoint-filter:read",
"application:endpoint-filter:update",
"application:endpoints-metadata-keys:read",
"application:read",
"application:software:delete",
"application:software:read",
"application:software:update",
"application:timeseries-config:read",
"application:ttn-app-integration:create",
"application:update",
"kaa:application:read",
"kaa:client-credentials:read",
"tenant:application:create",
"tenant:ttn-app-integration:create",
"tenant:ttn-app-integration:read",
"tenant:x509-credentials:read"
]
},
{
"name": "application-reader",
"scopes": [
"application:endpoint-config:read",
"application:endpoint-filter:read",
"application:endpoints-metadata-keys:read",
"application:read",
"application:software:read",
"application:timeseries-config:read",
"dashboard:read",
"endpoint:read",
"kaa:application:read",
"kaa:client-credentials:read",
"tenant:ttn-app-integration:read",
"tenant:x509-credentials:read"
]
},
{
"name": "basic-credentials-admin",
"scopes": [
"tenant:basic-credentials:create",
"tenant:basic-credentials:read",
"tenant:basic-credentials:update"
]
},
{
"name": "basic-credentials-reader",
"scopes": ["tenant:basic-credentials:read"]
},
{
"name": "dashboard-admin",
"scopes": ["dashboard:read"]
},
{
"name": "dashboard-reader",
"scopes": ["dashboard:read"]
},
{
"name": "endpoint-admin",
"scopes": ["endpoint:delete", "endpoint:read", "endpoint:update"]
},
{
"name": "endpoint-reader",
"scopes": ["endpoint:read"]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles
Create a new realm role.
- kaa:tenant:role:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm role.
Example:
{
"name": "application:read"
}
HTTP status code 201
Realm role is successfully created.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm role.
- scopes: required(array of items)
Array of scopes.
Example:
{
"name": "application:read",
"scopes": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/{id}
Retrieve realm role.
- kaa:tenant:role:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm role to operate on.
Example:
application-read
HTTP status code 200
Realm role is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm role.
- scopes: required(array of items)
Array of scopes.
Example:
{
"name": "application:read",
"scopes": ["application:read", "application:endpoint-config:delete"]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/{id}
Delete realm role.
- kaa:tenant:role:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm role to operate on.
Example:
application-read
HTTP status code 204
Realm role is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions
Retrieve realm roles versions list.
- kaa:tenant:keycloak-roles-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles versions list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRoleVersion)
Items: RealmRoleVersion
- id: required(integer)
Unique identifier of a realm role version.
- roles: required(array of items)
Array of roles.
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 1,
"roles": [
"analytics-admin",
"analytics-reader",
"application-admin",
"application-reader",
"basic-credentials-admin",
"basic-credentials-reader",
"dashboard-admin",
"dashboard-reader",
"endpoint-admin",
"endpoint-reader",
"platform-admin",
"platform-application-admin",
"platform-application-admin",
"platform-client-credentials-admin",
"platform-client-credentials-reader",
"platform-client-credentials-reader",
"platform-reader",
"tenant-admin",
"tenant-reader",
"ttn-app-integration-admin",
"ttn-app-integration-reader",
"ttn-device-integration-admin",
"ttn-device-integration-reader",
"x509-credentials-admin",
"x509-credentials-reader"
]
},
{
"id": 2,
"roles": [
"analytics-admin",
"analytics-reader",
"application-admin",
"application-reader",
"basic-credentials-admin",
"basic-credentials-reader",
"dashboard-admin",
"dashboard-reader",
"endpoint-admin",
"endpoint-reader",
"platform-application-admin",
"platform-application-admin",
"platform-client-credentials-admin",
"platform-client-credentials-reader",
"platform-client-credentials-reader",
"tenant-admin",
"tenant-reader",
"ttn-app-integration-admin",
"ttn-app-integration-reader",
"ttn-device-integration-admin",
"ttn-device-integration-reader",
"x509-credentials-admin",
"x509-credentials-reader"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles/versions
Create a new realm role version.
- kaa:tenant:keycloak-roles-versions:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 201
Realm role version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version.
- roles: required(array of items)
Array of roles.
Example:
{
"id": 1,
"roles": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions/{id}
Retrieve realm roles version.
- kaa:tenant:keycloak-roles-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version to operate on.
Example:
1
HTTP status code 200
Realm role version is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version.
- roles: required(array of items)
Array of roles.
Example:
{
"id": 1,
"roles": ["application-admin", "application-reader"]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/versions/{id}
Delete realm role version.
- kaa:tenant:keycloak-roles-versions:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version to operate on.
Example:
1
HTTP status code 204
Realm role version is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions-mappings
Retrieve realm roles versions mappings list.
- kaa:tenant:keycloak-roles-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles versions mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRoleVersionMapping)
Items: RealmRoleVersionMapping
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 3,
"version": 1,
"role": "application-admin"
},
{
"id": 4,
"version": 1,
"role": "application-reader"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles/versions-mappings
Create new realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"version": 1,
"role": "application-admin"
}
HTTP status code 201
The realm role version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"id": 1,
"version": 1,
"role": "application-admin"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions-mappings/{id}
Retrieve realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version mapping to operate on.
Example:
1
HTTP status code 200
Realm role version mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"id": 1,
"version": 1,
"role": "application-admin"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /roles/versions-mappings/{id}
Update realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"version": 1,
"role": "application-admin"
}
HTTP status code 200
Realm role version mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"id": 1,
"version": 1,
"role": "application-admin"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/versions-mappings/{id}
Delete realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version mapping to operate on.
Example:
1
HTTP status code 204
Realm role version mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/scopes-mappings
Retrieve realm roles and scopes mappings list.
- kaa:tenant:keycloak-roles-scopes-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles and scopes mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRoleScopeMapping)
Items: RealmRoleScopeMapping
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"count": 2,
"results": [
{
"id": 3,
"role": "platform-admin",
"scope": "application:delete"
},
{
"id": 4,
"role": "platform-admin",
"scope": "application:endpoint:create"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles/scopes-mappings
Create a new realm role and scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 201
Realm role and scope mapping is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/scopes-mappings/{id}
Retrieve realm role-scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role-scope mapping to operate on.
Example:
1
HTTP status code 200
Realm role-scope mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /roles/scopes-mappings/{id}
Update realm role-scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role-scope mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 200
Realm role-scope mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/scopes-mappings/{id}
Delete realm-scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role-scope mapping to operate on.
Example:
1
HTTP status code 204
Realm role-scope mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Default resources
Operations on realm default resources.
get /default-resources
Retrieve realm default resources list.
- kaa:tenant:default-resource:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resources list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResource)
Items: RealmDefaultResource
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
- resource_name: required(string)
Example:
{
"count": 1,
"results": [
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version",
"scopes": [
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources
Create a new realm default resource.
- kaa:tenant:default-resource:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version"
}
HTTP status code 201
Realm default resource is successfully created.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
Example:
{
"resource_name": "tenant-user",
"resource_type": "tenant-user",
"display_name": "tenant-user",
"scopes": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/{id}
Retrieve realm default resource.
- kaa:tenant:default-resource:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm default resource to operate on.
Example:
keycloak-client-frontend-template-version
HTTP status code 200
Realm default resource is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version",
"scopes": [
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /default-resources/{id}
Update realm default resource
- kaa:tenant:default-resource:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm default resource to operate on.
Example:
keycloak-client-frontend-template-version
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version"
}
HTTP status code 200
Realm default resource is successfully updated.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version",
"scopes": [
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/{id}
Delete realm default resource.
- kaa:tenant:default-resource:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm default resource to operate on.
Example:
keycloak-client-frontend-template-version
HTTP status code 204
Realm default resource is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/mappings
Retrieve realm default resource mappings list.
- kaa:tenant:keycloak-default-resource-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resource mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResourceMapping)
Items: RealmDefaultResourceMapping
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
- id: required(integer)
Example:
{
"count": 4,
"results": [
{
"id": 6,
"resource": "tenant-system",
"scope": "kaa:tenant:delete"
},
{
"id": 7,
"resource": "tenant-system",
"scope": "kaa:tenant:delete"
},
{
"id": 8,
"resource": "tenant-system",
"scope": "kaa:tenant:delete"
},
{
"id": 9,
"resource": "tenant-system",
"scope": "tenant:application:create"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources/mappings
Create a new realm default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 201
Realm default resource mapping is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/mappings/{id}
Retrieve realm default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource mapping to operate on.
Example:
1
HTTP status code 200
Realm default resource mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /default-resources/mappings/{id}
Update realm default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 200
Realm default resource mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/mappings/{id}
Delete default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource mapping to operate on.
Example:
1
HTTP status code 204
Realm default resource mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/versions
Retrieve realm default resource version list.
- kaa:tenant:default-resource-version:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resource version list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResourceVersion)
Items: RealmDefaultResourceVersion
- id: required(integer)
Unique identifier of a realm default resource.
- resources: required(array of items)
Array of resources.
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 1,
"resources": ["kaa-system", "tenant-system"]
},
{
"id": 2,
"resources": ["tenant-system"]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources/versions
Create a new realm default resource version.
- kaa:tenant:default-resource-version:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 201
Realm default resource version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resources: required(array of items)
Array of resources.
Example:
{
"id": 1,
"resources": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/versions/{id}
Retrieve realm default resource version.
- kaa:tenant:default-resource-version:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version to operate on.
Example:
2
HTTP status code 200
Realm default resource version is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resources: required(array of items)
Array of resources.
Example:
{
"id": 2,
"resources": ["tenant-system", "kaa-system"]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/versions/{id}
Delete realm default resource version.
- kaa:tenant:default-resource-version:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version to operate on.
Example:
2
HTTP status code 204
Realm default resource version is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/version-mappings
Retrieve realm default resource version mappings list.
- kaa:tenant:default-resource-version-mapping:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resource version mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResourceVersionMapping)
Items: RealmDefaultResourceVersionMapping
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
- id: required(integer)
Example:
{
"count": 5,
"results": [
{
"id": 6,
"version": 1,
"resources": "keycloak-scope"
},
{
"id": 7,
"version": 1,
"resources": "keycloak-scopes-version"
},
{
"id": 8,
"version": 1,
"resources": "keycloak-scope-version-mapping"
},
{
"id": 9,
"version": 1,
"resources": "keycloak-roles-version"
},
{
"id": 10,
"version": 1,
"resources": "keycloak-role-version-mapping"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources/version-mappings
Create a new realm default resource version mapping.
- kaa:tenant:default-resource-version-mapping:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 201
Realm default resource version mapping is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"id": 1,
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/version-mappings/{id}
Retrieve realm default resource version mapping.
- kaa:tenant:default-resource-version-mapping:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version mapping to operate on.
Example:
1
HTTP status code 200
Realm default resource version mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"id": 1,
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /default-resources/version-mappings/{id}
Update realm default resource version mapping.
- kaa:tenant:default-resource-version-mapping:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 200
Realm default resource version mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"id": 1,
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/version-mappings/{id}
Delete default resource version mapping.
- kaa:tenant:default-resource-version-mapping:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version mapping to operate on.
Example:
1
HTTP status code 204
Realm default resource version mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Identity providers
Operations on realm identity providers.
get /idps
Retrieve realm identity providers list.
- kaa:tenant:idp:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm identity providers list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmIdp)
Items: RealmIdp
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-aa4f-44b1-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
},
{
"id": 2,
"url": "https://id.kaaiot.io",
"client_id": "kaa-eph",
"client_secret": "17b2c323-cbc1-40d1-f164-9574dde094ac",
"alias": "KaaID",
"idp_realm": "master",
"role_mapping": {
"id": 2,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "admin"
}
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /idps
Create a new realm identity provider.
- kaa:tenant:idp:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- realm_role: required(string)
Example:
{
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 201
Realm identity provider is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /idps/{id}
Retrieve realm identity provider.
- kaa:tenant:idp:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm identity provider to operate on.
Example:
1
HTTP status code 200
Realm identity provider is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /idps/{id}
Update realm identity provider.
- kaa:tenant:idp:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm identity provider to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- realm_role: required(string)
Example:
{
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 200
Realm identity provider is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /idps/{id}
Delete realm identity provider.
- kaa:tenant:idp:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm identity provider to operate on.
Example:
1
HTTP status code 204
Realm identity provider is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Keycloak servers
Operations on Keycloak servers data.
get /keycloak-servers
Retrieve the Keycloak servers list.
- kaa:tenant:keycloak-server:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Keycloak servers list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of KeycloakServer)
Items: KeycloakServer
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
},
{
"id": 2,
"url": "https://autha.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 0,
"max_realms": 200
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /keycloak-servers
Create a new Keycloak server.
- kaa:tenant:keycloak-server:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 201
Keycloak server is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /keycloak-servers/{id}
Retrieve a Keycloak server.
- kaa:tenant:keycloak-server:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the Keycloak server to operate on.
Example:
1
HTTP status code 200
Keycloak server is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /keycloak-servers/{id}
Update the Keycloak server.
- kaa:tenant:keycloak-server:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the Keycloak server to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 200
Keycloak server is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /keycloak-servers/{id}
Delete the Keycloak server.
- kaa:tenant:keycloak-server:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the Keycloak server to operate on.
Example:
1
HTTP status code 204
Keycloak server is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Package types
Operations on package types.
get /packages-types
Retrieve all package types.
- kaa:tenant:package-type:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Package types list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of PackageType)
Items: PackageType
- id: required(integer)
Unique identifier of a package type.
- name: required(string)
Name of the a package type.
- devices: required(integer)
Number of devices available within package type.
- applications: required(integer)
Number of applications available within package type.
- disk_size: required(integer)
Disk size of the package type.
- traffic: required(integer)
Traffic of the package type.
- description: required(string)
Explanation of the package type.
- id: required(integer)
Example:
{
"count": 7,
"results": [
{
"id": 5,
"name": "cloud-5",
"devices": 5,
"applications": 5,
"disk_size": 5,
"traffic": 5,
"description": "Cloud package for 5 devices"
},
{
"id": 15,
"name": "cloud-15",
"devices": 15,
"applications": 15,
"disk_size": 15,
"traffic": 15,
"description": "Cloud package for 15 devices"
},
{
"id": 50,
"name": "cloud-50",
"devices": 50,
"applications": 50,
"disk_size": 50,
"traffic": 50,
"description": "Cloud package for 50 devices"
},
{
"id": 100,
"name": "cloud-100",
"devices": 100,
"applications": 100,
"disk_size": 100,
"traffic": 100,
"description": "Cloud package for 100 devices"
},
{
"id": 250,
"name": "cloud-250",
"devices": 250,
"applications": 250,
"disk_size": 250,
"traffic": 250,
"description": "Cloud package for 250 devices"
},
{
"id": 500,
"name": "cloud-500",
"devices": 500,
"applications": 500,
"disk_size": 500,
"traffic": 500,
"description": "Cloud package for 500 devices"
},
{
"id": 1000,
"name": "cloud-1000",
"devices": 1000,
"applications": 1000,
"disk_size": 1000,
"traffic": 1000,
"description": "Cloud package for 1000 devices"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /packages-types
Create package type.
- kaa:tenant:package-type:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Name of the a package type.
- devices: required(integer)
Number of devices available within package type.
- applications: required(integer)
Number of applications available within package type.
- disk_size: required(integer)
Disk size of the package type.
- traffic: required(integer)
Traffic of the package type.
- description: required(string)
Explanation of the package type.
Example:
{
"name": "cloud-5",
"devices": 5,
"applications": 5,
"disk_size": 5,
"traffic": 5,
"description": "Cloud package for 5 devices"
}
HTTP status code 200
Package type created successfully.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a package type.
- name: required(string)
Name of the a package type.
- devices: required(integer)
Number of devices available within package type.
- applications: required(integer)
Number of applications available within package type.
- disk_size: required(integer)
Disk size of the package type.
- traffic: required(integer)
Traffic of the package type.
- description: required(string)
Explanation of the package type.
Example:
{
"id": 5,
"name": "cloud-5",
"devices": 5,
"applications": 5,
"disk_size": 5,
"traffic": 5,
"description": "Cloud package for 5 devices"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /packages-types/{id}
Retrieve the package type.
- kaa:tenant:package-type:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the package type.
Example:
1
HTTP status code 200
Package type is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a package type.
- name: required(string)
Name of the a package type.
- devices: required(integer)
Number of devices available within package type.
- applications: required(integer)
Number of applications available within package type.
- disk_size: required(integer)
Disk size of the package type.
- traffic: required(integer)
Traffic of the package type.
- description: required(string)
Explanation of the package type.
Example:
{
"id": 5,
"name": "cloud-5",
"devices": 5,
"applications": 5,
"disk_size": 5,
"traffic": 5,
"description": "Cloud package for 5 devices"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /packages-types/{id}
Update the package type.
- kaa:tenant:package-type:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the package type.
Example:
1
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Name of the a package type.
- devices: required(integer)
Number of devices available within package type.
- applications: required(integer)
Number of applications available within package type.
- disk_size: required(integer)
Disk size of the package type.
- traffic: required(integer)
Traffic of the package type.
- description: required(string)
Explanation of the package type.
Example:
{
"name": "cloud-5",
"devices": 5,
"applications": 5,
"disk_size": 5,
"traffic": 5,
"description": "Cloud package for 5 devices"
}
HTTP status code 201
The package type is successfully updated.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Name of the a package type.
- devices: required(integer)
Number of devices available within package type.
- applications: required(integer)
Number of applications available within package type.
- disk_size: required(integer)
Disk size of the package type.
- traffic: required(integer)
Traffic of the package type.
- description: required(string)
Explanation of the package type.
Example:
{
"id": 5,
"name": "cloud-5",
"devices": 5,
"applications": 5,
"disk_size": 5,
"traffic": 5,
"description": "Cloud package for 5 devices"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Subscriptions
Operations on subscriptions.
get /tenants-subscriptions
Retrieve all tenant subscriptions.
- kaa:tenant:tenant-subscription:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1 - tenant_id: optional (string)
Filters tenants by tenant ID.
Example:
96f512df-ef70-45fe-ade7-824468a953e5 - package_type: optional (string)
Filters tenants by package type.
Example:
5 - start_date: optional (string)
Filters tenants by package start date.
Example:
31-05-2022 - end_date: optional (string)
Filters tenants by package end date.
Example:
31-05-2022
HTTP status code 200
Subscriptions list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of Subscription)
Items: Subscription
- id: required(integer)
Unique identifier of a subscription.
- tenant_id: required(string)
Unique identifier of a tenant.
- start_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- end_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- package_type: required(integer)
Chosen package type.
- id: required(integer)
Example:
{
"count": 1,
"results": [
{
"id": 1,
"tenant_id": "b6d6ac85-e3a2-4153-ad26-5582d2773d40",
"start_date": "2022-04-21T20:35:36.524970",
"end_date": "2022-05-21T20:35:36.524970",
"package_type": 5
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /tenants-subscriptions
Create subscriptions.SubscriptionCreateUpdate
- kaa:tenant:tenant-subscription:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- tenant_id: required(string)
Unique identifier of a tenant.
- start_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- end_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- package_type: required(integer)
Chosen package type.
Example:
{
"tenant_id": "b6d6ac85-e3a2-4153-ad26-5582d2773d40",
"start_date": "2022-04-21T20:35:36.524970",
"end_date": "2022-05-21T20:35:36.524970",
"package_type": 5
}
HTTP status code 200
Subscription created successfully.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a subscription.
- tenant_id: required(string)
Unique identifier of a tenant.
- start_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- end_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- package_type: required(integer)
Chosen package type.
Example:
{
"tenant_id": "b6d6ac85-e3a2-4153-ad26-5582d2773d40",
"start_date": "2022-04-21T20:35:36.524970",
"end_date": "2022-05-21T20:35:36.524970",
"package_type": 5
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants-subscriptions/{id}
Retrieve subscription.
- kaa:tenant:tenant-subscription:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the subscription.
Example:
1
HTTP status code 200
Subscription is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a subscription.
- tenant_id: required(string)
Unique identifier of a tenant.
- start_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- end_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- package_type: required(integer)
Chosen package type.
Example:
{
"id": 1,
"tenant_id": "b6d6ac85-e3a2-4153-ad26-5582d2773d40",
"start_date": "2022-04-21T20:35:36.524970",
"end_date": "2022-05-21T20:35:36.524970",
"package_type": 5
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /tenants-subscriptions/{id}
Update subscription.
- kaa:tenant:tenant-subscription:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the subscription.
Example:
1
Body
Media type: application/json
Type: object
Properties
- tenant_id: required(string)
Unique identifier of a tenant.
- start_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- end_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- package_type: required(integer)
Chosen package type.
Example:
{
"tenant_id": "b6d6ac85-e3a2-4153-ad26-5582d2773d40",
"start_date": "2022-04-21T20:35:36.524970",
"end_date": "2022-05-21T20:35:36.524970",
"package_type": 5
}
HTTP status code 201
Subscription is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a subscription.
- tenant_id: required(string)
Unique identifier of a tenant.
- start_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- end_date: required(datetime)
Subscription creation timestamp in ISO 8601 format (UTC timezone).
- package_type: required(integer)
Chosen package type.
Example:
{
"id": 1,
"tenant_id": "b6d6ac85-e3a2-4153-ad26-5582d2773d40",
"start_date": "2022-04-21T20:35:36.524970",
"end_date": "2022-05-21T20:35:36.524970",
"package_type": 5
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Index management
Operations on index management.
get /index-management-policies
Retrieve rotation span.
- kaa:tenant:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 200
Retrieve the index policy rotation from an environment variable.
Body
Media type: application/json
Type: object
Properties
- index_policy_rotations_span: required(integer)
Example:
{
"index_policy_rotations_span": 15
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /index-management-policies
Apply index rotation policies.
- kaa:tenant:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- index_policy_rotations_span: required(integer)
Example:
{
"index_policy_rotations_span": 15
}
HTTP status code 200
Index rotation policy applied.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Js policy
Operations on js policy.
get /js-policy
Retrieve all js policies.
- kaa:tenant:js-policy:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Js policy list is successfully retrieved.
Body
Media type: application/json
Type: tenant-manager-api-types.PageJsPolicyInfo
Example:
{
"count": 3,
"results": [
{
"id": 1,
"name": "Resource creator",
"type": "script-creator-script-policy.js",
"scope": ["endpoint:delete", "endpoint:read", "endpoint:update"]
},
{
"id": 2,
"name": "Public access",
"type": "script-public-script-policy.js",
"scope": [
"application:endpoint-config:read",
"application:endpoints-metadata-keys:read",
"application:read",
"application:timeseries-config:read",
"dashboard:read",
"endpoint:read"
]
},
{
"id": 3,
"name": "Group Policy",
"type": "script-group-script-policy.js",
"scope": [
"application:delete",
"application:endpoint-command:read",
"application:endpoint-config:delete",
"application:endpoint-config:read",
"application:endpoint-config:update",
"application:endpoint:create",
"application:endpoint-filter:create",
"application:endpoint-filter:delete",
"application:endpoint-filter:read",
"application:endpoint-filter:update",
"application:endpoints-metadata-keys:read",
"application:read",
"application:software:read",
"application:timeseries-config:read",
"application:update",
"endpoint:delete",
"endpoint:read",
"endpoint:update"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /js-policy
Create js policy.
- kaa:tenant:tenant-js-policy:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: tenant-manager-api-types.TenantJsPolicyMappingCreate
Example:
Can not resolve examples/tenantJsPolicyMappingCreate.jsonHTTP status code 200
Js policy is successfully created.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Name of the a js policy.
- type: required(string)
Type of the a js policy.
Example:
{
"id": 4,
"name": "Resource creator",
"type": "script-creator-script-policy.js",
"scope": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
/js-policy/{id} get
get /js-policy/{id}
Retrieve js policy.
- kaa:tenant:js-policy:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the js policy to operate on.
Example:
1
HTTP status code 200
Js policy is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a js policy.
- name: required(string)
Name of the a js policy.
- type: required(string)
Type of the a js policy.
- scope: required(array of )
List of scopes.
Example:
{
"id": 1,
"name": "Resource creator",
"type": "script-creator-script-policy.js",
"scope": ["endpoint:delete", "endpoint:read", "endpoint:update"]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Js policy mapping
Operations on js policy mapping.
get /tenant-js-policy-mapping
Retrieve all tenant js policy mapping.
- kaa:tenant:tenant-js-policy-mapping:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0 - limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Js policy mapping list is successfully retrieved.
Body
Media type: application/json
Type: tenant-manager-api-types.PageJsPolicyMappingInfo
Example:
Can not resolve examples/jsPolicyMappingListResponse.jsonHTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /tenant-js-policy-mapping
Create js policy mapping.
- kaa:tenant:tenant-js-policy-mapping:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: tenant-manager-api-types.JsPolicyMappingCreate
Example:
Can not resolve examples/jsPolicyMappingCreate.jsonHTTP status code 200
Js policy mapping is successfully created.
Body
Media type: application/json
Type: tenant-manager-api-types.JsPolicyMapping
Example:
Can not resolve examples/jsPolicyMappingResponse.jsonHTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenant-js-policy-mapping/{id}
Retrieve js policy mapping policy.
- kaa:tenant:tenant-js-policy-mapping:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the js policy mapping to operate on.
Example:
1
HTTP status code 200
Js policy mapping is successfully retrieved.
Body
Media type: application/json
Type: tenant-manager-api-types.JsPolicyMapping
Example:
Can not resolve examples/jsPolicyMappingResponse.jsonHTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /tenant-js-policy-mapping/{id}
Delete js policy mapping.
- kaa:tenant:tenant-js-policy-mapping:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the js policy mapping to operate on.
Example:
1
HTTP status code 204
Js policy mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
