openapi: 3.0.1 info: title: IAM Tenant Management API Specification description: This specification describes the endpoints of the IAM Tenant Management service. version: 0-SNAPSHOT servers: - url: http://localhost description: local development host tags: - name: IAM Console Tenant Management description: Management functions for tenants - name: IAM Console Tenant Actor Management description: Management functions for tenant actors paths: /tenant/v1/tenants: get: tags: - IAM Console Tenant Management summary: Get tenants description: Read tenants operationId: getTenants parameters: - name: query in: query required: false content: application/json: schema: $ref: '#/components/schemas/TenantQueryV1' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/count' responses: "200": description: OK headers: Page-Offset: $ref: '#/components/headers/Page-Offset' Page-Limit: $ref: '#/components/headers/Page-Limit' Page-Total: $ref: '#/components/headers/Page-Total' Data-Projected: $ref: '#/components/headers/Data-Projected' content: application/json: schema: type: array items: $ref: '#/components/schemas/TenantV1' application/x-ndjson: schema: type: array items: $ref: '#/components/schemas/TenantV1' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' security: - iam-console-token: [] post: tags: - IAM Console Tenant Management summary: Create new tenant description: Creates a new tenant for a given application operationId: createTenant requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantInV1' required: true responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/~list: post: tags: - IAM Console Tenant Management summary: List tenants description: Read tenants via a posted query operationId: listTenants parameters: - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/count' requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantQueryV1' responses: "200": description: OK headers: Page-Offset: $ref: '#/components/headers/Page-Offset' Page-Limit: $ref: '#/components/headers/Page-Limit' Page-Total: $ref: '#/components/headers/Page-Total' Data-Projected: $ref: '#/components/headers/Data-Projected' content: application/json: schema: type: array items: $ref: '#/components/schemas/TenantV1' application/x-ndjson: schema: type: array items: $ref: '#/components/schemas/TenantV1' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}: get: tags: - IAM Console Tenant Management summary: Get tenant description: Read tenant by tenant expression operationId: getTenantByExpression parameters: - $ref: '#/components/parameters/tenant-expression' - name: projection in: query required: false content: application/json: schema: $ref: '#/components/schemas/TenantProjectionV1' responses: "200": description: OK headers: Data-Projected: $ref: '#/components/headers/Data-Projected' content: application/json: schema: $ref: '#/components/schemas/TenantV1' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' security: - iam-console-token: [] delete: tags: - IAM Console Tenant Management summary: Delete tenant description: Removes the given tenant. The tenant must be decommissioned before delete is possible. operationId: deleteTenant parameters: - $ref: '#/components/parameters/tenant-expression' responses: "204": description: The request is processed and no content was returned "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/~activate: post: tags: - IAM Console Tenant Management summary: Activate tenant description: "Activates the given tenant, enabling login" operationId: activateTenant parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/returnUpdated' responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/~archive: post: tags: - IAM Console Tenant Management summary: Archive tenant description: "Archive the given tenant, no longer possible to reactivate tenant\ \ and all tokens are revoked" operationId: archiveTenant parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/returnUpdated' responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/~deactivate: post: tags: - IAM Console Tenant Management summary: Deactivate tenant description: "Deactivates the given tenant, revoking all tokens and disable\ \ login" operationId: deactivateTenant parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/returnUpdated' responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/~decommission: post: tags: - IAM Console Tenant Management summary: Decommission tenant description: "Decommission the given tenant, purging data where possible" operationId: decommissionTenant parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/returnUpdated' responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/actors/~invite: post: tags: - IAM Console Tenant Actor Management summary: Invite actor into tenant description: Enrolls a new actor with the given details into the given tenant and return its invite code operationId: inviteTenantActor parameters: - $ref: '#/components/parameters/tenant-expression' requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantActorInviteInV1' required: true responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantActorV1' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/actors/~register: post: tags: - IAM Console Tenant Actor Management summary: Register actor into tenant description: Enrolls a new actor with the given details and idp affiliations into the given tenant operationId: registerTenantActor parameters: - $ref: '#/components/parameters/tenant-expression' requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantActorRegisterInV1' required: true responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantActorV1' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/description: put: tags: - IAM Console Tenant Management summary: Set tenant description description: Updates the description for a tenant operationId: setTenantDescription parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/returnUpdated' requestBody: content: application/json: schema: $ref: '#/components/schemas/DescriptionValueInV1' required: true responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' security: - iam-console-token: [] delete: tags: - IAM Console Tenant Management summary: Delete tenant description description: Removes the description for a tenant operationId: deleteTenantDescription parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/returnUpdated' responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/name: put: tags: - IAM Console Tenant Management summary: Set tenant name description: Updates the name for a tenant operationId: setTenantName parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/returnUpdated' requestBody: content: application/json: schema: $ref: '#/components/schemas/NameRequiredValueInV1' required: true responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' security: - iam-console-token: [] /tenant/v1/tenants/{tenant-expression}/tags/{tag}: put: tags: - IAM Console Tenant Management summary: Set tenant tag description: Sets a tag for the given tenant operationId: setTenantTag parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/tag' - $ref: '#/components/parameters/returnUpdated' responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' "409": $ref: '#/components/responses/Conflict' security: - iam-console-token: [] delete: tags: - IAM Console Tenant Management summary: Delete tenant tag description: Removes given tag for the given tenant operationId: deleteTenantTag parameters: - $ref: '#/components/parameters/tenant-expression' - $ref: '#/components/parameters/tag' - $ref: '#/components/parameters/returnUpdated' responses: "200": description: OK content: application/json: schema: $ref: '#/components/schemas/TenantV1' "204": $ref: '#/components/responses/NoContent' "400": $ref: '#/components/responses/BadRequest' "401": $ref: '#/components/responses/Unauthorized' "403": $ref: '#/components/responses/Forbidden' "404": $ref: '#/components/responses/NotFound' security: - iam-console-token: [] components: schemas: ActorInviteInV1: required: - expireInSecs type: object properties: expireInSecs: type: integer description: Number of seconds until the invite code expire format: int32 default: 604800 allowedIdentityProviders: maxItems: 10 minItems: 0 type: array description: A set of allowed identity providers use for the invitee. If omitted then any identity provider is allowed. items: maxLength: 64 minLength: 1 pattern: "^[a-zA-Z0-9-_.]{1,64}$" type: string description: An identity provider key which is used to identity a specific identity provider configuration. example: idp-1 ChangeIdConditionV1: required: - operator type: object properties: operator: type: string description: "Operation applied on conditions made on a field. Example:\ \ AGE_YEAR GREATER_THAN 16. Note that support for respective operator\ \ is dependant on the underlying value type. See separate documentation\ \ for full details." enum: - EQUALS - NOT_EQUALS - LESS_THAN - LESS_THAN_OR_EQUALS - GREATER_THAN - GREATER_THAN_OR_EQUALS - ANY_OF - NONE_OF - ALL_OF - EXISTS - NOT_EXISTS values: maxItems: 500 minItems: 0 type: array description: The value(s) to check in conjunction with the supplied operator items: type: string description: Text representation of changeId sequence number example: "7380283282446876762" description: Filter tenants based on their changeId DescriptionValueInV1: type: object properties: description: maxLength: 4096 type: string description: "A description, usually for an entity" example: "Lorem ipsum dolor sit amet, consectetur adipiscing elit." ErrorDetailV1: required: - code type: object properties: field: type: string description: A reference to a field or parameter which cannot be processed code: type: string description: "A code which indicated the type of error, documented per service" message: type: string description: "Additional information, intended for developers" description: "Additional error details, usually used for form validation. Documented\ \ per service and endpoint." ErrorV1: required: - errorId type: object properties: errorId: type: string description: "An error identifier for the request, to be provided in troubleshooting." code: type: string description: An error code which describes this error. Documented per service and endpoint. message: type: string description: A human readable message of error. Intended for developers. details: type: array description: "Additional error details, usually used for form validation.\ \ Documented per service and endpoint." items: $ref: '#/components/schemas/ErrorDetailV1' FieldProjectionV1: type: object properties: mode: $ref: '#/components/schemas/ProjectionModeTypeV1' description: Field projection settings IdpAffiliationInV1: required: - idpKey type: object properties: idpKey: maxLength: 64 minLength: 1 pattern: "^[a-zA-Z0-9-_.]{1,64}$" type: string description: An identity provider key which is used to identity a specific identity provider configuration. example: idp-1 subject: maxLength: 256 minLength: 1 type: string description: The id of the subject for an identity provider. username: maxLength: 256 minLength: 1 type: string description: The username of a subject for an identity provider. Usually an email address or AD name. Used when the 'subject' is not known. description: Configured idpAffiliations for this actor. At least one idpAffiliation must be present to enable login. IdpAffiliationV1: required: - createdAt - createdBy - idpAffiliationId - idpKey - lastModifiedAt - lastModifiedBy type: object properties: idpAffiliationId: type: string description: The globally unique identifier for an actor identity provider affiliation idpKey: type: string description: An identity provider key which is used to identity a specific identity provider configuration. subject: type: string description: The id of the subject for an identity provider. username: type: string description: The username of a subject for an identity provider. Usually an email address or AD name. Used when the 'subject' is not known. verifiedAt: type: string description: UTC date time when idpAffiliation was first used. This string is formatted according to RFC3339. format: date-time createdAt: type: string description: UTC date time when entity was created. This string is formatted according to RFC3339. format: date-time createdBy: type: string description: The globally unique identifier for an actor lastModifiedAt: type: string description: UTC date time when entity was modified. This string is formatted according to RFC3339. format: date-time lastModifiedBy: type: string description: The globally unique identifier for an actor description: Configured idpAffiliations for this actor. At least one idpAffiliation must be present to enable login. NameRequiredValueInV1: required: - name type: object properties: name: maxLength: 64 minLength: 1 type: string description: "A name, usually for an entity" example: John Doe ProjectionModeTypeV1: type: string description: Indicates if the field shall be included in the result. Defaults to INCLUDE if omitted. default: INCLUDE enum: - INCLUDE - EXCLUDE StatusPreviousValueV1: required: - createdAt - createdBy - replacedAt - replacedBy - value type: object properties: value: type: string description: A status value example: Operational createdAt: type: string description: UTC date time when the status was created. This string is formatted according to RFC3339. format: date-time createdBy: type: string description: The globally unique identifier for an actor replacedAt: type: string description: UTC date time when the status ended. This string is formatted according to RFC3339. format: date-time replacedBy: type: string description: The globally unique identifier for an actor description: "Historic values for this status, ordered by descending createdAt" StatusV1: required: - createdAt - createdBy - value type: object properties: value: type: string description: A status value example: Operational createdAt: type: string description: UTC date time when the status was created. This string is formatted according to RFC3339. format: date-time createdBy: type: string description: The globally unique identifier for an actor previousValues: type: array description: "Historic values for this status, ordered by descending createdAt" items: $ref: '#/components/schemas/StatusPreviousValueV1' StringConditionV1: required: - operator type: object properties: operator: type: string description: "Operation applied on conditions made on a field. Example:\ \ AGE_YEAR GREATER_THAN 16. Note that support for respective operator\ \ is dependant on the underlying value type. See separate documentation\ \ for full details." enum: - EQUALS - NOT_EQUALS - LESS_THAN - LESS_THAN_OR_EQUALS - GREATER_THAN - GREATER_THAN_OR_EQUALS - REGEXP - ANY_OF - NONE_OF - ALL_OF - EXISTS - NOT_EXISTS values: maxItems: 500 minItems: 0 type: array description: The value(s) to check in conjunction with the supplied operator items: type: string description: The value(s) to check in conjunction with the supplied operator description: Filter tenants based on their name TagConditionV1: required: - operator type: object properties: operator: type: string description: "Operation applied on conditions made on a field. Example:\ \ AGE_YEAR GREATER_THAN 16. Note that support for respective operator\ \ is dependant on the underlying value type. See separate documentation\ \ for full details." enum: - LIKE - ANY_OF values: maxItems: 500 minItems: 0 type: array description: The value(s) to check in conjunction with the supplied operator items: type: string description: The value(s) to check in conjunction with the supplied operator description: Filter tenants based on their tags TenantActorAccessInV1: required: - role type: object properties: role: maxLength: 64 minLength: 1 pattern: "^[a-zA-Z0-9-_.]{1,64}$" type: string description: "The identifier of a role, also know as 'roleKey'" example: ADMINISTRATOR description: Configured accesses for this actor. At least one role must be present and it will not have any explicit resource associations. TenantActorInviteInV1: required: - accesses - invite - type type: object properties: actorIdPrefix: maxLength: 16 pattern: "^[a-zA-Z0-9-_&|#%?<>./:;,!\\[\\]()]{0,16}$" type: string description: This optional field can be used to give a prefix for the actorId which is about to be created example: user name: maxLength: 256 type: string description: "A name, usually for an entity" example: John Doe description: maxLength: 4096 type: string description: "A description, usually for an entity" example: "Lorem ipsum dolor sit amet, consectetur adipiscing elit." type: maxLength: 256 minLength: 1 pattern: "^[a-zA-Z0-9-_.]{1,256}$" type: string description: "The actor type. Used to distinguish different variants and\ \ to tie configurations, permissions and rules." example: "PERSON, DEVICE" accesses: maxItems: 100 minItems: 1 type: array description: Configured accesses for this actor. At least one role must be present and it will not have any explicit resource associations. items: $ref: '#/components/schemas/TenantActorAccessInV1' invite: $ref: '#/components/schemas/ActorInviteInV1' TenantActorRegisterInV1: required: - accesses - idpAffiliations - type type: object properties: actorIdPrefix: maxLength: 16 pattern: "^[a-zA-Z0-9-_&|#%?<>./:;,!\\[\\]()]{0,16}$" type: string description: This optional field can be used to give a prefix for the actorId which is about to be created example: user name: maxLength: 256 type: string description: "A name, usually for an entity" example: John Doe description: maxLength: 4096 type: string description: "A description, usually for an entity" example: "Lorem ipsum dolor sit amet, consectetur adipiscing elit." type: maxLength: 256 minLength: 1 pattern: "^[a-zA-Z0-9-_.]{1,256}$" type: string description: "The actor type. Used to distinguish different variants and\ \ to tie configurations, permissions and rules." example: "PERSON, DEVICE" accesses: maxItems: 100 minItems: 1 type: array description: Configured accesses for this actor. At least one role must be present and it will not have any explicit resource associations. items: $ref: '#/components/schemas/TenantActorAccessInV1' idpAffiliations: maxItems: 100 minItems: 1 type: array description: Configured idpAffiliations for this actor. At least one idpAffiliation must be present to enable login. items: $ref: '#/components/schemas/IdpAffiliationInV1' TenantActorV1: required: - actorId - changeId - createdAt - createdBy - lastModifiedAt - lastModifiedBy - roles - status - tenantId - type type: object properties: actorId: type: string description: The globally unique identifier for an actor name: type: string description: The tenant actor name description: type: string description: "A description, usually for an entity" example: "Lorem ipsum dolor sit amet, consectetur adipiscing elit." type: type: string description: "The actor type. Used to distinguish different variants and\ \ to tie configurations, permissions and rules." example: "PERSON, DEVICE" status: $ref: '#/components/schemas/StatusV1' roles: type: array description: Configured roles for this actor. At least one role must be present and it will not have any explicit resource associations. items: type: string description: "The identifier of a role, also know as 'roleKey'" example: ADMINISTRATOR idpAffiliations: type: array description: Configured idpAffiliations for this actor. At least one idpAffiliation must be present to enable login. items: $ref: '#/components/schemas/IdpAffiliationV1' inviteCode: type: string description: An invite code which can be used to complete an administrator claim flow tenantId: type: string description: The globally unique identifier for a tenant createdAt: type: string description: UTC date time when entity was created. This string is formatted according to RFC3339. format: date-time createdBy: type: string description: The globally unique identifier for an actor lastModifiedAt: type: string description: UTC date time when entity was modified. This string is formatted according to RFC3339. format: date-time lastModifiedBy: type: string description: The globally unique identifier for an actor changeId: type: string description: Text representation of changeId sequence number example: "7380283282446876762" TenantConditionV1: type: object properties: operator: type: string description: Operator used when combining several conditions together default: AND enum: - AND - OR conditions: maxItems: 32 minItems: 0 type: array description: A list of conditions which in combination with any given fieldConditions and the given operator should result in true. items: $ref: '#/components/schemas/TenantConditionV1' tenantId: $ref: '#/components/schemas/StringConditionV1' applicationId: $ref: '#/components/schemas/StringConditionV1' name: $ref: '#/components/schemas/StringConditionV1' status: $ref: '#/components/schemas/TenantStatusConditionV1' tag: $ref: '#/components/schemas/TagConditionV1' changeId: $ref: '#/components/schemas/ChangeIdConditionV1' TenantInV1: required: - applicationId - name - status type: object properties: applicationId: maxLength: 64 minLength: 1 pattern: "^[a-zA-Z0-9-_.]{1,64}$" type: string description: The globally unique identifier for an application tenantIdPrefix: maxLength: 16 pattern: "^[a-zA-Z0-9-_&|#%?<>./:;,!\\[\\]()]{0,16}$" type: string description: This optional field can be used to give a prefix for the tenantId which is about to be created example: production name: maxLength: 64 minLength: 1 type: string description: "A name, usually for an entity" example: John Doe description: maxLength: 4096 type: string description: "A description, usually for an entity" example: "Lorem ipsum dolor sit amet, consectetur adipiscing elit." status: type: string description: The initial status for the tenant enum: - ACTIVE - INACTIVE tags: maxItems: 10 minItems: 0 type: array description: A set of tags. Any duplicates will be merged. items: maxLength: 20 minLength: 1 type: string description: A label that can be used to distinguish or group an entity example: RED TenantProjectionV1: type: object properties: name: $ref: '#/components/schemas/FieldProjectionV1' description: $ref: '#/components/schemas/FieldProjectionV1' tags: $ref: '#/components/schemas/FieldProjectionV1' status: $ref: '#/components/schemas/FieldProjectionV1' createdAt: $ref: '#/components/schemas/FieldProjectionV1' createdBy: $ref: '#/components/schemas/FieldProjectionV1' lastModifiedAt: $ref: '#/components/schemas/FieldProjectionV1' lastModifiedBy: $ref: '#/components/schemas/FieldProjectionV1' TenantQueryV1: type: object properties: projection: $ref: '#/components/schemas/TenantProjectionV1' filter: $ref: '#/components/schemas/TenantConditionV1' sort: type: array items: $ref: '#/components/schemas/TenantSortByV1' TenantSortByV1: required: - field type: object properties: field: type: string description: The field to sort on enum: - NAME - CHANGE_ID type: type: string description: "An optional type selector for the field. Could be used to\ \ map to underlying field in an array or map. Used together with custom\ \ data, like custom statuses." order: type: string description: "Sorting order. ASC - ascending, DESC - descending" default: ASC enum: - ASC - DESC TenantStatusConditionV1: required: - operator type: object properties: operator: type: string description: "Operation applied on conditions made on a field. Example:\ \ AGE_YEAR GREATER_THAN 16. Note that support for respective operator\ \ is dependant on the underlying value type. See separate documentation\ \ for full details." enum: - EQUALS - NOT_EQUALS - ANY_OF - NONE_OF - ALL_OF - EXISTS - NOT_EXISTS values: maxItems: 500 minItems: 0 type: array description: The value(s) to check in conjunction with the supplied operator items: type: string description: The value(s) to check in conjunction with the supplied operator enum: - ACTIVE - INACTIVE - ARCHIVED - DECOMMISSIONED description: Filter tenants based on their status TenantV1: required: - applicationId - changeId - createdAt - createdBy - lastModifiedAt - lastModifiedBy - name - status - tenantId type: object properties: tenantId: type: string description: The globally unique identifier for a tenant applicationId: type: string description: The globally unique identifier for an application name: type: string description: "A name, usually for an entity" example: John Doe description: type: string description: "A description, usually for an entity" example: "Lorem ipsum dolor sit amet, consectetur adipiscing elit." status: type: string description: The current status of the tenant. tags: type: array description: A set of tags items: type: string description: A label that can be used to distinguish or group an entity example: RED createdAt: type: string description: UTC date time when entity was created. This string is formatted according to RFC3339. format: date-time createdBy: type: string description: The globally unique identifier for an actor lastModifiedAt: type: string description: UTC date time when entity was modified. This string is formatted according to RFC3339. format: date-time lastModifiedBy: type: string description: The globally unique identifier for an actor changeId: type: string description: Text representation of changeId sequence number example: "7380283282446876762" responses: NoContent: description: The request is processed and no content was returned BadRequest: description: "The request is malformed, see error data for additional information" content: application/json: schema: $ref: '#/components/schemas/ErrorV1' Unauthorized: description: The request did not have valid authentication credentials content: application/json: schema: $ref: '#/components/schemas/ErrorV1' Forbidden: description: The requester is not authorized to perform this action content: application/json: schema: $ref: '#/components/schemas/ErrorV1' NotFound: description: The resource could not be found content: application/json: schema: $ref: '#/components/schemas/ErrorV1' Conflict: description: "The request could not be processed due to a conflict in state,\ \ see error data for additional information" content: application/json: schema: $ref: '#/components/schemas/ErrorV1' parameters: count: name: count in: query description: Count the total amount of matched records for the given query schema: type: boolean default: false limit: name: limit in: query description: Maximum limit of returned results schema: type: integer format: int32 default: 500 offset: name: offset in: query description: Offset is used to skip results in pagination schema: type: integer format: int32 default: 0 returnUpdated: name: returnUpdated in: query description: To return the entity after successful update or not schema: type: boolean default: false tag: name: tag in: path required: true schema: maxLength: 20 minLength: 1 type: string description: A label that can be used to distinguish or group an entity example: RED tenant-expression: name: tenant-expression in: path required: true schema: pattern: "^[a-zA-Z0-9-_.]{1,64}$" type: string description: "Used to identify a specific tenantId. The available options\ \ are: \n* '{tenantId}' - direct tenantId reference" headers: Data-Projected: description: States if the returned data was projected. Defaults to 'false' if omitted required: false schema: type: boolean Page-Limit: description: The backend determined limit that was used for the query required: true schema: type: integer format: int32 Page-Offset: description: "The used offset for the query, used for pagination" required: true schema: type: integer format: int32 Page-Total: description: The amount of matched records for the query required: false schema: type: integer format: int32 securitySchemes: iam-console-token: type: http scheme: bearer bearerFormat: IAM issued jwt token for the IAM console application