Administrative Token API

 
casso128
none
{ "swagger": "2.0", "info": { "description": "The Administrative Token API provides a single call that receives Basic authentication credentials of a CA Single Sign-On Administrator in the Authorization header. If Basic authentication for the specified administrator account is successful, the API returns a JWT token containing a session ticket." }, "paths": { "/ca/api/sso/services/login/v1/token": { "post": { "tags": [ "authenticationservice" ], "description": "Receives a username/password provided in the Authentication header as Basic Auth and authenticates this user as a valid CA SSO Administrator. If the user is authenticated, a CA SSO Session Specification is created and returned in a JWT token for use in requests to the REST API.", "security": [ { "basicAuth": [ ] } ], "produces": [ "application/json" ], "responses": { "200": { "description": "A JWT token containing a CA SSO Session Spec." } } } } }, "definitions": { "object": { "type": "object", "discriminator": "type", "description": "the object base class, all other classes inherit from this class. Click on properties for descriptions.", "properties": { "type": { "type": "string", "description": "XPS class", "maxLength": 255 }, "path": { "type": "string", "description": "Property description", "maxLength": 255 }, "id": { "type": "string", "description": "Property description", "maxLength": 255 } } }, "deployment_export": { "type": "object", "description": "Service request description for granular export of policy data", "required": [ "mainObjectsMethod", "closureObjectsMethod", "passPhrase", "suggestedFileName", "objects" ], "properties": { "mainObjectsMethod": { "type": "string", "description": "Specifies how the policy data for explicitly exported objects behaves when imported. Use one of the following options: ADD . Only new policy data is added to the target policy store during import. OVERLAY . If the object already exists in the target store, it is updated with only the latest changes from the exported data during import. REPLACE . If the object already exists in the target store, it is overwritten with the exported data during import.", "enum": [ "ADD", "OVERLAY", "REPLACE" ] }, "closureObjectsMethod": { "type": "string", "description": "Specifies how the system objects related to exported policy objects behave when imported. System objects that are related to a specified object are automatically included when an object is exported. For example, a referenced agent is also exported when a domain is exported. Use one of the following options: ADD . Only new policy data is added to the target policy store during import. OVERLAY . If the object already exists in the target store, it is updated with only the latest changes from the exported data during import. REPLACE . If the object already exists in the target store, it is overwritten with the exported data during import.", "enum": [ "ADD", "OVERLAY", "REPLACE" ] }, "passPhrase": { "type": "string", "description": "Specifies a passphrase to use to encrypt the export data. This passphrase must be at least eight characters long and must contain at least one digit, one uppercase, and one lowercase character. The passphrase can contain a space that is enclosed in quotes." }, "suggestedFileName": { "type": "string", "description": "Specifies a filename that is returned as an attachment in the Content-Disposition response header." }, "objects": { "type": "array", "items": { "$ref": "#/definitions/objects" }, "description": "Specifies an array of paths to root policy objects to export." } } }, "objects": { "type": "object", "required": [ "path" ], "properties": { "path": { "type": "string", "description": "the same that would appear in a Policy Data API call to retrieve an object. For example, if the URL of a call to retrieve an object is https://hostname:8080/ca/api/sso/services/policy/v1/smdomains/FedBackChannelBasicDomain, the path reference is smdomains/FedBackChannelBasicDomain." } } }, "smerror": { "type": "object", "description": "the smerror class, returned in reponse body when error conditions are encountered. Click on properties for descriptions.", "required": [ "smerrorcode", "message" ], "properties": { "smerrorcode": { "type": "string", "description": "the REST API error code", "format": "int32" }, "message": { "type": "string", "description": "the REST API error message" } } }, "link": { "type": "object", "description": "the link class, represents a link to an object. Click on properties for descriptions.", "properties": { "href": { "type": "string", "description": "The link in hypertext form" }, "id": { "type": "string", "description": "The id of the object" }, "path": { "type": "string", "description": "The name path to the object" }, "desc": { "type": "string", "description": "Description of the object" } } }, "cdscrlrevocationdata": { "type": "object", "description": "", "allOf": [ { "$ref": "#/definitions/object" } ], "properties": { "addtime": { "type": "string", "description": "The time the CRL was added to the store." }, "iscrlvalid": { }, "graceperiod": { "type": "string", "description": "The revocation grace period (in days) - overrides the global RevocationGracePeriod" }, "issuerxid": { "type": "string", "description": "The XID of the corresponding issuer Certificate" }, "location": { "type": "string", "description": "The location of the corresponding CRL." }, "nextupdate": { "type": "string", "description": "The next update (in ms) for the CRL." }, "thisupdate": { "type": "string", "description": "The value of the ThisUpdate attributte on the CRL (in ms)." }, "type": { "type": "array", "description": "The type of the Certificate Revocation List", "items": { "type": "string", "enum": [ "LDAP", "File" ] } } } }, "cdscertificate": { "type": "object", "description": "", "required": [ "alias", "certificatedata", "crlrevstatusvalue", "isfipsapproved", "issuerdn", "ocsprevstatusvalue", "serialnumber", "subjectname", "type" ], "allOf": [ { "$ref": "#/definitions/object" } ], "properties": { "alias": { "type": "string", "description": "The alias for the certificate data", "maxLength": 255 }, "device": { "type": "string", "description": "The device that actually performed the signing or verifying" }, "certificatedata": { "type": "string", "description": "The base 64 encoded certificate" }, "enablecertvalidfailover": { }, "crlrevocationdatalink": { "$ref": "#/definitions/link" }, "crlrevstatusvalue": { "type": "array", "description": "Specifies the revocation status value for certificate as obtained by a CRL check.", "items": { "type": "string", "enum": [ "UNKNOWN", "Valid", "Revoked" ] } }, "isfipsapproved": { }, "issuerlink": { "$ref": "#/definitions/link" }, "issuerdn": { "type": "string", "description": "The IssuerDN for the certificate." }, "primaryvalidationmethod": { "type": "array", "description": "Indicates whether OCSP or CRL is the primary method for certificate revocation validation.", "items": { "type": "string", "enum": [ "OCSP", "CRL" ] } }, "ocsprevocationdatalink": { "$ref": "#/definitions/link" }, "ocsprevocationtime": { "type": "string", "description": "The time the certificate was revoked by a call to the OCSP." }, "ocsprevstatusvalue": { "type": "array", "description": "Specifies the revocation status value for certificate as obtained by an OCSP call.", "items": { "type": "string", "enum": [ "UNKNOWN", "Valid", "Revoked" ] } }, "privatekey": { "type": "string", "description": "The private key for the certificate, if one exists." }, "privatekeyalgorithm": { "type": "string", "description": "The private key algorithm for the certificate, if one exists." }, "serialnumber": { "type": "string", "description": "The serial number of the certificate" }, "subjectname": { "type": "string", "description": "The subject name for the certificate data" }, "type": { "type": "array", "description": "Indicates the type of certificate object: Certificate, KeyEntry, TrustedCA", "items": { "type": "string", "enum": [ "Certificate", "KeyEntry", "TrustedCA" ] } } } }, "cdsocsprevocationdata": { "type": "object", "description": "", "required": [ "loadedfrom" ], "allOf": [ { "$ref": "#/definitions/object" } ], "properties": { "altissuerdn": { "type": "string", "description": "Specifies a secondary IssuerDN or reversed DN" }, "graceperiod": { "type": "string", "description": "The revocation grace period (in days) - overrides the global RevocationGracePeriod" }, "httpproxyenabled": { }, "httpproxylocation": { "type": "string", "description": "Indicates the location of the OCSP HTTP Proxy." }, "httpproxyusername": { "type": "string", "description": "Indicates the user name for the login credentials of the OCSP HTTP Proxy." }, "httpproxypassword": { "type": "string", "description": "Indicates the password for the login credentials of the OCSP HTTP Proxy." }, "ignorenonceextension": { }, "issuerxid": { "type": "string", "description": "The XID of the corresponding issuer Certificate" }, "configuredissuerdn": { "type": "string", "description": "Specifies a the configured IssuerDN" }, "responderlocation": { "type": "string", "description": "Indicates the location of the OCSP responder server." }, "useaiaextension": { }, "respondercertificatealias": { "type": "string", "description": "Designates the alias of the OCSP responder's certificate." }, "signrequestenabled": { }, "signaturealias": { "type": "string", "description": "Designates alias of the certificate that will sign the OCSP request." }, "signaturedigest": { "type": "string", "description": "Designates the algorithm used when signing the OCSP request." }, "loadedfrom": { "type": "array", "description": "Indicates that this OCSP responder loaded from File or UI.", "items": { "type": "string", "enum": [ "UI", "File" ] } } } } }, "responses": { "400error": { "description": "Failed operation. invalid inputs", "schema": { "$ref": "#/definitions/smerror" } }, "404error": { "description": "Failed operation. object not found", "schema": { "$ref": "#/definitions/smerror" } }, "500error": { "description": "Server error", "schema": { "$ref": "#/definitions/smerror" } }, "defaulterror": { "description": "An unexpected error occurred.", "schema": { "$ref": "#/definitions/smerror" } } }, "parameters": { "expanded": { "name": "expanded", "in": "query", "description": "return the object while expanding all the objects associated with it as well as all of it's children objects (entire sub-tree of this object).", "required": false, "type": "boolean" }, "classinfo": { "name": "classinfo", "in": "query", "description": "return the meta-data/class information for this object's class. specifies what fields are mandatory, the value's data type, whether it's a list or a single value, etc.", "required": false, "type": "boolean" }, "editinfo": { "name": "editinfo", "in": "query", "description": "same as classinfo, but with the addition of the actual values of the object.", "required": false, "type": "boolean" } } }