From 61df8ed073718f9ddc4c24d0944ba3a05890079e Mon Sep 17 00:00:00 2001 From: Jochen Traunecker Date: Thu, 21 Nov 2024 14:49:21 +0100 Subject: [PATCH] DATAGO-84853: cema config push resiliency (#211) --- service/application/pom.xml | 92 +- .../model/SempAclProfileDeletionRequest.java | 11 + ...lPublishTopicExceptionDeletionRequest.java | 15 + ...ubscribeTopicExceptionDeletionRequest.java | 16 + ...SempAuthorizationGroupDeletionRequest.java | 11 + .../SempClientUsernameDeletionRequest.java | 12 + .../maas/ep/common/model/SempEntityType.java | 11 + .../model/SempQueueDeletionRequest.java | 11 + ...QueueTopicSubscriptionDeletionRequest.java | 12 + .../agent/command/CommandManager.java | 274 +- .../command/SempDeleteCommandManager.java | 242 + .../agent/command/semp/SempApiProvider.java | 15 + .../command/semp/SempApiProviderImpl.java | 65 + ...atingPersistentMessageHandlerObserver.java | 29 + ...PersistentMessageHandlerObserverPhase.java | 13 +- .../SolacePersistentMessageHandler.java | 21 +- ...olacePersistentMessageHandlerObserver.java | 14 +- .../agent/subscriber/SolaceSubscriber.java | 1 + .../resources/oas/semp-v2-swagger-config.json | 37479 ++++++++++++++++ .../ep/event/management/agent/TestConfig.java | 10 +- .../commandManager/CommandManagerTests.java | 175 +- .../SempDeleteCommandManagerTest.java | 611 + ...gPersistentMessageHandlerObserverTest.java | 51 + .../PersistentMessageHandlerTests.java | 6 +- ...olacePersistentMessageHandlerObserver.java | 7 +- .../sempResponseMissingResource.json | 14 + .../plugin/command/model/CommandType.java | 3 +- .../model/SempDeleteCommandConstants.java | 12 + service/pom.xml | 1 + .../SolaceQueueConfigurationProcessor.java | 1 + .../TerraformLogProcessingService.java | 20 +- .../terraform/manager/TerraformManager.java | 15 + .../terraform/manager/TerraformUtils.java | 57 +- .../plugin/terraform/TerraformCommandIT.java | 1 - .../TerraformLogProcessingServiceTest.java | 29 + .../plugin/terraform/TerraformUtilsTest.java | 34 + 36 files changed, 39209 insertions(+), 182 deletions(-) create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempAclProfileDeletionRequest.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempAclPublishTopicExceptionDeletionRequest.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempAclSubscribeTopicExceptionDeletionRequest.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempAuthorizationGroupDeletionRequest.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempClientUsernameDeletionRequest.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempEntityType.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueDeletionRequest.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueTopicSubscriptionDeletionRequest.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/SempDeleteCommandManager.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProvider.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProviderImpl.java create mode 100644 service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/EmaRestartSimulatingPersistentMessageHandlerObserver.java create mode 100644 service/application/src/main/resources/oas/semp-v2-swagger-config.json create mode 100644 service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/SempDeleteCommandManagerTest.java create mode 100644 service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/EmRestartSimulatingPersistentMessageHandlerObserverTest.java create mode 100644 service/application/src/test/resources/sempResponses/sempResponseMissingResource.json create mode 100644 service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/SempDeleteCommandConstants.java create mode 100644 service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformLogProcessingServiceTest.java create mode 100644 service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformUtilsTest.java diff --git a/service/application/pom.xml b/service/application/pom.xml index f3bb5d771..00aef7577 100644 --- a/service/application/pom.xml +++ b/service/application/pom.xml @@ -1,5 +1,6 @@ - + 4.0.0 com.solace.maas @@ -21,6 +22,7 @@ 2.16.1 4.2.0 1.4.13 + 2.4.43 @@ -224,7 +226,7 @@ - org.hibernate + org.hibernate.validator hibernate-validator 8.0.1.Final @@ -304,7 +306,6 @@ test - com.solacesystems solclientj @@ -330,6 +331,32 @@ jakarta.servlet jakarta.servlet-api + + + com.squareup.okhttp + okhttp + 2.7.5 + + + org.springframework.retry + spring-retry + 2.0.5 + + + io.swagger + swagger-annotations + 1.6.12 + + + com.squareup.okhttp + logging-interceptor + 2.7.5 + + + io.gsonfire + gson-fire + 1.9.0 + @@ -387,6 +414,65 @@ + + org.codehaus.mojo + build-helper-maven-plugin + 3.6.0 + + + add-source + generate-sources + + add-source + + + + ${project.build.directory}/generated-sources/swagger/src/main/java + + + + + add-test-source + generate-test-sources + + add-test-source + + + + ${project.build.directory}/generated-sources/swagger/src/test/java + + + + + + + io.swagger + swagger-codegen-maven-plugin + ${swagger-codegen-maven-plugin.version} + + + sempv2-vmr-9.12 + generate-sources + + generate + + + ${project.basedir}/src/main/resources/oas/semp-v2-swagger-config.json + java + ${project.build.directory}/generated-sources/swagger + com.solace.client.sempv2 + com.solace.client.sempv2.api + com.solace.client.sempv2.model + + java8 + true + src/main/java + src/test/java + + + + + diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclProfileDeletionRequest.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclProfileDeletionRequest.java new file mode 100644 index 000000000..305d99049 --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclProfileDeletionRequest.java @@ -0,0 +1,11 @@ +package com.solace.maas.ep.common.model; + +import lombok.Builder; +import lombok.Data; + +@Data +@Builder +public class SempAclProfileDeletionRequest { + private String msgVpn; + private String aclProfileName; +} diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclPublishTopicExceptionDeletionRequest.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclPublishTopicExceptionDeletionRequest.java new file mode 100644 index 000000000..55fa76e28 --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclPublishTopicExceptionDeletionRequest.java @@ -0,0 +1,15 @@ +package com.solace.maas.ep.common.model; + +import lombok.Builder; +import lombok.Data; + +@Data +@Builder +public class SempAclPublishTopicExceptionDeletionRequest { + private String msgVpn; + private String aclProfileName; + /** + * The topic string to be deleted from the ACL exception list - may include wild cards + */ + private String publishTopic; +} diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclSubscribeTopicExceptionDeletionRequest.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclSubscribeTopicExceptionDeletionRequest.java new file mode 100644 index 000000000..4c81994bb --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAclSubscribeTopicExceptionDeletionRequest.java @@ -0,0 +1,16 @@ +package com.solace.maas.ep.common.model; + +import lombok.Builder; +import lombok.Data; + +@Data +@Builder +public class SempAclSubscribeTopicExceptionDeletionRequest { + + private String msgVpn; + private String aclProfileName; + /** + * The topic string to be deleted from the ACL exception list - may include wild cards + */ + private String subscribeTopic; +} diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempAuthorizationGroupDeletionRequest.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAuthorizationGroupDeletionRequest.java new file mode 100644 index 000000000..a7571b46d --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempAuthorizationGroupDeletionRequest.java @@ -0,0 +1,11 @@ +package com.solace.maas.ep.common.model; + +import lombok.Builder; +import lombok.Data; + +@Data +@Builder +public class SempAuthorizationGroupDeletionRequest { + private String msgVpn; + private String authorizationGroupName; +} diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempClientUsernameDeletionRequest.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempClientUsernameDeletionRequest.java new file mode 100644 index 000000000..135f3413b --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempClientUsernameDeletionRequest.java @@ -0,0 +1,12 @@ +package com.solace.maas.ep.common.model; + +import lombok.Builder; +import lombok.Data; + +@Data +@Builder +public class SempClientUsernameDeletionRequest { + + private String msgVpn; + private String clientUsername; +} diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempEntityType.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempEntityType.java new file mode 100644 index 000000000..45eb71c35 --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempEntityType.java @@ -0,0 +1,11 @@ +package com.solace.maas.ep.common.model; + +public enum SempEntityType { + solaceQueue, + solaceAclProfile, + solaceAclSubscribeTopicException, + solaceAclPublishTopicException, + solaceClientUsername, + solaceAuthorizationGroup, + solaceQueueSubscriptionTopic +} diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueDeletionRequest.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueDeletionRequest.java new file mode 100644 index 000000000..444a5a2ce --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueDeletionRequest.java @@ -0,0 +1,11 @@ +package com.solace.maas.ep.common.model; + +import lombok.Builder; +import lombok.Data; + +@Data +@Builder +public class SempQueueDeletionRequest { + private String msgVpn; + private String queueName; +} diff --git a/service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueTopicSubscriptionDeletionRequest.java b/service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueTopicSubscriptionDeletionRequest.java new file mode 100644 index 000000000..c55ebbb40 --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/common/model/SempQueueTopicSubscriptionDeletionRequest.java @@ -0,0 +1,12 @@ +package com.solace.maas.ep.common.model; + +import lombok.Builder; +import lombok.Data; + +@Builder +@Data +public class SempQueueTopicSubscriptionDeletionRequest { + private String topicName; + private String queueName; + private String msgVpn; +} diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/CommandManager.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/CommandManager.java index e277a11da..6438d1149 100644 --- a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/CommandManager.java +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/CommandManager.java @@ -2,6 +2,7 @@ import com.solace.maas.ep.common.messages.CommandMessage; import com.solace.maas.ep.event.management.agent.command.mapper.CommandMapper; +import com.solace.maas.ep.event.management.agent.command.semp.SempApiProviderImpl; import com.solace.maas.ep.event.management.agent.config.eventPortal.EventPortalProperties; import com.solace.maas.ep.event.management.agent.plugin.command.model.Command; import com.solace.maas.ep.event.management.agent.plugin.command.model.CommandBundle; @@ -11,22 +12,21 @@ import com.solace.maas.ep.event.management.agent.plugin.service.MessagingServiceDelegateService; import com.solace.maas.ep.event.management.agent.plugin.solace.processor.semp.SempClient; import com.solace.maas.ep.event.management.agent.plugin.solace.processor.semp.SolaceHttpSemp; +import com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformLogProcessingService; import com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformManager; import com.solace.maas.ep.event.management.agent.processor.CommandLogStreamingProcessor; import com.solace.maas.ep.event.management.agent.publisher.CommandPublisher; -import com.solace.maas.ep.event.management.agent.util.MdcTaskDecorator; import io.micrometer.core.instrument.MeterRegistry; import io.micrometer.core.instrument.Timer; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang.Validate; import org.slf4j.MDC; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; import org.springframework.stereotype.Service; import java.io.IOException; import java.nio.file.Files; import java.nio.file.Path; -import java.time.Instant; import java.time.OffsetDateTime; import java.time.temporal.ChronoUnit; import java.util.ArrayList; @@ -34,7 +34,6 @@ import java.util.List; import java.util.Map; import java.util.Optional; -import java.util.concurrent.CompletableFuture; import java.util.concurrent.TimeUnit; import static com.solace.maas.ep.common.metrics.ObservabilityConstants.MAAS_EMA_CONFIG_PUSH_EVENT_CYCLE_TIME; @@ -42,6 +41,9 @@ import static com.solace.maas.ep.common.metrics.ObservabilityConstants.ORG_ID_TAG; import static com.solace.maas.ep.common.metrics.ObservabilityConstants.STATUS_TAG; import static com.solace.maas.ep.event.management.agent.constants.Command.COMMAND_CORRELATION_ID; +import static com.solace.maas.ep.event.management.agent.plugin.command.model.CommandType.semp; +import static com.solace.maas.ep.event.management.agent.plugin.command.model.CommandType.terraform; +import static com.solace.maas.ep.event.management.agent.plugin.command.model.SempDeleteCommandConstants.SEMP_DELETE_OPERATION; import static com.solace.maas.ep.event.management.agent.plugin.constants.RouteConstants.ACTOR_ID; import static com.solace.maas.ep.event.management.agent.plugin.constants.RouteConstants.TRACE_ID; import static com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformUtils.LOG_LEVEL_ERROR; @@ -51,14 +53,16 @@ @Service @ConditionalOnProperty(name = "event-portal.gateway.messaging.standalone", havingValue = "false") public class CommandManager { + public static final String ERROR_EXECUTING_COMMAND = "Error executing command"; private final TerraformManager terraformManager; private final CommandMapper commandMapper; private final CommandPublisher commandPublisher; private final MessagingServiceDelegateService messagingServiceDelegateService; private final EventPortalProperties eventPortalProperties; - private final ThreadPoolTaskExecutor configPushPool; private final Optional commandLogStreamingProcessorOpt; private final MeterRegistry meterRegistry; + private final SempDeleteCommandManager sempDeleteCommandManager; + private final TerraformLogProcessingService terraformLoggingService; public CommandManager(TerraformManager terraformManager, CommandMapper commandMapper, @@ -66,110 +70,204 @@ public CommandManager(TerraformManager terraformManager, MessagingServiceDelegateService messagingServiceDelegateService, EventPortalProperties eventPortalProperties, Optional commandLogStreamingProcessorOpt, - MeterRegistry meterRegistry) { + MeterRegistry meterRegistry, + final SempDeleteCommandManager sempDeleteCommandManager, + TerraformLogProcessingService terraformLoggingService) { this.terraformManager = terraformManager; this.commandMapper = commandMapper; this.commandPublisher = commandPublisher; this.messagingServiceDelegateService = messagingServiceDelegateService; this.eventPortalProperties = eventPortalProperties; this.meterRegistry = meterRegistry; - configPushPool = new ThreadPoolTaskExecutor(); - configPushPool.setCorePoolSize(eventPortalProperties.getCommandThreadPoolMinSize()); - configPushPool.setMaxPoolSize(eventPortalProperties.getCommandThreadPoolMaxSize()); - configPushPool.setQueueCapacity(eventPortalProperties.getCommandThreadPoolQueueSize()); - configPushPool.setThreadNamePrefix("config-push-pool-"); - configPushPool.setTaskDecorator(new MdcTaskDecorator()); - configPushPool.initialize(); + this.commandLogStreamingProcessorOpt = commandLogStreamingProcessorOpt; + this.sempDeleteCommandManager = sempDeleteCommandManager; + this.terraformLoggingService = terraformLoggingService; } public void execute(CommandMessage request) { + Validate.notNull(request, "CommandRequest must not be null"); + Validate.notEmpty(request.getServiceId(), "ServiceId must not be empty"); + Validate.notEmpty(request.getCommandBundles(), "CommandBundles must not be empty"); + Validate.notEmpty(request.getCommandBundles().get(0).getCommands(), "At least one command must be present"); CommandRequest requestBO = commandMapper.map(request); - requestBO.setCreatedTime(Instant.now()); - CompletableFuture.runAsync(() -> configPush(requestBO), configPushPool) - .exceptionally(e -> { - log.error("Error running command", e); - handleError((Exception) e, requestBO); - return null; - }); + configPush(requestBO); } + /** + * Handles the error by attaching the error to the first command in the request and sends the response to EP. + * Convenience method to be used by the onFailure method of the MessageProcessor to handle the error and send the response to EP. + * + * @param e + * @param message + */ public void handleError(Exception e, CommandMessage message) { - handleError(e, commandMapper.map(message)); - } - - private void handleError(Exception e, CommandRequest requestBO) { - Command firstCommand = requestBO.getCommandBundles().get(0).getCommands().get(0); - setCommandError(firstCommand, e); + CommandRequest requestBO = commandMapper.map(message); + attachErrorLogToCommand(false, e, requestBO); finalizeAndSendResponse(requestBO); } @SuppressWarnings("PMD") - public void configPush(CommandRequest request) { - Map envVars; - try { - envVars = setBrokerSpecificEnvVars(request.getServiceId()); - } catch (Exception e) { - log.error("Error getting terraform variables", e); - handleError(e, request); - return; - } + private void configPush(CommandRequest request) { List executionLogFilesToClean = new ArrayList<>(); - + boolean attacheErrorToTerraformCommand = false; try { + // if the serviceId is not found, messagingServiceDelegateService will most likely throw an exception (which is not guaranteed + // based on the interface definition) and we need to catch it here. + // We also need to check if the client is null if there is no exception thrown + SolaceHttpSemp solaceClient = messagingServiceDelegateService.getMessagingServiceClient(request.getServiceId()); + if (solaceClient == null) { + throw new IllegalStateException("Messaging service client not found for serviceId " + request.getServiceId()); + } + Map envVars = setBrokerSpecificEnvVars(solaceClient); + + // Delete the terraform state file before running the terraform commands + // It will delete all files in the directory of this context + terraformManager.deleteTerraformState(request); + for (CommandBundle bundle : request.getCommandBundles()) { + boolean exitEarlyOnFailedCommand = bundle.getExitOnFailure(); // For now everything is run serially for (Command command : bundle.getCommands()) { - Path executionLog = executeCommand(request, command, envVars); - if (executionLog != null) { - if (commandLogStreamingProcessorOpt.isPresent()) { - streamCommandExecutionLogToEpCore(request, command, executionLog); + attacheErrorToTerraformCommand = false; + if (command.getCommandType() == semp) { + executeSempCommand(command, solaceClient); + } else if (command.getCommandType() == terraform) { + attacheErrorToTerraformCommand = true; + Path executionLog = executeTerraformCommand(request, command, envVars); + if (executionLog != null) { + if (commandLogStreamingProcessorOpt.isPresent()) { + streamCommandExecutionLogToEpCore(request, command, executionLog); + } + executionLogFilesToClean.add(executionLog); } - - executionLogFilesToClean.add(executionLog); + } else { + // attaches an error entry for the command as CommandResult + handleUnknownCommandType(command); } - if (exitEarlyOnFailedCommand(bundle, command)) { + if (exitEarlyOnFailedCommand(exitEarlyOnFailedCommand, command)) { break; } - } } - finalizeAndSendResponse(request); + } catch (Exception e) { + log.error("ConfigPush command not executed successfully", e); + attachErrorLogToCommand(attacheErrorToTerraformCommand, e, request); } finally { - // Clean up activity : delete all the execution log files + try { + finalizeAndSendResponse(request); + // the response could also be an error log entry + // if we fail to send the response to EP, we can not do anything about it + // besides logging it + } catch (Exception e) { + log.error("Error while sending response to Event Portal. ", e); + // at least we can attach the error to the first command + // this information might be used by the invoker of this method + attachErrorLogToCommand(false, e, request); + } + // cleanup handles errors by logging and swallowing them + // no need to catch them here cleanup(executionLogFilesToClean); } + } + // Attaches the error log to the first terraform command in the request to be sent back to EP although the error + // occurred during the deletion of the terraform state file and not during the terraform command execution + @SuppressWarnings("PMD") + private void attachErrorLogToCommand(boolean isTerraformRelatedError, Exception ex, CommandRequest request) { + for (CommandBundle bundle : request.getCommandBundles()) { + for (Command command : bundle.getCommands()) { + if (!isTerraformRelatedError) { + // attaches the error to the command as CommandResult + setCommandError(command, ex); + return; + } + if (command.getCommandType() == terraform) { + // casting or wrapping the exception to RuntimeException + // due to backwards compatibility of terraformLoggingService.buildTfStateFileDeletionFailureResult + RuntimeException runtimeEx; + if (ex instanceof RuntimeException) { + runtimeEx = (RuntimeException) ex; + } else { + runtimeEx = new RuntimeException(ex); + } + CommandResult errorResult = terraformLoggingService.buildTfStateFileDeletionFailureResult(runtimeEx); + command.setResult(errorResult); + return; + } + } + } + if (isTerraformRelatedError) { + log.error("No terraform command found to attach error log to"); + } else { + log.error("No command found to attach error log to"); + } + } + + private void finalizeAndSendResponse(CommandRequest request) { + request.determineStatus(); + Map topicVars = Map.of( + "orgId", eventPortalProperties.getOrganizationId(), + "runtimeAgentId", eventPortalProperties.getRuntimeAgentId(), + COMMAND_CORRELATION_ID, request.getCommandCorrelationId() + ); + CommandMessage response = new CommandMessage(request.getServiceId(), + request.getCommandCorrelationId(), + request.getContext(), + request.getStatus(), + request.getCommandBundles()); + response.setOrgId(eventPortalProperties.getOrganizationId()); + response.setTraceId(MDC.get(TRACE_ID)); + response.setActorId(MDC.get(ACTOR_ID)); + commandPublisher.sendCommandResponse(response, topicVars); + meterRegistry.counter(MAAS_EMA_CONFIG_PUSH_EVENT_SENT, ORG_ID_TAG, response.getOrgId(), + STATUS_TAG, response.getStatus().name()).increment(); + Timer jobCycleTime = Timer + .builder(MAAS_EMA_CONFIG_PUSH_EVENT_CYCLE_TIME) + .tag(ORG_ID_TAG, response.getOrgId()) + .tag(STATUS_TAG, request.getStatus().name()) + .register(meterRegistry); + jobCycleTime.record(request.getLifetime(ChronoUnit.MILLIS), TimeUnit.MILLISECONDS); } - private Path executeCommand(CommandRequest request, - Command command, - Map envVars) { + private Path executeTerraformCommand(CommandRequest request, Command command, Map envVars) { Path executionLog = null; try { - switch (command.getCommandType()) { - case terraform: - executionLog = terraformManager.execute(request, command, envVars); - break; - default: - command.setResult(CommandResult.builder() - .status(JobStatus.error) - .logs(List.of( - Map.of("message", "unknown command type " + command.getCommandType(), - "errorType", "UnknownCommandType", - "level", LOG_LEVEL_ERROR, - "timestamp", OffsetDateTime.now()))) - .build()); - break; - } + Validate.isTrue(command.getCommandType().equals(terraform), "Command type must be terraform"); + return terraformManager.execute(request, command, envVars); } catch (Exception e) { - log.error("Error executing command", e); + log.error(ERROR_EXECUTING_COMMAND, e); setCommandError(command, e); - } + } return executionLog; } + private void executeSempCommand(Command command, SolaceHttpSemp solaceClient) { + try { + Validate.isTrue(command.getCommandType().equals(semp), "Command type must be semp"); + // only delete operation is supported for now and only delete operations are sent from EP + Validate.isTrue(command.getCommand().equals(SEMP_DELETE_OPERATION), "Command operation must be delete"); + // creating a new SempApiProviderImpl instance for each command execution + // if this becomes a performance issue, we can consider caching the SempApiProviderImpl instance for each serviceId + sempDeleteCommandManager.execute(command, new SempApiProviderImpl(solaceClient)); + } catch (Exception e) { + log.error(ERROR_EXECUTING_COMMAND, e); + setCommandError(command, e); + } + } + + private void handleUnknownCommandType(Command command) { + command.setResult(CommandResult.builder() + .status(JobStatus.error) + .logs(List.of( + Map.of("message", "unknown command type " + command.getCommandType(), + "errorType", "UnknownCommandType", + "level", LOG_LEVEL_ERROR, + "timestamp", OffsetDateTime.now()))) + .build()); + } + private void cleanup(List listOfExecutionLogFiles) { try { deleteExecutionLogFiles(listOfExecutionLogFiles); @@ -212,49 +310,19 @@ public void streamCommandExecutionLogToEpCore(CommandRequest request, Command co } - private static boolean exitEarlyOnFailedCommand(CommandBundle bundle, Command command) { - return Boolean.TRUE.equals(bundle.getExitOnFailure()) + private static boolean exitEarlyOnFailedCommand(boolean existEarlyOnFailedCommand, Command command) { + return Boolean.TRUE.equals(existEarlyOnFailedCommand) && Boolean.FALSE.equals(command.getIgnoreResult()) && (command.getResult() == null || JobStatus.error.equals(command.getResult().getStatus())); } - private void finalizeAndSendResponse(CommandRequest request) { - request.determineStatus(); - Map topicVars = Map.of( - "orgId", eventPortalProperties.getOrganizationId(), - "runtimeAgentId", eventPortalProperties.getRuntimeAgentId(), - COMMAND_CORRELATION_ID, request.getCommandCorrelationId() - ); - CommandMessage response = new CommandMessage(request.getServiceId(), - request.getCommandCorrelationId(), - request.getContext(), - request.getStatus(), - request.getCommandBundles()); - response.setOrgId(eventPortalProperties.getOrganizationId()); - response.setTraceId(MDC.get(TRACE_ID)); - response.setActorId(MDC.get(ACTOR_ID)); - commandPublisher.sendCommandResponse(response, topicVars); - meterRegistry.counter(MAAS_EMA_CONFIG_PUSH_EVENT_SENT, ORG_ID_TAG, response.getOrgId(), - STATUS_TAG, response.getStatus().name()).increment(); - Timer jobCycleTime = Timer - .builder(MAAS_EMA_CONFIG_PUSH_EVENT_CYCLE_TIME) - .tag(ORG_ID_TAG, response.getOrgId()) - .tag(STATUS_TAG, request.getStatus().name()) - .register(meterRegistry); - jobCycleTime.record(request.getLifetime(ChronoUnit.MILLIS), TimeUnit.MILLISECONDS); - } - - private Map setBrokerSpecificEnvVars(String messagingServiceId) { + private Map setBrokerSpecificEnvVars(SolaceHttpSemp solaceClient) { Map envVars = new HashMap<>(); - Object client = messagingServiceDelegateService.getMessagingServiceClient(messagingServiceId); - if (client instanceof SolaceHttpSemp) { - SolaceHttpSemp solaceClient = (SolaceHttpSemp) client; - SempClient sempClient = solaceClient.getSempClient(); - envVars.put("TF_VAR_username", sempClient.getUsername()); - envVars.put("TF_VAR_password", sempClient.getPassword()); - envVars.put("TF_VAR_url", sempClient.getConnectionUrl()); - } + SempClient sempClient = solaceClient.getSempClient(); + envVars.put("TF_VAR_username", sempClient.getUsername()); + envVars.put("TF_VAR_password", sempClient.getPassword()); + envVars.put("TF_VAR_url", sempClient.getConnectionUrl()); return envVars; } diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/SempDeleteCommandManager.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/SempDeleteCommandManager.java new file mode 100644 index 000000000..46370fe6d --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/SempDeleteCommandManager.java @@ -0,0 +1,242 @@ +package com.solace.maas.ep.event.management.agent.command; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.solace.client.sempv2.ApiException; +import com.solace.client.sempv2.api.AclProfileApi; +import com.solace.client.sempv2.api.AuthorizationGroupApi; +import com.solace.client.sempv2.api.ClientUsernameApi; +import com.solace.client.sempv2.api.QueueApi; +import com.solace.maas.ep.common.model.SempAclProfileDeletionRequest; +import com.solace.maas.ep.common.model.SempAclPublishTopicExceptionDeletionRequest; +import com.solace.maas.ep.common.model.SempAclSubscribeTopicExceptionDeletionRequest; +import com.solace.maas.ep.common.model.SempAuthorizationGroupDeletionRequest; +import com.solace.maas.ep.common.model.SempClientUsernameDeletionRequest; +import com.solace.maas.ep.common.model.SempEntityType; +import com.solace.maas.ep.common.model.SempQueueDeletionRequest; +import com.solace.maas.ep.common.model.SempQueueTopicSubscriptionDeletionRequest; +import com.solace.maas.ep.event.management.agent.command.semp.SempApiProvider; +import com.solace.maas.ep.event.management.agent.plugin.command.model.Command; +import com.solace.maas.ep.event.management.agent.plugin.command.model.CommandResult; +import com.solace.maas.ep.event.management.agent.plugin.command.model.CommandType; +import com.solace.maas.ep.event.management.agent.plugin.command.model.JobStatus; +import com.solace.maas.ep.event.management.agent.plugin.command.model.SempDeleteCommandConstants; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang.Validate; +import org.springframework.stereotype.Service; + +import java.util.List; + +import static com.solace.maas.ep.event.management.agent.plugin.command.model.SempDeleteCommandConstants.SEMP_DELETE_DATA; +import static com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformUtils.setCommandError; + +@Service +@Slf4j +public class SempDeleteCommandManager { + + private final ObjectMapper objectMapper; + + public SempDeleteCommandManager(ObjectMapper objectMapper) { + this.objectMapper = objectMapper; + } + + public void execute(Command command, SempApiProvider sempApiProvider) { + try { + validate(command, sempApiProvider); + executeSempDeleteCommand(command, sempApiProvider); + command.setResult(CommandResult.builder() + .status(JobStatus.success) + .logs(List.of()) + .build()); + // not found is not an error and is already handled in handleSempApiDeleteException + // all other exceptions are considered errors and are (re)-thrown to be handled here + } catch (Exception e) { + log.error("SEMP delete command not executed successfully", e); + // SEMP APIExceptions don't expose the response body via e.getMessage() + setCommandError(command, e); + } + } + + private void executeSempDeleteCommand(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + String entityType = (String) command.getParameters().get(SempDeleteCommandConstants.SEMP_DELETE_ENTITY_TYPE); + SempEntityType deletionEntityType; + if (entityType == null) { + throw new IllegalArgumentException("Entity type of a SEMP delete command must not be null"); + } + try { + deletionEntityType = SempEntityType.valueOf(entityType); + } catch (IllegalArgumentException e) { + throw new IllegalArgumentException("Unsupported SEMP delete entity type:" + entityType); + } + switch (deletionEntityType) { + case solaceAclProfile: + executeDeleteAclProfile(command, sempApiProvider); + break; + case solaceQueue: + executeDeleteSolaceQueue(command, sempApiProvider); + break; + case solaceQueueSubscriptionTopic: + executeDeleteSolaceQueueTopicSubscription(command, sempApiProvider); + break; + case solaceClientUsername: + executeDeleteClientUsername(command, sempApiProvider); + break; + case solaceAuthorizationGroup: + executeDeleteAuthorizationGroup(command, sempApiProvider); + break; + case solaceAclSubscribeTopicException: + executeDeleteAclSubscribeTopicException(command, sempApiProvider); + break; + case solaceAclPublishTopicException: + executeDeleteAclPublishTopicException(command, sempApiProvider); + break; + default: + throw new UnsupportedOperationException("Unsupported entity type for deletion: " + deletionEntityType); + } + } + + // Suppressing PMD of unused entityName + // This is because we are not logging the entityName for security reasons now + // We might adapt that in the future to log the entityName based on logging level and properties file + @SuppressWarnings("PMD") + private void handleSempApiDeleteException(ApiException e, String entityType, String entityName) throws ApiException { + // If the entity does not exist, we don't want to consider it an error + // This is because of the edge case of dangling entities from previous deployment that did not get finalized + // SEMP does not report a 404 for entities that do not exist, so we have to check the response body + // NOT_FOUND is the string that SEMP returns within the response JSON, when an entity does not exist + if (e.getCode() == 400 && e.getResponseBody().contains("NOT_FOUND")) { + // we don't want to log the content of the response body, as it may contain sensitive information + // we only log the entity type. The entity name is also considered sensitive information and is not logged + log.info("SEMP delete: tried to delete {} which did not exist (anymore)", entityType); + } else { + throw e; + } + } + + private void executeDeleteAclProfile(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + AclProfileApi aclProfileApi = sempApiProvider.getAclProfileApi(); + SempAclProfileDeletionRequest request = objectMapper.readValue( + objectMapper.writeValueAsString(command.getParameters().get(SEMP_DELETE_DATA)), + SempAclProfileDeletionRequest.class); + Validate.notEmpty(request.getMsgVpn(), "Msg VPN must not be empty"); + Validate.notEmpty(request.getAclProfileName(), "ACL profile name must not be empty"); + + log.info("SEMP delete: Deleting ACL profile"); + try { + aclProfileApi.deleteMsgVpnAclProfile(request.getMsgVpn(), request.getAclProfileName()); + } catch (ApiException e) { + handleSempApiDeleteException(e, "ACL profile", request.getAclProfileName()); + } + } + + private void executeDeleteAclPublishTopicException(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + AclProfileApi aclProfileApi = sempApiProvider.getAclProfileApi(); + SempAclPublishTopicExceptionDeletionRequest request = objectMapper.readValue( + objectMapper.writeValueAsString(command.getParameters().get(SEMP_DELETE_DATA)), + SempAclPublishTopicExceptionDeletionRequest.class); + + Validate.notEmpty(request.getMsgVpn(), "Msg VPN must not be empty"); + Validate.notEmpty(request.getAclProfileName(), "ACL profile name must not be empty"); + Validate.notEmpty(request.getPublishTopic(), "Publish topic must not be empty"); + log.info("SEMP delete: Deleting ACL publish topic exception"); + try { + aclProfileApi.deleteMsgVpnAclProfilePublishTopicException(request.getMsgVpn(), request.getAclProfileName(), "smf", request.getPublishTopic()); + } catch (ApiException e) { + handleSempApiDeleteException(e, "ACL publish topic exception", request.getPublishTopic()); + } + } + + private void executeDeleteAclSubscribeTopicException(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + AclProfileApi aclProfileApi = sempApiProvider.getAclProfileApi(); + SempAclSubscribeTopicExceptionDeletionRequest request = objectMapper.readValue( + objectMapper.writeValueAsString(command.getParameters().get(SEMP_DELETE_DATA)), + SempAclSubscribeTopicExceptionDeletionRequest.class); + + Validate.notEmpty(request.getMsgVpn(), "Msg VPN must not be empty"); + Validate.notEmpty(request.getAclProfileName(), "ACL profile name must not be empty"); + Validate.notEmpty(request.getSubscribeTopic(), "Subscribe topic must not be empty"); + + log.info("SEMP delete: Deleting ACL subscribe topic exception"); + try { + aclProfileApi.deleteMsgVpnAclProfileSubscribeTopicException(request.getMsgVpn(), request.getAclProfileName(), "smf", request.getSubscribeTopic()); + } catch (ApiException e) { + handleSempApiDeleteException(e, "ACL subscribe topic exception", request.getSubscribeTopic()); + } + } + + private void executeDeleteAuthorizationGroup(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + AuthorizationGroupApi authorizationGroupApi = sempApiProvider.getAuthorizationGroupApi(); + SempAuthorizationGroupDeletionRequest request = objectMapper.readValue( + objectMapper.writeValueAsString(command.getParameters().get(SEMP_DELETE_DATA)), + SempAuthorizationGroupDeletionRequest.class); + + Validate.notEmpty(request.getMsgVpn(), "Msg VPN must not be empty"); + Validate.notEmpty(request.getAuthorizationGroupName(), "Authorization group name must not be empty"); + + log.info("SEMP delete: Deleting authorization group"); + try { + authorizationGroupApi.deleteMsgVpnAuthorizationGroup(request.getMsgVpn(), request.getAuthorizationGroupName()); + } catch (ApiException e) { + handleSempApiDeleteException(e, "Authorization group", request.getAuthorizationGroupName()); + } + } + + private void executeDeleteClientUsername(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + ClientUsernameApi clientUsernameApi = sempApiProvider.getClientUsernameApi(); + SempClientUsernameDeletionRequest request = objectMapper.readValue( + objectMapper.writeValueAsString(command.getParameters().get(SEMP_DELETE_DATA)), + SempClientUsernameDeletionRequest.class); + + Validate.notEmpty(request.getMsgVpn(), "Msg VPN must not be empty"); + Validate.notEmpty(request.getClientUsername(), "Client username must not be empty"); + log.info("SEMP delete: Deleting client username"); + try { + clientUsernameApi.deleteMsgVpnClientUsername(request.getMsgVpn(), request.getClientUsername()); + } catch (ApiException e) { + handleSempApiDeleteException(e, "Client username", request.getClientUsername()); + } + } + + private void executeDeleteSolaceQueue(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + QueueApi queueApi = sempApiProvider.getQueueApi(); + SempQueueDeletionRequest request = objectMapper.readValue( + objectMapper.writeValueAsString(command.getParameters().get(SEMP_DELETE_DATA)), + SempQueueDeletionRequest.class); + Validate.notEmpty(request.getMsgVpn(), "Msg VPN must not be empty"); + Validate.notEmpty(request.getQueueName(), "Queue name must not be empty"); + log.info("SEMP delete: Deleting queue"); + try { + queueApi.deleteMsgVpnQueue(request.getMsgVpn(), request.getQueueName()); + } catch (ApiException e) { + handleSempApiDeleteException(e, "Queue", request.getQueueName()); + } + } + + private void executeDeleteSolaceQueueTopicSubscription(Command command, SempApiProvider sempApiProvider) throws ApiException, JsonProcessingException { + QueueApi queueApi = sempApiProvider.getQueueApi(); + SempQueueTopicSubscriptionDeletionRequest request = objectMapper.readValue( + objectMapper.writeValueAsString(command.getParameters().get(SEMP_DELETE_DATA)), + SempQueueTopicSubscriptionDeletionRequest.class); + Validate.notEmpty(request.getMsgVpn(), "Msg VPN must not be empty"); + Validate.notEmpty(request.getQueueName(), "Queue name must not be empty"); + Validate.notEmpty(request.getTopicName(), "Topic name must not be empty"); + log.info("SEMP delete: Deleting queue subscription"); + try { + queueApi.deleteMsgVpnQueueSubscription(request.getMsgVpn(), request.getQueueName(), request.getTopicName()); + } catch (ApiException e) { + handleSempApiDeleteException(e, "Subscription", request.getTopicName()); + } + } + + + private static void validate(Command command, SempApiProvider sempApiProvider) { + Validate.isTrue(command.getCommandType().equals(CommandType.semp), "Command type must be semp"); + Validate.notNull(sempApiProvider, "SempApiProvider must not be null"); + Validate.notEmpty(command.getParameters(), "Command parameters must not be empty"); + Validate.notNull(command.getParameters().get(SempDeleteCommandConstants.SEMP_DELETE_ENTITY_TYPE), "Semp delete request must be against a specific " + + "semp entity type"); + + } + + +} diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProvider.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProvider.java new file mode 100644 index 000000000..9fc53ad83 --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProvider.java @@ -0,0 +1,15 @@ +package com.solace.maas.ep.event.management.agent.command.semp; + +import com.solace.client.sempv2.api.AclProfileApi; +import com.solace.client.sempv2.api.AuthorizationGroupApi; +import com.solace.client.sempv2.api.ClientUsernameApi; +import com.solace.client.sempv2.api.QueueApi; + +public interface SempApiProvider { + + AclProfileApi getAclProfileApi(); + AuthorizationGroupApi getAuthorizationGroupApi(); + ClientUsernameApi getClientUsernameApi(); + QueueApi getQueueApi(); + +} diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProviderImpl.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProviderImpl.java new file mode 100644 index 000000000..f60e32a95 --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/command/semp/SempApiProviderImpl.java @@ -0,0 +1,65 @@ +package com.solace.maas.ep.event.management.agent.command.semp; + +import com.solace.client.sempv2.ApiClient; +import com.solace.client.sempv2.api.AclProfileApi; +import com.solace.client.sempv2.api.AuthorizationGroupApi; +import com.solace.client.sempv2.api.ClientUsernameApi; +import com.solace.client.sempv2.api.QueueApi; +import com.solace.maas.ep.event.management.agent.plugin.solace.processor.semp.SempClient; +import com.solace.maas.ep.event.management.agent.plugin.solace.processor.semp.SolaceHttpSemp; + +@SuppressWarnings("PMD") +public class SempApiProviderImpl implements SempApiProvider { + + private final ApiClient apiClient; + private AclProfileApi aclProfileApi; + private AuthorizationGroupApi authorizationGroupApi; + private ClientUsernameApi clientUsernameApi; + private QueueApi queueApi; + + + public SempApiProviderImpl(SolaceHttpSemp solaceClient ) { + this.apiClient = setupApiClient(solaceClient); + } + + @Override + public AclProfileApi getAclProfileApi() { + if (aclProfileApi == null) { + aclProfileApi = new AclProfileApi(apiClient); + } + return aclProfileApi; + } + + @Override + public AuthorizationGroupApi getAuthorizationGroupApi() { + if (authorizationGroupApi == null) { + authorizationGroupApi = new AuthorizationGroupApi(apiClient); + } + return authorizationGroupApi; + } + + @Override + public ClientUsernameApi getClientUsernameApi() { + if (clientUsernameApi == null) { + clientUsernameApi = new ClientUsernameApi(apiClient); + } + return clientUsernameApi; + } + + @Override + public QueueApi getQueueApi() { + if (queueApi == null) { + queueApi = new QueueApi(apiClient); + } + return queueApi; + } + + private ApiClient setupApiClient(SolaceHttpSemp solaceClient) { + SempClient sempClient = solaceClient.getSempClient(); + ApiClient apiClient = new ApiClient(); + apiClient.setBasePath(sempClient.getConnectionUrl() + "/SEMP/v2/config"); + apiClient.setUsername(sempClient.getUsername()); + apiClient.setPassword(sempClient.getPassword()); + return apiClient; + } +} diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/EmaRestartSimulatingPersistentMessageHandlerObserver.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/EmaRestartSimulatingPersistentMessageHandlerObserver.java new file mode 100644 index 000000000..c593b8502 --- /dev/null +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/EmaRestartSimulatingPersistentMessageHandlerObserver.java @@ -0,0 +1,29 @@ +package com.solace.maas.ep.event.management.agent.subscriber; + +import com.solace.messaging.receiver.InboundMessage; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +/** + * This class simulates a restart of the EMA by returning false when the phase changes to PRE_ACKNOWLEDGED + */ +@Setter +@Slf4j +public class EmaRestartSimulatingPersistentMessageHandlerObserver implements SolacePersistentMessageHandlerObserver { + + private boolean restartSimulated; + + @Override + public boolean onPhaseChange(InboundMessage message, PersistentMessageHandlerObserverPhase phase) { + if (!restartSimulated) { + return true; + } + if (phase == PersistentMessageHandlerObserverPhase.PRE_PROCESSOR_EXECUTION || phase == PersistentMessageHandlerObserverPhase.PRE_ACKNOWLEDGED) { + log.info("PRE_PROCESSOR_EXECUTION | PRE_ACKNOWLEDGED - stopping processing of message to simulate a restart of the EMA"); + // Simulate a restart of the EMA by returning false + return false; + } + return true; + } + +} \ No newline at end of file diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerObserverPhase.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerObserverPhase.java index 28eb3a9fd..7ce421eb7 100644 --- a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerObserverPhase.java +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerObserverPhase.java @@ -1,9 +1,18 @@ package com.solace.maas.ep.event.management.agent.subscriber; public enum PersistentMessageHandlerObserverPhase { + //msg received from broker RECEIVED, - INITIATED, - COMPLETED, + // msg dispatched + PROCESSING_INITIATED, + // msg processor to be executed + PRE_PROCESSOR_EXECUTION, + // msg processor executed + PROCESSOR_COMPLETED, + // msg to be acknowledged + PRE_ACKNOWLEDGED, + // msg acknowledged ACKNOWLEDGED, + // msg processing failed (either in handler or processor FAILED } diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandler.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandler.java index 83b9e9aa4..504d5d794 100644 --- a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandler.java +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandler.java @@ -30,6 +30,8 @@ @ConditionalOnExpression("${event-portal.gateway.messaging.standalone:true}== false && ${event-portal.managed:false} == true") public class SolacePersistentMessageHandler extends BaseSolaceMessageHandler implements MessageReceiver.MessageHandler, ApplicationListener { + + private final Map cachedJSONDecoders = new HashMap(); private final Map messageProcessorsByClassType; @@ -63,10 +65,11 @@ protected SolacePersistentMessageHandler(MessagingService messagingService, } - private void notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase phase, InboundMessage inboundMessage) { + private boolean notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase phase, InboundMessage inboundMessage) { if (messageHandlerObserver != null) { - messageHandlerObserver.onPhaseChange(inboundMessage, phase); + return messageHandlerObserver.onPhaseChange(inboundMessage, phase); } + return true; } @Override @@ -77,7 +80,7 @@ public void onMessage(InboundMessage inboundMessage) { private void processMessage(InboundMessage inboundMessage) { - notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.INITIATED,inboundMessage); + notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.PROCESSING_INITIATED,inboundMessage); String mopMessageSubclass = ""; MessageProcessor processor = null; Object message = null; @@ -92,13 +95,19 @@ private void processMessage(InboundMessage inboundMessage) { setupMDC(messageAsString, messageClass.getSimpleName()); log.trace("onMessage: {}\n{}", messageClass, messageAsString); message = toMessage(messageAsString, messageClass); - processor.processMessage(processor.castToMessageClass(message)); - notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.COMPLETED,inboundMessage); + // for testing purposes, we want to be able to stop processing the message and simulate a restart of the EMA + if (notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.PRE_PROCESSOR_EXECUTION,inboundMessage)) { + processor.processMessage(processor.castToMessageClass(message)); + notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.PROCESSOR_COMPLETED,inboundMessage); + } } catch (Exception e) { handleProcessingError(mopMessageSubclass, processor, message, e); notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.FAILED,inboundMessage); } finally { - acknowledgeMessage(inboundMessage); + // for testing purposes, we want to be able to stop processing the message and simulate a failure leading to not acknowledging the message + if (notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.PRE_ACKNOWLEDGED,inboundMessage)) { + acknowledgeMessage(inboundMessage); + } notifyPersistentMessageHandlerObserver(PersistentMessageHandlerObserverPhase.ACKNOWLEDGED,inboundMessage); } } diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandlerObserver.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandlerObserver.java index 80ab07e0b..b64d9d25a 100644 --- a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandlerObserver.java +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolacePersistentMessageHandlerObserver.java @@ -6,10 +6,18 @@ * The SolacePersistentMessageHandlerObserver interface defines methods to observe * the lifecycle of messages handled by a Solace message handler. Implementers can * use this interface to react to various stages of message processing. - * Primary use case is for testing purposes. - */ + * Primary use case is for testing purposes.
+ * + * */ public interface SolacePersistentMessageHandlerObserver { - void onPhaseChange(InboundMessage message, PersistentMessageHandlerObserverPhase phase); + /** + * This method is called when the phase of the message processing changes.
+ * Return false to stop processing the message - this is only useful for testing purposes.
+ * @param message + * @param phase + * @return true, if SolacePersistentMessageHandler should continue processing the message, false otherwise. + */ + boolean onPhaseChange(InboundMessage message, PersistentMessageHandlerObserverPhase phase); } diff --git a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolaceSubscriber.java b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolaceSubscriber.java index 9953e4435..a590c9455 100644 --- a/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolaceSubscriber.java +++ b/service/application/src/main/java/com/solace/maas/ep/event/management/agent/subscriber/SolaceSubscriber.java @@ -25,6 +25,7 @@ public void registerMessageHandler(SolaceDirectMessageHandler solaceMessageHandl .build() .start(); + // handler will be called when a message is received in sequence directMessageReceiver.receiveAsync(solaceMessageHandler); log.debug("Registered message handler for topic {}", solaceMessageHandler.getTopicString()); } diff --git a/service/application/src/main/resources/oas/semp-v2-swagger-config.json b/service/application/src/main/resources/oas/semp-v2-swagger-config.json new file mode 100644 index 000000000..1240abd1a --- /dev/null +++ b/service/application/src/main/resources/oas/semp-v2-swagger-config.json @@ -0,0 +1,37479 @@ +{ + "basePath": "/SEMP/v2/config", + "consumes": [ + "application/json" + ], + "definitions": { + "About": { + "properties": {}, + "type": "object" + }, + "AboutApi": { + "properties": { + "platform": { + "description": "The platform running the SEMP API.", + "type": "string" + }, + "sempVersion": { + "description": "The version of the SEMP API.", + "type": "string" + } + }, + "type": "object" + }, + "AboutApiLinks": { + "properties": { + "uri": { + "description": "The URI of this API Description object.", + "type": "string" + } + }, + "type": "object" + }, + "AboutApiResponse": { + "properties": { + "data": { + "$ref": "#/definitions/AboutApi" + }, + "links": { + "$ref": "#/definitions/AboutApiLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "AboutLinks": { + "properties": { + "apiUri": { + "description": "The URI of this About's API Description object. Available since 2.2.", + "type": "string" + }, + "uri": { + "description": "The URI of this About object.", + "type": "string" + }, + "userUri": { + "description": "The URI of this About's User object. Available since 2.2.", + "type": "string" + } + }, + "type": "object" + }, + "AboutResponse": { + "properties": { + "data": { + "$ref": "#/definitions/About" + }, + "links": { + "$ref": "#/definitions/AboutLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "AboutUser": { + "properties": { + "globalAccessLevel": { + "description": "The global access level of the User. The allowed values and their meaning are:\n\n
\n\"admin\" - Full administrative access.\n\"none\" - No access.\n\"read-only\" - Read only access.\n\"read-write\" - Read and write access.\n
\n", + "enum": [ + "admin", + "none", + "read-only", + "read-write" + ], + "type": "string" + }, + "sessionActive": { + "description": "Indicates whether a session is active for this request. Available since 2.24.", + "type": "boolean" + }, + "sessionCreateTime": { + "description": "The timestamp of when the session was created. This attribute may not be returned in a GET. This value represents the number of seconds since 1970-01-01 00:00:00 UTC (Unix time). Available since 2.21.", + "format": "int32", + "type": "integer" + }, + "sessionCurrentTime": { + "description": "The current server timestamp. This is provided as a reference point for the other timestamps provided. This attribute may not be returned in a GET. This value represents the number of seconds since 1970-01-01 00:00:00 UTC (Unix time). Available since 2.21.", + "format": "int32", + "type": "integer" + }, + "sessionHardExpiryTime": { + "description": "The hard expiry time for the session. After this time the session will be invalid, regardless of activity. This attribute may not be returned in a GET. This value represents the number of seconds since 1970-01-01 00:00:00 UTC (Unix time). Available since 2.21.", + "format": "int32", + "type": "integer" + }, + "sessionId": { + "description": "An identifier for the session to differentiate this session from other sessions for the same user. This value is not guaranteed to be unique between active sessions for different users. This attribute may not be returned in a GET. Available since 2.21.", + "type": "string" + }, + "sessionIdleExpiryTime": { + "description": "The session idle expiry time. After this time the session will be invalid if there has been no activity. This attribute may not be returned in a GET. This value represents the number of seconds since 1970-01-01 00:00:00 UTC (Unix time). Available since 2.21.", + "format": "int32", + "type": "integer" + }, + "username": { + "description": "The username of the User. Available since 2.21.", + "type": "string" + } + }, + "type": "object" + }, + "AboutUserLinks": { + "properties": { + "msgVpnsUri": { + "description": "The URI of this User's collection of User Message VPN objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this User object.", + "type": "string" + } + }, + "type": "object" + }, + "AboutUserMsgVpn": { + "properties": { + "accessLevel": { + "description": "The Message VPN access level of the User. The allowed values and their meaning are:\n\n
\n\"none\" - No access.\n\"read-only\" - Read only access.\n\"read-write\" - Read and write access.\n
\n", + "enum": [ + "none", + "read-only", + "read-write" + ], + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + } + }, + "type": "object" + }, + "AboutUserMsgVpnLinks": { + "properties": { + "uri": { + "description": "The URI of this User Message VPN object.", + "type": "string" + } + }, + "type": "object" + }, + "AboutUserMsgVpnResponse": { + "properties": { + "data": { + "$ref": "#/definitions/AboutUserMsgVpn" + }, + "links": { + "$ref": "#/definitions/AboutUserMsgVpnLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "AboutUserMsgVpnsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/AboutUserMsgVpn" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/AboutUserMsgVpnLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "AboutUserResponse": { + "properties": { + "data": { + "$ref": "#/definitions/AboutUser" + }, + "links": { + "$ref": "#/definitions/AboutUserLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "Broker": { + "properties": { + "authBruteForceProtectionEnabled": { + "description": "Enable or disable protection against brute force password guessing attacks on local management accounts. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.40.", + "type": "boolean" + }, + "authClientCertRevocationCheckMode": { + "description": "The client certificate revocation checking mode used when a client authenticates with a client certificate. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - Do not perform any certificate revocation checking.\n\"ocsp\" - Use the Open Certificate Status Protcol (OCSP) for certificate revocation checking.\n\"crl\" - Use Certificate Revocation Lists (CRL) for certificate revocation checking.\n\"ocsp-crl\" - Use OCSP first, but if OCSP fails to return an unambiguous result, then check via CRL.\n
\n", + "enum": [ + "none", + "ocsp", + "crl", + "ocsp-crl" + ], + "type": "string" + }, + "configSyncAuthenticationClientCertMaxChainDepth": { + "description": "The maximum depth for a client certificate chain. The depth of a chain is defined as the number of signing CA certificates that are present in the chain back to a trusted self-signed root CA certificate. The default value is `3`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "configSyncAuthenticationClientCertValidateDateEnabled": { + "description": "Enable or disable validation of the \"Not Before\" and \"Not After\" validity dates in the authentication certificate(s). The default value is `true`. Available since 2.22.", + "type": "boolean" + }, + "configSyncClientProfileTcpInitialCongestionWindow": { + "description": "The TCP initial congestion window size for Config Sync clients, in multiples of the TCP Maximum Segment Size (MSS). Changing the value from its default of 2 results in non-compliance with RFC 2581. Contact support before changing this value. The default value is `2`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "configSyncClientProfileTcpKeepaliveCount": { + "description": "The number of TCP keepalive retransmissions to a client using the Client Profile before declaring that it is not available. The default value is `5`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "configSyncClientProfileTcpKeepaliveIdle": { + "description": "The amount of time a client connection using the Client Profile must remain idle before TCP begins sending keepalive probes, in seconds. The default value is `3`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "configSyncClientProfileTcpKeepaliveInterval": { + "description": "The amount of time between TCP keepalive retransmissions to a client using the Client Profile when no acknowledgment is received, in seconds. The default value is `1`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "configSyncClientProfileTcpMaxWindow": { + "description": "The TCP maximum window size for clients using the Client Profile, in kilobytes. Changes are applied to all existing connections. This setting is ignored on the software broker. The default value is `256`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "configSyncClientProfileTcpMss": { + "description": "The TCP maximum segment size for clients using the Client Profile, in bytes. Changes are applied to all existing connections. The default value is `1460`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "configSyncEnabled": { + "description": "Enable or disable configuration synchronization for High Availability or Disaster Recovery. The default value is `false`. Available since 2.22.", + "type": "boolean" + }, + "configSyncSynchronizeUsernameEnabled": { + "description": "Enable or disable the synchronizing of usernames within High Availability groups. The transition from not synchronizing to synchronizing will cause the High Availability mate to fall out of sync. Recommendation: leave this as enabled. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`. Available since 2.22.", + "type": "boolean" + }, + "configSyncTlsEnabled": { + "description": "Enable or disable the use of TLS encryption of the configuration synchronization communications between brokers in High Availability groups and/or Disaster Recovery sites. The default value is `false`. Available since 2.22.", + "type": "boolean" + }, + "guaranteedMsgingDefragmentationScheduleDayList": { + "description": "The days of the week to schedule defragmentation runs, specified as \"daily\" or as a comma-separated list of days. Days must be specified as \"Sun\", \"Mon\", \"Tue\", \"Wed\", \"Thu\", \"Fri, or \"Sat\", with no spaces, and in sorted order from Sunday to Saturday. Please note \"Sun,Mon,Tue,Wed,Thu,Fri,Sat\" is not allowed, use \"daily\" instead. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"daily\"`. Available since 2.25.", + "type": "string" + }, + "guaranteedMsgingDefragmentationScheduleEnabled": { + "description": "Enable or disable schedule-based defragmentation of Guaranteed Messaging spool files. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.25.", + "type": "boolean" + }, + "guaranteedMsgingDefragmentationScheduleTimeList": { + "description": "The times of the day to schedule defragmentation runs, specified as \"hourly\" or as a comma-separated list of 24-hour times in the form hh:mm, or h:mm. There must be no spaces, and times (up to 4) must be in sorted order from 0:00 to 23:59. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"0:00\"`. Available since 2.25.", + "type": "string" + }, + "guaranteedMsgingDefragmentationThresholdEnabled": { + "description": "Enable or disable threshold-based defragmentation of Guaranteed Messaging spool files. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.25.", + "type": "boolean" + }, + "guaranteedMsgingDefragmentationThresholdFragmentationPercentage": { + "description": "Percentage of spool fragmentation needed to trigger defragmentation run. The minimum value allowed is 30%. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `50`. Available since 2.25.", + "format": "int64", + "type": "integer" + }, + "guaranteedMsgingDefragmentationThresholdMinInterval": { + "description": "Minimum interval of time (in minutes) between defragmentation runs triggered by thresholds. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `15`. Available since 2.25.", + "format": "int64", + "type": "integer" + }, + "guaranteedMsgingDefragmentationThresholdUsagePercentage": { + "description": "Percentage of spool usage needed to trigger defragmentation run. The minimum value allowed is 30%. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `50`. Available since 2.25.", + "format": "int64", + "type": "integer" + }, + "guaranteedMsgingEnabled": { + "description": "Enable or disable Guaranteed Messaging. The default value is `false`. Available since 2.18.", + "type": "boolean" + }, + "guaranteedMsgingEventCacheUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "guaranteedMsgingEventDeliveredUnackedThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "guaranteedMsgingEventDiskUsageThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "guaranteedMsgingEventEgressFlowCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "guaranteedMsgingEventEndpointCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "guaranteedMsgingEventIngressFlowCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "guaranteedMsgingEventMsgCountThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "guaranteedMsgingEventMsgSpoolFileCountThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "guaranteedMsgingEventMsgSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "guaranteedMsgingEventTransactedSessionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "guaranteedMsgingEventTransactedSessionResourceCountThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "guaranteedMsgingEventTransactionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "guaranteedMsgingMaxCacheUsage": { + "description": "Guaranteed messaging cache usage limit. Expressed as a maximum percentage of the NAB's egress queueing. resources that the guaranteed message cache is allowed to use. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `10`. Available since 2.18.", + "format": "int32", + "type": "integer" + }, + "guaranteedMsgingMaxMsgSpoolUsage": { + "description": "The maximum total message spool usage allowed across all VPNs on this broker, in megabytes. Recommendation: the maximum value should be less than 90% of the disk space allocated for the guaranteed message spool. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1500`. Available since 2.18.", + "format": "int64", + "type": "integer" + }, + "guaranteedMsgingMsgSpoolSyncMirroredMsgAckTimeout": { + "description": "The maximum time, in milliseconds, that can be tolerated for remote acknowledgment of synchronization messages before which the remote system will be considered out of sync. The default value is `10000`. Available since 2.18.", + "format": "int64", + "type": "integer" + }, + "guaranteedMsgingMsgSpoolSyncMirroredSpoolFileAckTimeout": { + "description": "The maximum time, in milliseconds, that can be tolerated for remote disk writes before which the remote system will be considered out of sync. The default value is `10000`. Available since 2.18.", + "format": "int64", + "type": "integer" + }, + "guaranteedMsgingTransactionReplicationCompatibilityMode": { + "description": "The replication compatibility mode for the broker. The default value is `\"legacy\"`. The allowed values and their meaning are:\"legacy\" - All transactions originated by clients are replicated to the standby site without using transactions.\"transacted\" - All transactions originated by clients are replicated to the standby site using transactions. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"legacy\"`. The allowed values and their meaning are:\n\n
\n\"legacy\" - All transactions originated by clients are replicated to the standby site without using transactions.\n\"transacted\" - All transactions originated by clients are replicated to the standby site using transactions.\n
\n Available since 2.18.", + "enum": [ + "legacy", + "transacted" + ], + "type": "string" + }, + "oauthProfileDefault": { + "description": "The default OAuth profile for OAuth authenticated SEMP requests. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`. Available since 2.24.", + "type": "string" + }, + "serviceAmqpEnabled": { + "description": "Enable or disable the AMQP service. When disabled new AMQP Clients may not connect through the global or per-VPN AMQP listen-ports, and all currently connected AMQP Clients are immediately disconnected. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.17.", + "type": "boolean" + }, + "serviceAmqpTlsListenPort": { + "description": "TCP port number that AMQP clients can use to connect to the broker using raw TCP over TLS. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceAmqpEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceEventConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "serviceHealthCheckEnabled": { + "description": "Enable or disable the plain-text health-check service. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.17.", + "type": "boolean" + }, + "serviceHealthCheckListenPort": { + "description": "The port number for the plain-text health-check service. The port must be unique across the message backbone. The health-check service must be disabled to change the port. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceHealthCheckEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `5550`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceHealthCheckTlsEnabled": { + "description": "Enable or disable the TLS health-check service. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.34.", + "type": "boolean" + }, + "serviceHealthCheckTlsListenPort": { + "description": "The port number for the TLS health-check service. The port must be unique across the message backbone. The health-check service must be disabled to change the port. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceHealthCheckTlsEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`. Available since 2.34.", + "format": "int64", + "type": "integer" + }, + "serviceMateLinkEnabled": { + "description": "Enable or disable the mate-link service. The default value is `true`. Available since 2.17.", + "type": "boolean" + }, + "serviceMateLinkListenPort": { + "description": "The port number for the mate-link service. The port must be unique across the message backbone. The mate-link service must be disabled to change the port. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceMateLinkEnabled will be temporarily set to false to apply the change. The default value is `8741`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceMqttEnabled": { + "description": "Enable or disable the MQTT service. When disabled new MQTT Clients may not connect through the per-VPN MQTT listen-ports, and all currently connected MQTT Clients are immediately disconnected. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.17.", + "type": "boolean" + }, + "serviceMsgBackboneEnabled": { + "description": "Enable or disable the msg-backbone service. When disabled new Clients may not connect through global or per-VPN listen-ports, and all currently connected Clients are immediately disconnected. The default value is `true`. Available since 2.17.", + "type": "boolean" + }, + "serviceRedundancyEnabled": { + "description": "Enable or disable the redundancy service. The default value is `true`. Available since 2.17.", + "type": "boolean" + }, + "serviceRedundancyFirstListenPort": { + "description": "The first listen-port used for the redundancy service. Redundancy uses this port and the subsequent 2 ports. These port must be unique across the message backbone. The redundancy service must be disabled to change this port. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceRedundancyEnabled will be temporarily set to false to apply the change. The default value is `8300`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceRestEventOutgoingConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "serviceRestIncomingEnabled": { + "description": "Enable or disable the REST service incoming connections on the broker. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.17.", + "type": "boolean" + }, + "serviceRestOutgoingEnabled": { + "description": "Enable or disable the REST service outgoing connections on the broker. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.17.", + "type": "boolean" + }, + "serviceSempCorsAllowAnyHostEnabled": { + "description": "Enable or disable cross origin resource requests for the SEMP service. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`. Available since 2.24.", + "type": "boolean" + }, + "serviceSempLegacyTimeoutEnabled": { + "description": "Enable or disable extended SEMP timeouts for paged responses. When a request times out, it returns the current page of content, even if the page is not full. When enabled, the timeout is 60 seconds. When disabled, the timeout is 5 seconds. The recommended setting is disabled (no legacy-timeout). This parameter is intended as a temporary workaround to be used until SEMP clients can handle short pages. This setting will be removed in a future release. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.18.", + "type": "boolean" + }, + "serviceSempPlainTextEnabled": { + "description": "Enable or disable plain-text SEMP service. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`. Available since 2.17.", + "type": "boolean" + }, + "serviceSempPlainTextListenPort": { + "description": "The TCP port for plain-text SEMP client connections. This attribute cannot be cannot be changed while serviceSempPlainTextEnabled are set to true. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `80`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceSempSessionIdleTimeout": { + "description": "The session idle timeout, in minutes. Sessions will be invalidated if there is no activity in this period of time. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `15`. Available since 2.21.", + "format": "int32", + "type": "integer" + }, + "serviceSempSessionMaxLifetime": { + "description": "The maximum lifetime of a session, in minutes. Sessions will be invalidated after this period of time, regardless of activity. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `43200`. Available since 2.21.", + "format": "int32", + "type": "integer" + }, + "serviceSempTlsEnabled": { + "description": "Enable or disable TLS SEMP service. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`. Available since 2.17.", + "type": "boolean" + }, + "serviceSempTlsListenPort": { + "description": "The TCP port for TLS SEMP client connections. This attribute cannot be cannot be changed while serviceSempTlsEnabled are set to true. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1943`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceSmfCompressionListenPort": { + "description": "TCP port number that SMF clients can use to connect to the broker using raw compression TCP. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceSmfEnabled will be temporarily set to false to apply the change. The default value is `55003`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceSmfEnabled": { + "description": "Enable or disable the SMF service. When disabled new SMF Clients may not connect through the global listen-ports, and all currently connected SMF Clients are immediately disconnected. The default value is `true`. Available since 2.17.", + "type": "boolean" + }, + "serviceSmfEventConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "serviceSmfPlainTextListenPort": { + "description": "TCP port number that SMF clients can use to connect to the broker using raw TCP. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceSmfEnabled will be temporarily set to false to apply the change. The default value is `55555`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceSmfRoutingControlListenPort": { + "description": "TCP port number that SMF clients can use to connect to the broker using raw routing control TCP. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceSmfEnabled will be temporarily set to false to apply the change. The default value is `55556`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceSmfTlsListenPort": { + "description": "TCP port number that SMF clients can use to connect to the broker using raw TCP over TLS. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceSmfEnabled will be temporarily set to false to apply the change. The default value is `55443`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceTlsEventConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "serviceWebTransportEnabled": { + "description": "Enable or disable the web-transport service. When disabled new web-transport Clients may not connect through the global listen-ports, and all currently connected web-transport Clients are immediately disconnected. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.17.", + "type": "boolean" + }, + "serviceWebTransportPlainTextListenPort": { + "description": "The TCP port for plain-text WEB client connections. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceWebTransportEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `8008`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceWebTransportTlsListenPort": { + "description": "The TCP port for TLS WEB client connections. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceWebTransportEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1443`. Available since 2.17.", + "format": "int64", + "type": "integer" + }, + "serviceWebTransportWebUrlSuffix": { + "description": "Used to specify the Web URL suffix that will be used by Web clients when communicating with the broker. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceWebTransportEnabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.17.", + "type": "string" + }, + "tlsBlockVersion11Enabled": { + "description": "Enable or disable the blocking of TLS version 1.1 connections. When blocked, all existing incoming and outgoing TLS 1.1 connections with Clients, SEMP users, and LDAP servers remain connected while new connections are blocked. Note that support for TLS 1.1 will eventually be discontinued, at which time TLS 1.1 connections will be blocked regardless of this setting. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "tlsCipherSuiteManagementList": { + "description": "The colon-separated list of cipher suites used for TLS management connections (e.g. SEMP, LDAP). The value \"default\" implies all supported suites ordered from most secure to least secure. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "tlsCipherSuiteMsgBackboneList": { + "description": "The colon-separated list of cipher suites used for TLS data connections (e.g. client pub/sub). The value \"default\" implies all supported suites ordered from most secure to least secure. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "tlsCipherSuiteSecureShellList": { + "description": "The colon-separated list of cipher suites used for TLS secure shell connections (e.g. SSH, SFTP, SCP). The value \"default\" implies all supported suites ordered from most secure to least secure. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "tlsCrimeExploitProtectionEnabled": { + "description": "Enable or disable protection against the CRIME exploit. When enabled, TLS+compressed messaging performance is degraded. This protection should only be disabled if sufficient ACL and authentication features are being employed such that a potential attacker does not have sufficient access to trigger the exploit. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "tlsServerCertContent": { + "description": "The PEM formatted content for the server certificate used for TLS connections. It must consist of a private key and between one and three certificates comprising the certificate trust chain. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. The default value is `\"\"`.", + "type": "string" + }, + "tlsServerCertPassword": { + "description": "The password for the server certificate used for TLS connections. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. The default value is `\"\"`.", + "type": "string" + }, + "tlsStandardDomainCertificateAuthoritiesEnabled": { + "description": "Enable or disable the standard domain certificate authority list. The default value is `true`. Available since 2.19.", + "type": "boolean" + }, + "tlsTicketLifetime": { + "description": "The TLS ticket lifetime in seconds. When a client connects with TLS, a session with a session ticket is created using the TLS ticket lifetime which determines how long the client has to resume the session. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `86400`.", + "format": "int32", + "type": "integer" + }, + "webManagerAllowUnencryptedWizardsEnabled": { + "description": "Enable or disable the use of unencrypted wizards in the Web-based Manager UI. This setting should be left at its default on all production systems or other systems that need to be secure. Enabling this option will permit the broker to forward plain-text data to other brokers, making important information or credentials available for snooping. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Available since 2.28.", + "type": "boolean" + }, + "webManagerCustomization": { + "description": "Reserved for internal use by Solace. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`. Available since 2.25.", + "type": "string" + }, + "webManagerRedirectHttpEnabled": { + "description": "Enable or disable redirection of HTTP requests for the broker manager to HTTPS. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`. Available since 2.24.", + "type": "boolean" + }, + "webManagerRedirectHttpOverrideTlsPort": { + "description": "The HTTPS port that HTTP requests will be redirected towards in a HTTP 301 redirect response. Zero is a special value that means use the value specified for the SEMP TLS port value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`. Available since 2.24.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "BrokerLinks": { + "properties": { + "aboutUri": { + "description": "The URI of this Broker's About object.", + "type": "string" + }, + "certAuthoritiesUri": { + "description": "The URI of this Broker's collection of Certificate Authority objects. Deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "string" + }, + "clientCertAuthoritiesUri": { + "description": "The URI of this Broker's collection of Client Certificate Authority objects. Available since 2.19.", + "type": "string" + }, + "dmrClustersUri": { + "description": "The URI of this Broker's collection of Cluster objects. Available since 2.11.", + "type": "string" + }, + "domainCertAuthoritiesUri": { + "description": "The URI of this Broker's collection of Domain Certificate Authority objects. Available since 2.19.", + "type": "string" + }, + "msgVpnsUri": { + "description": "The URI of this Broker's collection of Message VPN objects. Available since 2.0.", + "type": "string" + }, + "oauthProfilesUri": { + "description": "The URI of this Broker's collection of OAuth Profile objects. Available since 2.24.", + "type": "string" + }, + "proxiesUri": { + "description": "The URI of this Broker's collection of Proxy objects. Available since 2.41.", + "type": "string" + }, + "systemInformationUri": { + "description": "The URI of this Broker's System Information object. Deprecated since 2.2. /systemInformation was replaced by /about/api.", + "type": "string" + }, + "uri": { + "description": "The URI of this Broker object.", + "type": "string" + }, + "virtualHostnamesUri": { + "description": "The URI of this Broker's collection of Virtual Hostname objects. Available since 2.17.", + "type": "string" + } + }, + "type": "object" + }, + "BrokerResponse": { + "properties": { + "data": { + "$ref": "#/definitions/Broker" + }, + "links": { + "$ref": "#/definitions/BrokerLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "CertAuthoritiesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/CertAuthority" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/CertAuthorityLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "CertAuthority": { + "properties": { + "certAuthorityName": { + "description": "The name of the Certificate Authority. Deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "string" + }, + "certContent": { + "description": "The PEM formatted content for the trusted root certificate of a Certificate Authority. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "string" + }, + "crlDayList": { + "description": "The scheduled CRL refresh day(s), specified as \"daily\" or a comma-separated list of days. Days must be specified as \"Sun\", \"Mon\", \"Tue\", \"Wed\", \"Thu\", \"Fri\", or \"Sat\", with no spaces, and in sorted order from Sunday to Saturday. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"daily\"`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "string" + }, + "crlTimeList": { + "description": "The scheduled CRL refresh time(s), specified as \"hourly\" or a comma-separated list of 24-hour times in the form hh:mm, or h:mm. There must be no spaces, and times must be in sorted order from 0:00 to 23:59. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"3:00\"`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "string" + }, + "crlUrl": { + "description": "The URL for the CRL source. This is a required attribute for CRL to be operational and the URL must be complete with http:// included. IPv6 addresses must be enclosed in square-brackets. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as revocationCheckEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "string" + }, + "ocspNonResponderCertEnabled": { + "description": "Enable or disable allowing a non-responder certificate to sign an OCSP response. Typically used with an OCSP override URL in cases where a single certificate is used to sign client certificates and OCSP responses. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "boolean" + }, + "ocspOverrideUrl": { + "description": "The OCSP responder URL to use for overriding the one supplied in the client certificate. The URL must be complete with http:// included. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "string" + }, + "ocspTimeout": { + "description": "The timeout in seconds to receive a response from the OCSP responder after sending a request or making the initial connection attempt. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `5`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "format": "int64", + "type": "integer" + }, + "revocationCheckEnabled": { + "description": "Enable or disable Certificate Authority revocation checking. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Deprecated since 2.19. certAuthorities replaced by clientCertAuthorities and domainCertAuthorities.", + "type": "boolean" + } + }, + "type": "object" + }, + "CertAuthorityLinks": { + "properties": { + "ocspTlsTrustedCommonNamesUri": { + "description": "The URI of this Certificate Authority's collection of OCSP Responder Trusted Common Name objects. Deprecated since 2.19. Replaced by clientCertAuthorities.", + "type": "string" + }, + "uri": { + "description": "The URI of this Certificate Authority object.", + "type": "string" + } + }, + "type": "object" + }, + "CertAuthorityOcspTlsTrustedCommonName": { + "properties": { + "certAuthorityName": { + "description": "The name of the Certificate Authority. Deprecated since 2.19. Replaced by clientCertAuthorities.", + "type": "string" + }, + "ocspTlsTrustedCommonName": { + "description": "The expected Trusted Common Name of the OCSP responder remote certificate. Deprecated since 2.19. Replaced by clientCertAuthorities.", + "type": "string" + } + }, + "type": "object" + }, + "CertAuthorityOcspTlsTrustedCommonNameLinks": { + "properties": { + "uri": { + "description": "The URI of this OCSP Responder Trusted Common Name object.", + "type": "string" + } + }, + "type": "object" + }, + "CertAuthorityOcspTlsTrustedCommonNameResponse": { + "properties": { + "data": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonName" + }, + "links": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonNameLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "CertAuthorityOcspTlsTrustedCommonNamesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonName" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonNameLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "CertAuthorityResponse": { + "properties": { + "data": { + "$ref": "#/definitions/CertAuthority" + }, + "links": { + "$ref": "#/definitions/CertAuthorityLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "ClientCertAuthoritiesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/ClientCertAuthority" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/ClientCertAuthorityLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "ClientCertAuthority": { + "properties": { + "certAuthorityName": { + "description": "The name of the Certificate Authority.", + "type": "string" + }, + "certContent": { + "description": "The PEM formatted content for the trusted root certificate of a client Certificate Authority. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "crlDayList": { + "description": "The scheduled CRL refresh day(s), specified as \"daily\" or a comma-separated list of days. Days must be specified as \"Sun\", \"Mon\", \"Tue\", \"Wed\", \"Thu\", \"Fri\", or \"Sat\", with no spaces, and in sorted order from Sunday to Saturday. The empty-string (\"\") can also be specified, indicating no schedule is configured (\"crlTimeList\" must also be configured to the empty-string). Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"daily\"`.", + "type": "string" + }, + "crlTimeList": { + "description": "The scheduled CRL refresh time(s), specified as \"hourly\" or a comma-separated list of 24-hour times in the form hh:mm, or h:mm. There must be no spaces, and times (up to 4) must be in sorted order from 0:00 to 23:59. The empty-string (\"\") can also be specified, indicating no schedule is configured (\"crlDayList\" must also be configured to the empty-string). Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"3:00\"`.", + "type": "string" + }, + "crlUrl": { + "description": "The URL for the CRL source. This is a required attribute for CRL to be operational and the URL must be complete with http:// included. IPv6 addresses must be enclosed in square-brackets. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as revocationCheckEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "ocspNonResponderCertEnabled": { + "description": "Enable or disable allowing a non-responder certificate to sign an OCSP response. Typically used with an OCSP override URL in cases where a single certificate is used to sign client certificates and OCSP responses. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "ocspOverrideUrl": { + "description": "The OCSP responder URL to use for overriding the one supplied in the client certificate. The URL must be complete with http:// included. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "ocspTimeout": { + "description": "The timeout in seconds to receive a response from the OCSP responder after sending a request or making the initial connection attempt. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `5`.", + "format": "int64", + "type": "integer" + }, + "revocationCheckEnabled": { + "description": "Enable or disable Certificate Authority revocation checking. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "ClientCertAuthorityLinks": { + "properties": { + "ocspTlsTrustedCommonNamesUri": { + "description": "The URI of this Client Certificate Authority's collection of OCSP Responder Trusted Common Name objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Client Certificate Authority object.", + "type": "string" + } + }, + "type": "object" + }, + "ClientCertAuthorityOcspTlsTrustedCommonName": { + "properties": { + "certAuthorityName": { + "description": "The name of the Certificate Authority.", + "type": "string" + }, + "ocspTlsTrustedCommonName": { + "description": "The expected Trusted Common Name of the OCSP responder remote certificate.", + "type": "string" + } + }, + "type": "object" + }, + "ClientCertAuthorityOcspTlsTrustedCommonNameLinks": { + "properties": { + "uri": { + "description": "The URI of this OCSP Responder Trusted Common Name object.", + "type": "string" + } + }, + "type": "object" + }, + "ClientCertAuthorityOcspTlsTrustedCommonNameResponse": { + "properties": { + "data": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonName" + }, + "links": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonNameLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "ClientCertAuthorityOcspTlsTrustedCommonNamesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonName" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonNameLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "ClientCertAuthorityResponse": { + "properties": { + "data": { + "$ref": "#/definitions/ClientCertAuthority" + }, + "links": { + "$ref": "#/definitions/ClientCertAuthorityLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrCluster": { + "properties": { + "authenticationBasicEnabled": { + "description": "Enable or disable basic authentication for Cluster Links. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "authenticationBasicPassword": { + "description": "The password used to authenticate incoming Cluster Links when using basic internal authentication. The same password is also used by outgoing Cluster Links if a per-Link password is not configured. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationBasicType": { + "description": "The type of basic authentication to use for Cluster Links. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"internal\"`. The allowed values and their meaning are:\n\n
\n\"internal\" - Use locally configured password.\n\"none\" - No authentication.\n
\n", + "enum": [ + "internal", + "none" + ], + "type": "string" + }, + "authenticationClientCertContent": { + "description": "The PEM formatted content for the client certificate used to login to the remote node. It must consist of a private key and between one and three certificates comprising the certificate trust chain. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`.", + "type": "string" + }, + "authenticationClientCertEnabled": { + "description": "Enable or disable client certificate authentication for Cluster Links. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "authenticationClientCertPassword": { + "description": "The password for the client certificate. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`.", + "type": "string" + }, + "directOnlyEnabled": { + "description": "Enable or disable direct messaging only. Guaranteed messages will not be transmitted through the cluster. The default value is `false`.", + "type": "boolean" + }, + "dmrClusterName": { + "description": "The name of the Cluster.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Cluster. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "nodeName": { + "description": "The name of this node in the Cluster. This is the name that this broker (or redundant group of brokers) is know by to other nodes in the Cluster. The name is chosen automatically to be either this broker's Router Name or Mate Router Name, depending on which Active Standby Role (primary or backup) this broker plays in its redundancy group.", + "type": "string" + }, + "tlsServerCertEnforceTrustedCommonNameEnabled": { + "description": "Enable or disable the enforcing of the common name provided by the remote broker against the list of trusted common names configured for the Link. If enabled, the certificate's common name must match one of the trusted common names for the Link to be accepted. Common Name validation is not performed if Server Certificate Name Validation is enabled, even if Common Name validation is enabled. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "boolean" + }, + "tlsServerCertMaxChainDepth": { + "description": "The maximum allowed depth of a certificate chain. The depth of a chain is defined as the number of signing CA certificates that are present in the chain back to a trusted self-signed root CA certificate. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "tlsServerCertValidateDateEnabled": { + "description": "Enable or disable the validation of the \"Not Before\" and \"Not After\" validity dates in the certificate. When disabled, the certificate is accepted even if the certificate is not valid based on these dates. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "tlsServerCertValidateNameEnabled": { + "description": "Enable or disable the standard TLS authentication mechanism of verifying the name used to connect to the bridge. If enabled, the name used to connect to the bridge is checked against the names specified in the certificate returned by the remote broker. Legacy Common Name validation is not performed if Server Certificate Name Validation is enabled, even if Common Name validation is also enabled. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`. Available since 2.18.", + "type": "boolean" + } + }, + "type": "object" + }, + "DmrClusterCertMatchingRule": { + "properties": { + "dmrClusterName": { + "description": "The name of the Cluster.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable a certificate matching rule. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "ruleName": { + "description": "The name of the rule.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterCertMatchingRuleAttributeFilter": { + "properties": { + "attributeName": { + "description": "Link Attribute to be tested. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "attributeValue": { + "description": "Expected attribute value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "dmrClusterName": { + "description": "The name of the Cluster.", + "type": "string" + }, + "filterName": { + "description": "The name of the filter.", + "type": "string" + }, + "ruleName": { + "description": "The name of the rule.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterCertMatchingRuleAttributeFilterLinks": { + "properties": { + "uri": { + "description": "The URI of this Certificate Matching Rule Attribute Filter object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterCertMatchingRuleAttributeFilterResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilter" + }, + "links": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilterLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterCertMatchingRuleAttributeFiltersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilter" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilterLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterCertMatchingRuleCondition": { + "properties": { + "attribute": { + "description": "Link Attribute to be compared with certificate content. Either an attribute or an expression must be provided on creation, but not both. The default value is `\"\"`.", + "type": "string" + }, + "dmrClusterName": { + "description": "The name of the Cluster.", + "type": "string" + }, + "expression": { + "description": "Glob expression to be matched with certificate content. Either an expression or an attribute must be provided on creation, but not both. The default value is `\"\"`.", + "type": "string" + }, + "ruleName": { + "description": "The name of the rule.", + "type": "string" + }, + "source": { + "description": "Certificate field to be compared with the Attribute. The allowed values and their meaning are:\n\n
\n\"certificate-thumbprint\" - The attribute is computed as the SHA-1 hash over the entire DER-encoded contents of the client certificate.\n\"common-name\" - The attribute is extracted from the certificate's first instance of the Common Name attribute in the Subject DN.\n\"common-name-last\" - The attribute is extracted from the certificate's last instance of the Common Name attribute in the Subject DN.\n\"subject-alternate-name-msupn\" - The attribute is extracted from the certificate's Other Name type of the Subject Alternative Name and must have the msUPN signature.\n\"uid\" - The attribute is extracted from the certificate's first instance of the User Identifier attribute in the Subject DN.\n\"uid-last\" - The attribute is extracted from the certificate's last instance of the User Identifier attribute in the Subject DN.\n\"org-unit\" - The attribute is extracted from the certificate's first instance of the Org Unit attribute in the Subject DN.\n\"org-unit-last\" - The attribute is extracted from the certificate's last instance of the Org Unit attribute in the Subject DN.\n\"issuer\" - The attribute is extracted from the certificate's Issuer DN.\n\"subject\" - The attribute is extracted from the certificate's Subject DN.\n\"serial-number\" - The attribute is extracted from the certificate's Serial Number.\n\"dns-name\" - The attribute is extracted from the certificate's Subject Alt Name DNS Name.\n\"ip-address\" - The attribute is extracted from the certificate's Subject Alt Name IP Address.\n
\n", + "enum": [ + "certificate-thumbprint", + "common-name", + "common-name-last", + "subject-alternate-name-msupn", + "uid", + "uid-last", + "org-unit", + "org-unit-last", + "issuer", + "subject", + "serial-number", + "dns-name", + "ip-address" + ], + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterCertMatchingRuleConditionLinks": { + "properties": { + "uri": { + "description": "The URI of this Certificate Matching Rule Condition object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterCertMatchingRuleConditionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleCondition" + }, + "links": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleConditionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterCertMatchingRuleConditionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleCondition" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleConditionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterCertMatchingRuleLinks": { + "properties": { + "attributeFiltersUri": { + "description": "The URI of this Certificate Matching Rule's collection of Certificate Matching Rule Attribute Filter objects.", + "type": "string" + }, + "conditionsUri": { + "description": "The URI of this Certificate Matching Rule's collection of Certificate Matching Rule Condition objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Certificate Matching Rule object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterCertMatchingRuleResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrClusterCertMatchingRule" + }, + "links": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterCertMatchingRulesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrClusterCertMatchingRule" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLink": { + "properties": { + "authenticationBasicPassword": { + "description": "The password used to authenticate with the remote node when using basic internal authentication. If this per-Link password is not configured, the Cluster's password is used instead. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationScheme": { + "description": "The authentication scheme to be used by the Link which initiates connections to the remote node. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"basic\"`. The allowed values and their meaning are:\n\n
\n\"basic\" - Basic Authentication Scheme (via username and password).\n\"client-certificate\" - Client Certificate Authentication Scheme (via certificate file or content).\n
\n", + "enum": [ + "basic", + "client-certificate" + ], + "type": "string" + }, + "clientProfileQueueControl1MaxDepth": { + "description": "The maximum depth of the \"Control 1\" (C-1) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueControl1MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Control 1\" (C-1) priority queue, regardless of the `clientProfileQueueControl1MaxDepth` value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueDirect1MaxDepth": { + "description": "The maximum depth of the \"Direct 1\" (D-1) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueDirect1MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Direct 1\" (D-1) priority queue, regardless of the `clientProfileQueueDirect1MaxDepth` value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueDirect2MaxDepth": { + "description": "The maximum depth of the \"Direct 2\" (D-2) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueDirect2MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Direct 2\" (D-2) priority queue, regardless of the `clientProfileQueueDirect2MaxDepth` value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueDirect3MaxDepth": { + "description": "The maximum depth of the \"Direct 3\" (D-3) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueDirect3MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Direct 3\" (D-3) priority queue, regardless of the `clientProfileQueueDirect3MaxDepth` value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueGuaranteed1MaxDepth": { + "description": "The maximum depth of the \"Guaranteed 1\" (G-1) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "clientProfileQueueGuaranteed1MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Guaranteed 1\" (G-1) priority queue, regardless of the `clientProfileQueueGuaranteed1MaxDepth` value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `255`.", + "format": "int32", + "type": "integer" + }, + "clientProfileTcpCongestionWindowSize": { + "description": "The TCP initial congestion window size, in multiples of the TCP Maximum Segment Size (MSS). Changing the value from its default of 2 results in non-compliance with RFC 2581. Contact support before changing this value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `2`.", + "format": "int64", + "type": "integer" + }, + "clientProfileTcpKeepaliveCount": { + "description": "The number of TCP keepalive retransmissions to be carried out before declaring that the remote end is not available. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `5`.", + "format": "int64", + "type": "integer" + }, + "clientProfileTcpKeepaliveIdleTime": { + "description": "The amount of time a connection must remain idle before TCP begins sending keepalive probes, in seconds. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "clientProfileTcpKeepaliveInterval": { + "description": "The amount of time between TCP keepalive retransmissions when no acknowledgment is received, in seconds. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1`.", + "format": "int64", + "type": "integer" + }, + "clientProfileTcpMaxSegmentSize": { + "description": "The TCP maximum segment size, in bytes. Changes are applied to all existing connections. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1460`.", + "format": "int64", + "type": "integer" + }, + "clientProfileTcpMaxWindowSize": { + "description": "The TCP maximum window size, in kilobytes. Changes are applied to all existing connections. This setting is ignored on the software broker. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `256`.", + "format": "int64", + "type": "integer" + }, + "connectionRetryCount": { + "description": "The number of retry attempts to establish a connection before moving on to the next remote Message VPN. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`. Available since 2.41.", + "format": "int64", + "type": "integer" + }, + "connectionRetryDelay": { + "description": "The number of seconds the broker waits for the bridge connection to be established before attempting a new connection. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `3`. Available since 2.41.", + "format": "int64", + "type": "integer" + }, + "dmrClusterName": { + "description": "The name of the Cluster.", + "type": "string" + }, + "egressFlowWindowSize": { + "description": "The number of outstanding guaranteed messages that can be sent over the Link before acknowledgment is received by the sender. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `255`.", + "format": "int64", + "type": "integer" + }, + "enabled": { + "description": "Enable or disable the Link. When disabled, subscription sets of this and the remote node are not kept up-to-date, and messages are not exchanged with the remote node. Published guaranteed messages will be queued up for future delivery based on current subscription sets. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "initiator": { + "description": "The initiator of the Link's TCP connections. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"lexical\"`. The allowed values and their meaning are:\n\n
\n\"lexical\" - The \"higher\" node-name initiates.\n\"local\" - The local node initiates.\n\"remote\" - The remote node initiates.\n
\n", + "enum": [ + "lexical", + "local", + "remote" + ], + "type": "string" + }, + "queueDeadMsgQueue": { + "description": "The name of the Dead Message Queue (DMQ) used by the Queue for discarded messages. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"#DEAD_MSG_QUEUE\"`.", + "type": "string" + }, + "queueEventSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "queueMaxDeliveredUnackedMsgsPerFlow": { + "description": "The maximum number of messages delivered but not acknowledged per flow for the Queue. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1000000`.", + "format": "int64", + "type": "integer" + }, + "queueMaxMsgSpoolUsage": { + "description": "The maximum message spool usage by the Queue (quota), in megabytes (MB). Changes to this attribute are synchronized to HA mates via config-sync. The default value is `800000`.", + "format": "int64", + "type": "integer" + }, + "queueMaxRedeliveryCount": { + "description": "The maximum number of times the Queue will attempt redelivery of a message prior to it being discarded or moved to the DMQ. A value of 0 means to retry forever. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "queueMaxTtl": { + "description": "The maximum time in seconds a message can stay in the Queue when `queueRespectTtlEnabled` is `true`. A message expires when the lesser of the sender assigned time-to-live (TTL) in the message and the `queueMaxTtl` configured for the Queue, is exceeded. A value of 0 disables expiry. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "queueRejectMsgToSenderOnDiscardBehavior": { + "description": "Determines when to return negative acknowledgments (NACKs) to sending clients on message discards. Note that NACKs cause the message to not be delivered to any destination and Transacted Session commits to fail. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"always\"`. The allowed values and their meaning are:\n\n
\n\"never\" - Silently discard messages.\n\"when-queue-enabled\" - NACK each message discard back to the client, except messages that are discarded because an endpoint is administratively disabled.\n\"always\" - NACK each message discard back to the client, including messages that are discarded because an endpoint is administratively disabled.\n
\n", + "enum": [ + "never", + "when-queue-enabled", + "always" + ], + "type": "string" + }, + "queueRespectTtlEnabled": { + "description": "Enable or disable the respecting of the time-to-live (TTL) for messages in the Queue. When enabled, expired messages are discarded or moved to the DMQ. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "remoteNodeName": { + "description": "The name of the node at the remote end of the Link.", + "type": "string" + }, + "span": { + "description": "The span of the Link, either internal or external. Internal Links connect nodes within the same Cluster. External Links connect nodes within different Clusters. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"external\"`. The allowed values and their meaning are:\n\n
\n\"internal\" - Link to same cluster.\n\"external\" - Link to other cluster.\n
\n", + "enum": [ + "internal", + "external" + ], + "type": "string" + }, + "transportCompressedEnabled": { + "description": "Enable or disable compression on the Link. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "transportTlsEnabled": { + "description": "Enable or disable encryption (TLS) on the Link. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "DmrClusterLinkAttribute": { + "properties": { + "attributeName": { + "description": "The name of the Attribute.", + "type": "string" + }, + "attributeValue": { + "description": "The value of the Attribute.", + "type": "string" + }, + "dmrClusterName": { + "description": "The name of the Cluster.", + "type": "string" + }, + "remoteNodeName": { + "description": "The name of the node at the remote end of the Link.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinkAttributeLinks": { + "properties": { + "uri": { + "description": "The URI of this Link Attribute object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinkAttributeResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrClusterLinkAttribute" + }, + "links": { + "$ref": "#/definitions/DmrClusterLinkAttributeLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLinkAttributesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrClusterLinkAttribute" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterLinkAttributeLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLinkLinks": { + "properties": { + "attributesUri": { + "description": "The URI of this Link's collection of Link Attribute objects. Available since 2.28.", + "type": "string" + }, + "remoteAddressesUri": { + "description": "The URI of this Link's collection of Remote Address objects.", + "type": "string" + }, + "tlsTrustedCommonNamesUri": { + "description": "The URI of this Link's collection of Trusted Common Name objects. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "uri": { + "description": "The URI of this Link object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinkRemoteAddress": { + "properties": { + "dmrClusterName": { + "description": "The name of the Cluster.", + "type": "string" + }, + "remoteAddress": { + "description": "The FQDN or IP address (and optional port) of the remote node. If a port is not provided, it will vary based on the transport encoding: 55555 (plain-text), 55443 (encrypted), or 55003 (compressed).", + "type": "string" + }, + "remoteNodeName": { + "description": "The name of the node at the remote end of the Link.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinkRemoteAddressLinks": { + "properties": { + "uri": { + "description": "The URI of this Remote Address object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinkRemoteAddressResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddress" + }, + "links": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddressLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLinkRemoteAddressesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddress" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddressLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLinkResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrClusterLink" + }, + "links": { + "$ref": "#/definitions/DmrClusterLinkLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLinkTlsTrustedCommonName": { + "properties": { + "dmrClusterName": { + "description": "The name of the Cluster. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "remoteNodeName": { + "description": "The name of the node at the remote end of the Link. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "tlsTrustedCommonName": { + "description": "The expected trusted common name of the remote certificate. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinkTlsTrustedCommonNameLinks": { + "properties": { + "uri": { + "description": "The URI of this Trusted Common Name object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinkTlsTrustedCommonNameResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonName" + }, + "links": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonNameLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLinkTlsTrustedCommonNamesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonName" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonNameLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterLinks": { + "properties": { + "certMatchingRulesUri": { + "description": "The URI of this Cluster's collection of Certificate Matching Rule objects. Available since 2.28.", + "type": "string" + }, + "linksUri": { + "description": "The URI of this Cluster's collection of Link objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Cluster object.", + "type": "string" + } + }, + "type": "object" + }, + "DmrClusterLinksResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrClusterLink" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterLinkLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClusterResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DmrCluster" + }, + "links": { + "$ref": "#/definitions/DmrClusterLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DmrClustersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DmrCluster" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DmrClusterLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DomainCertAuthoritiesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/DomainCertAuthority" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/DomainCertAuthorityLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "DomainCertAuthority": { + "properties": { + "certAuthorityName": { + "description": "The name of the Certificate Authority.", + "type": "string" + }, + "certContent": { + "description": "The PEM formatted content for the trusted root certificate of a domain Certificate Authority. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + } + }, + "type": "object" + }, + "DomainCertAuthorityLinks": { + "properties": { + "uri": { + "description": "The URI of this Domain Certificate Authority object.", + "type": "string" + } + }, + "type": "object" + }, + "DomainCertAuthorityResponse": { + "properties": { + "data": { + "$ref": "#/definitions/DomainCertAuthority" + }, + "links": { + "$ref": "#/definitions/DomainCertAuthorityLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "EventThreshold": { + "properties": { + "clearPercent": { + "description": "The clear threshold for the value of this counter as a percentage of its maximum value. Falling below this value will trigger a corresponding event. This attribute may not be returned in a GET.", + "format": "int64", + "type": "integer" + }, + "clearValue": { + "description": "The clear threshold for the absolute value of this counter. Falling below this value will trigger a corresponding event. This attribute may not be returned in a GET.", + "format": "int64", + "type": "integer" + }, + "setPercent": { + "description": "The set threshold for the value of this counter as a percentage of its maximum value. Exceeding this value will trigger a corresponding event. This attribute may not be returned in a GET.", + "format": "int64", + "type": "integer" + }, + "setValue": { + "description": "The set threshold for the absolute value of this counter. Exceeding this value will trigger a corresponding event. This attribute may not be returned in a GET.", + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "EventThresholdByPercent": { + "properties": { + "clearPercent": { + "description": "The clear threshold for the value of this counter as a percentage of its maximum value. Falling below this value will trigger a corresponding event.", + "format": "int64", + "type": "integer" + }, + "setPercent": { + "description": "The set threshold for the value of this counter as a percentage of its maximum value. Exceeding this value will trigger a corresponding event.", + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "EventThresholdByValue": { + "properties": { + "clearValue": { + "description": "The clear threshold for the absolute value of this counter or rate. Falling below this value will trigger a corresponding event.", + "format": "int64", + "type": "integer" + }, + "setValue": { + "description": "The set threshold for the absolute value of this counter or rate. Exceeding this value will trigger a corresponding event.", + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "MsgVpn": { + "properties": { + "alias": { + "description": "The name of another Message VPN which this Message VPN is an alias for. When this Message VPN is enabled, the alias has no effect. When this Message VPN is disabled, Clients (but not Bridges and routing Links) logging into this Message VPN are automatically logged in to the other Message VPN, and authentication and authorization take place in the context of the other Message VPN.\n\nAliases may form a non-circular chain, cascading one to the next.\n\nChanges to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.14.", + "type": "string" + }, + "authenticationBasicEnabled": { + "description": "Enable or disable basic authentication for clients connecting to the Message VPN. Basic authentication is authentication that involves the use of a username and password to prove identity. If a user provides credentials for a different authentication scheme, this setting is not applicable. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "authenticationBasicProfileName": { + "description": "The name of the RADIUS or LDAP Profile to use for basic authentication. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "authenticationBasicRadiusDomain": { + "description": "The RADIUS domain to use for basic authentication. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationBasicType": { + "description": "The type of basic authentication to use for clients connecting to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"radius\"`. The allowed values and their meaning are:\n\n
\n\"internal\" - Internal database. Authentication is against Client Usernames.\n\"ldap\" - LDAP authentication. An LDAP profile name must be provided.\n\"radius\" - RADIUS authentication. A RADIUS profile name must be provided.\n\"none\" - No authentication. Anonymous login allowed.\n
\n", + "enum": [ + "internal", + "ldap", + "radius", + "none" + ], + "type": "string" + }, + "authenticationClientCertAllowApiProvidedUsernameEnabled": { + "description": "Enable or disable allowing an incoming client connection to specify a Client Username via the API connect method. When disabled, the certificate CN (Common Name) is always used. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "authenticationClientCertCertificateMatchingRulesEnabled": { + "description": "Enable or disable certificate matching rules. When disabled, any valid certificate is accepted. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.27.", + "type": "boolean" + }, + "authenticationClientCertEnabled": { + "description": "Enable or disable client certificate authentication for clients connecting to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "authenticationClientCertMaxChainDepth": { + "description": "The maximum depth for a client certificate chain. The depth of a chain is defined as the number of signing CA certificates that are present in the chain back to a trusted self-signed root CA certificate. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "authenticationClientCertRevocationCheckMode": { + "description": "The desired behavior for client certificate revocation checking. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"allow-valid\"`. The allowed values and their meaning are:\n\n
\n\"allow-all\" - Allow the client to authenticate, the result of client certificate revocation check is ignored.\n\"allow-unknown\" - Allow the client to authenticate even if the revocation status of his certificate cannot be determined.\n\"allow-valid\" - Allow the client to authenticate only when the revocation check returned an explicit positive response.\n
\n Available since 2.6.", + "enum": [ + "allow-all", + "allow-unknown", + "allow-valid" + ], + "type": "string" + }, + "authenticationClientCertUsernameSource": { + "description": "The field from the client certificate to use as the client username. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"common-name\"`. The allowed values and their meaning are:\n\n
\n\"certificate-thumbprint\" - The username is computed as the SHA-1 hash over the entire DER-encoded contents of the client certificate.\n\"common-name\" - The username is extracted from the certificate's first instance of the Common Name attribute in the Subject DN.\n\"common-name-last\" - The username is extracted from the certificate's last instance of the Common Name attribute in the Subject DN.\n\"subject-alternate-name-msupn\" - The username is extracted from the certificate's Other Name type of the Subject Alternative Name and must have the msUPN signature.\n\"uid\" - The username is extracted from the certificate's first instance of the User Identifier attribute in the Subject DN.\n\"uid-last\" - The username is extracted from the certificate's last instance of the User Identifier attribute in the Subject DN.\n
\n Available since 2.6.", + "enum": [ + "certificate-thumbprint", + "common-name", + "common-name-last", + "subject-alternate-name-msupn", + "uid", + "uid-last" + ], + "type": "string" + }, + "authenticationClientCertValidateDateEnabled": { + "description": "Enable or disable validation of the \"Not Before\" and \"Not After\" validity dates in the client certificate. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "authenticationKerberosAllowApiProvidedUsernameEnabled": { + "description": "Enable or disable allowing an incoming client connection to specify a Client Username via the API connect method. When disabled, the Kerberos Principal name is always used. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "authenticationKerberosEnabled": { + "description": "Enable or disable Kerberos authentication for clients connecting to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "authenticationOauthDefaultProfileName": { + "description": "The name of the profile to use when the client does not supply a profile name. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.25.", + "type": "string" + }, + "authenticationOauthDefaultProviderName": { + "description": "The name of the provider to use when the client does not supply a provider name. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.25. authenticationOauthDefaultProviderName and authenticationOauthProviders replaced by authenticationOauthDefaultProfileName and authenticationOauthProfiles.", + "type": "string" + }, + "authenticationOauthEnabled": { + "description": "Enable or disable OAuth authentication for clients connecting to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.13.", + "type": "boolean" + }, + "authorizationLdapGroupMembershipAttributeName": { + "description": "The name of the attribute that is retrieved from the LDAP server as part of the LDAP search when authorizing a client connecting to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"memberOf\"`.", + "type": "string" + }, + "authorizationLdapTrimClientUsernameDomainEnabled": { + "description": "Enable or disable client-username domain trimming for LDAP lookups of client connections. When enabled, the value of $CLIENT_USERNAME (when used for searching) will be truncated at the first occurrence of the @ character. For example, if the client-username is in the form of an email address, then the domain portion will be removed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.13.", + "type": "boolean" + }, + "authorizationProfileName": { + "description": "The name of the LDAP Profile to use for client authorization. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authorizationType": { + "description": "The type of authorization to use for clients connecting to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"internal\"`. The allowed values and their meaning are:\n\n
\n\"ldap\" - LDAP authorization.\n\"internal\" - Internal authorization.\n
\n", + "enum": [ + "ldap", + "internal" + ], + "type": "string" + }, + "bridgingTlsServerCertEnforceTrustedCommonNameEnabled": { + "description": "Enable or disable validation of the Common Name (CN) in the server certificate from the remote broker. If enabled, the Common Name is checked against the list of Trusted Common Names configured for the Bridge. Common Name validation is not performed if Server Certificate Name Validation is enabled, even if Common Name validation is enabled. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "boolean" + }, + "bridgingTlsServerCertMaxChainDepth": { + "description": "The maximum depth for a server certificate chain. The depth of a chain is defined as the number of signing CA certificates that are present in the chain back to a trusted self-signed root CA certificate. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "bridgingTlsServerCertValidateDateEnabled": { + "description": "Enable or disable validation of the \"Not Before\" and \"Not After\" validity dates in the server certificate. When disabled, a certificate will be accepted even if the certificate is not valid based on these dates. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "bridgingTlsServerCertValidateNameEnabled": { + "description": "Enable or disable the standard TLS authentication mechanism of verifying the name used to connect to the bridge. If enabled, the name used to connect to the bridge is checked against the names specified in the certificate returned by the remote broker. Legacy Common Name validation is not performed if Server Certificate Name Validation is enabled, even if Common Name validation is also enabled. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.18.", + "type": "boolean" + }, + "distributedCacheManagementEnabled": { + "description": "Enable or disable managing of cache instances over the message bus. The default value is `true`. Deprecated since 2.28. Distributed cache management is now redundancy aware and thus no longer requires administrative intervention for operational state.", + "type": "boolean" + }, + "dmrEnabled": { + "description": "Enable or disable Dynamic Message Routing (DMR) for the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.11.", + "type": "boolean" + }, + "enabled": { + "description": "Enable or disable the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "eventConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventEgressFlowCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventEgressMsgRateThreshold": { + "$ref": "#/definitions/EventThresholdByValue" + }, + "eventEndpointCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventIngressFlowCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventIngressMsgRateThreshold": { + "$ref": "#/definitions/EventThresholdByValue" + }, + "eventLargeMsgThreshold": { + "description": "The threshold, in kilobytes, after which a message is considered to be large for the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1024`.", + "format": "int64", + "type": "integer" + }, + "eventLogTag": { + "description": "A prefix applied to all published Events in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "eventMsgSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventPublishClientEnabled": { + "description": "Enable or disable Client level Event message publishing. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "eventPublishMsgVpnEnabled": { + "description": "Enable or disable Message VPN level Event message publishing. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "eventPublishSubscriptionMode": { + "description": "Subscription level Event message publishing mode. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"off\"`. The allowed values and their meaning are:\n\n
\n\"off\" - Disable client level event message publishing.\n\"on-with-format-v1\" - Enable client level event message publishing with format v1.\n\"on-with-no-unsubscribe-events-on-disconnect-format-v1\" - As \"on-with-format-v1\", but unsubscribe events are not generated when a client disconnects. Unsubscribe events are still raised when a client explicitly unsubscribes from its subscriptions.\n\"on-with-format-v2\" - Enable client level event message publishing with format v2.\n\"on-with-no-unsubscribe-events-on-disconnect-format-v2\" - As \"on-with-format-v2\", but unsubscribe events are not generated when a client disconnects. Unsubscribe events are still raised when a client explicitly unsubscribes from its subscriptions.\n
\n", + "enum": [ + "off", + "on-with-format-v1", + "on-with-no-unsubscribe-events-on-disconnect-format-v1", + "on-with-format-v2", + "on-with-no-unsubscribe-events-on-disconnect-format-v2" + ], + "type": "string" + }, + "eventPublishTopicFormatMqttEnabled": { + "description": "Enable or disable Event publish topics in MQTT format. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "eventPublishTopicFormatSmfEnabled": { + "description": "Enable or disable Event publish topics in SMF format. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "eventServiceAmqpConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventServiceMqttConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventServiceRestIncomingConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventServiceSmfConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventServiceWebConnectionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventSubscriptionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventTransactedSessionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventTransactionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "exportSubscriptionsEnabled": { + "description": "Enable or disable the export of subscriptions in the Message VPN to other routers in the network over Neighbor links. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "jndiEnabled": { + "description": "Enable or disable JNDI access for clients in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.2.", + "type": "boolean" + }, + "maxConnectionCount": { + "description": "The maximum number of client connections to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform.", + "format": "int64", + "type": "integer" + }, + "maxEgressFlowCount": { + "description": "The maximum number of transmit flows that can be created in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxEndpointCount": { + "description": "The maximum number of Queues and Topic Endpoints that can be created in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxIngressFlowCount": { + "description": "The maximum number of receive flows that can be created in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxKafkaBrokerConnectionCount": { + "description": "The maximum number of simultaneous Kafka Broker connections of the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform. Available since 2.39.", + "format": "int32", + "type": "integer" + }, + "maxMsgSpoolUsage": { + "description": "The maximum message spool usage by the Message VPN, in megabytes. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "maxSubscriptionCount": { + "description": "The maximum number of local subscriptions that can be added to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `500000`.", + "format": "int64", + "type": "integer" + }, + "maxTransactedSessionCount": { + "description": "The maximum number of transacted sessions that can be created in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default varies by platform.", + "format": "int64", + "type": "integer" + }, + "maxTransactionCount": { + "description": "The maximum number of transactions that can be created in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default varies by platform.", + "format": "int64", + "type": "integer" + }, + "mqttRetainMaxMemory": { + "description": "The maximum total memory usage of the MQTT Retain feature for this Message VPN, in MB. If the maximum memory is reached, any arriving retain messages that require more memory are discarded. A value of -1 indicates that the memory is bounded only by the global max memory limit. A value of 0 prevents MQTT Retain from becoming operational. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `-1`. Available since 2.11.", + "format": "int32", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "replicationAckPropagationIntervalMsgCount": { + "description": "The acknowledgment (ACK) propagation interval for the replication Bridge, in number of replicated messages. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `20`.", + "format": "int64", + "type": "integer" + }, + "replicationBridgeAuthenticationBasicClientUsername": { + "description": "The Client Username the replication Bridge uses to login to the remote Message VPN. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "replicationBridgeAuthenticationBasicPassword": { + "description": "The password for the Client Username. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "replicationBridgeAuthenticationClientCertContent": { + "description": "The PEM formatted content for the client certificate used by this bridge to login to the Remote Message VPN. It must consist of a private key and between one and three certificates comprising the certificate trust chain. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. The default value is `\"\"`. Available since 2.9.", + "type": "string" + }, + "replicationBridgeAuthenticationClientCertPassword": { + "description": "The password for the client certificate. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. The default value is `\"\"`. Available since 2.9.", + "type": "string" + }, + "replicationBridgeAuthenticationScheme": { + "description": "The authentication scheme for the replication Bridge in the Message VPN. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"basic\"`. The allowed values and their meaning are:\n\n
\n\"basic\" - Basic Authentication Scheme (via username and password).\n\"client-certificate\" - Client Certificate Authentication Scheme (via certificate file or content).\n
\n", + "enum": [ + "basic", + "client-certificate" + ], + "type": "string" + }, + "replicationBridgeCompressedDataEnabled": { + "description": "Enable or disable use of compression for the replication Bridge. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "replicationBridgeEgressFlowWindowSize": { + "description": "The size of the window used for guaranteed messages published to the replication Bridge, in messages. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `255`.", + "format": "int64", + "type": "integer" + }, + "replicationBridgeRetryDelay": { + "description": "The number of seconds that must pass before retrying the replication Bridge connection. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "replicationBridgeTlsEnabled": { + "description": "Enable or disable use of encryption (TLS) for the replication Bridge connection. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "replicationBridgeUnidirectionalClientProfileName": { + "description": "The Client Profile for the unidirectional replication Bridge in the Message VPN. It is used only for the TCP parameters. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"#client-profile\"`.", + "type": "string" + }, + "replicationEnabled": { + "description": "Enable or disable replication for the Message VPN. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "replicationEnabledQueueBehavior": { + "description": "The behavior to take when enabling replication for the Message VPN, depending on the existence of the replication Queue. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"fail-on-existing-queue\"`. The allowed values and their meaning are:\n\n
\n\"fail-on-existing-queue\" - The data replication queue must not already exist.\n\"force-use-existing-queue\" - The data replication queue must already exist. Any data messages on the Queue will be forwarded to interested applications. IMPORTANT: Before using this mode be certain that the messages are not stale or otherwise unsuitable to be forwarded. This mode can only be specified when the existing queue is configured the same as is currently specified under replication configuration otherwise the enabling of replication will fail.\n\"force-recreate-queue\" - The data replication queue must already exist. Any data messages on the Queue will be discarded. IMPORTANT: Before using this mode be certain that the messages on the existing data replication queue are not needed by interested applications.\n
\n", + "enum": [ + "fail-on-existing-queue", + "force-use-existing-queue", + "force-recreate-queue" + ], + "type": "string" + }, + "replicationQueueMaxMsgSpoolUsage": { + "description": "The maximum message spool usage by the replication Bridge local Queue (quota), in megabytes. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `60000`.", + "format": "int64", + "type": "integer" + }, + "replicationQueueRejectMsgToSenderOnDiscardEnabled": { + "description": "Enable or disable whether messages discarded on the replication Bridge local Queue are rejected back to the sender. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "replicationRejectMsgWhenSyncIneligibleEnabled": { + "description": "Enable or disable whether guaranteed messages published to synchronously replicated Topics are rejected back to the sender when synchronous replication becomes ineligible. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "replicationRole": { + "description": "The replication role for the Message VPN. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"standby\"`. The allowed values and their meaning are:\n\n
\n\"active\" - Assume the Active role in replication for the Message VPN.\n\"standby\" - Assume the Standby role in replication for the Message VPN.\n
\n", + "enum": [ + "active", + "standby" + ], + "type": "string" + }, + "replicationTransactionMode": { + "description": "The transaction replication mode for all transactions within the Message VPN. Changing this value during operation will not affect existing transactions; it is only used upon starting a transaction. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"async\"`. The allowed values and their meaning are:\n\n
\n\"sync\" - Messages are acknowledged when replicated (spooled remotely).\n\"async\" - Messages are acknowledged when pending replication (spooled locally).\n
\n", + "enum": [ + "sync", + "async" + ], + "type": "string" + }, + "restTlsServerCertEnforceTrustedCommonNameEnabled": { + "description": "Enable or disable validation of the Common Name (CN) in the server certificate from the remote REST Consumer. If enabled, the Common Name is checked against the list of Trusted Common Names configured for the REST Consumer. Common Name validation is not performed if Server Certificate Name Validation is enabled, even if Common Name validation is enabled. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "boolean" + }, + "restTlsServerCertMaxChainDepth": { + "description": "The maximum depth for a REST Consumer server certificate chain. The depth of a chain is defined as the number of signing CA certificates that are present in the chain back to a trusted self-signed root CA certificate. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "restTlsServerCertValidateDateEnabled": { + "description": "Enable or disable validation of the \"Not Before\" and \"Not After\" validity dates in the REST Consumer server certificate. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "restTlsServerCertValidateNameEnabled": { + "description": "Enable or disable the standard TLS authentication mechanism of verifying the name used to connect to the remote REST Consumer. If enabled, the name used to connect to the remote REST Consumer is checked against the names specified in the certificate returned by the remote broker. Legacy Common Name validation is not performed if Server Certificate Name Validation is enabled, even if Common Name validation is also enabled. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.17.", + "type": "boolean" + }, + "sempOverMsgBusAdminClientEnabled": { + "description": "Enable or disable \"admin client\" SEMP over the message bus commands for the current Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "sempOverMsgBusAdminDistributedCacheEnabled": { + "description": "Enable or disable \"admin distributed-cache\" SEMP over the message bus commands for the current Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "sempOverMsgBusAdminEnabled": { + "description": "Enable or disable \"admin\" SEMP over the message bus commands for the current Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "sempOverMsgBusEnabled": { + "description": "Enable or disable SEMP over the message bus for the current Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "sempOverMsgBusShowEnabled": { + "description": "Enable or disable \"show\" SEMP over the message bus commands for the current Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "serviceAmqpMaxConnectionCount": { + "description": "The maximum number of AMQP client connections that can be simultaneously connected to the Message VPN. This value may be higher than supported by the platform. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform. Available since 2.7.", + "format": "int64", + "type": "integer" + }, + "serviceAmqpPlainTextEnabled": { + "description": "Enable or disable the plain-text AMQP service in the Message VPN. Disabling causes clients connected to the corresponding listen-port to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.7.", + "type": "boolean" + }, + "serviceAmqpPlainTextListenPort": { + "description": "The port number for plain-text AMQP clients that connect to the Message VPN. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceAmqpPlainTextEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.7.", + "format": "int64", + "type": "integer" + }, + "serviceAmqpTlsEnabled": { + "description": "Enable or disable the use of encryption (TLS) for the AMQP service in the Message VPN. Disabling causes clients currently connected over TLS to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.7.", + "type": "boolean" + }, + "serviceAmqpTlsListenPort": { + "description": "The port number for AMQP clients that connect to the Message VPN over TLS. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceAmqpTlsEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.7.", + "format": "int64", + "type": "integer" + }, + "serviceMqttAuthenticationClientCertRequest": { + "description": "Determines when to request a client certificate from an incoming MQTT client connecting via a TLS port. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"when-enabled-in-message-vpn\"`. The allowed values and their meaning are:\n\n
\n\"always\" - Always ask for a client certificate regardless of the \"message-vpn > authentication > client-certificate > shutdown\" configuration.\n\"never\" - Never ask for a client certificate regardless of the \"message-vpn > authentication > client-certificate > shutdown\" configuration.\n\"when-enabled-in-message-vpn\" - Only ask for a client-certificate if client certificate authentication is enabled under \"message-vpn >  authentication > client-certificate > shutdown\".\n
\n Available since 2.21.", + "enum": [ + "always", + "never", + "when-enabled-in-message-vpn" + ], + "type": "string" + }, + "serviceMqttMaxConnectionCount": { + "description": "The maximum number of MQTT client connections that can be simultaneously connected to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform. Available since 2.1.", + "format": "int64", + "type": "integer" + }, + "serviceMqttPlainTextEnabled": { + "description": "Enable or disable the plain-text MQTT service in the Message VPN. Disabling causes clients currently connected to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.1.", + "type": "boolean" + }, + "serviceMqttPlainTextListenPort": { + "description": "The port number for plain-text MQTT clients that connect to the Message VPN. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceMqttPlainTextEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.1.", + "format": "int64", + "type": "integer" + }, + "serviceMqttTlsEnabled": { + "description": "Enable or disable the use of encryption (TLS) for the MQTT service in the Message VPN. Disabling causes clients currently connected over TLS to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.1.", + "type": "boolean" + }, + "serviceMqttTlsListenPort": { + "description": "The port number for MQTT clients that connect to the Message VPN over TLS. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceMqttTlsEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.1.", + "format": "int64", + "type": "integer" + }, + "serviceMqttTlsWebSocketEnabled": { + "description": "Enable or disable the use of encrypted WebSocket (WebSocket over TLS) for the MQTT service in the Message VPN. Disabling causes clients currently connected by encrypted WebSocket to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.1.", + "type": "boolean" + }, + "serviceMqttTlsWebSocketListenPort": { + "description": "The port number for MQTT clients that connect to the Message VPN using WebSocket over TLS. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceMqttTlsWebSocketEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.1.", + "format": "int64", + "type": "integer" + }, + "serviceMqttWebSocketEnabled": { + "description": "Enable or disable the use of WebSocket for the MQTT service in the Message VPN. Disabling causes clients currently connected by WebSocket to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.1.", + "type": "boolean" + }, + "serviceMqttWebSocketListenPort": { + "description": "The port number for plain-text MQTT clients that connect to the Message VPN using WebSocket. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceMqttWebSocketEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.1.", + "format": "int64", + "type": "integer" + }, + "serviceRestIncomingAuthenticationClientCertRequest": { + "description": "Determines when to request a client certificate from an incoming REST Producer connecting via a TLS port. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"when-enabled-in-message-vpn\"`. The allowed values and their meaning are:\n\n
\n\"always\" - Always ask for a client certificate regardless of the \"message-vpn > authentication > client-certificate > shutdown\" configuration.\n\"never\" - Never ask for a client certificate regardless of the \"message-vpn > authentication > client-certificate > shutdown\" configuration.\n\"when-enabled-in-message-vpn\" - Only ask for a client-certificate if client certificate authentication is enabled under \"message-vpn >  authentication > client-certificate > shutdown\".\n
\n Available since 2.21.", + "enum": [ + "always", + "never", + "when-enabled-in-message-vpn" + ], + "type": "string" + }, + "serviceRestIncomingAuthorizationHeaderHandling": { + "description": "The handling of Authorization headers for incoming REST connections. Authorization header handling settings apply only when the Message VPN is in gateway mode. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"drop\"`. The allowed values and their meaning are:\n\n
\n\"drop\" - Do not attach the Authorization header to the message as a user property. This configuration is most secure.\n\"forward\" - Forward the Authorization header, attaching it to the message as a user property in the same way as other headers. For best security, use the drop setting.\n\"legacy\" - If the Authorization header was used for authentication to the broker, do not attach it to the message. If the Authorization header was not used for authentication to the broker, attach it to the message as a user property in the same way as other headers. For best security, use the drop setting.\n
\n Available since 2.19.", + "enum": [ + "drop", + "forward", + "legacy" + ], + "type": "string" + }, + "serviceRestIncomingMaxConnectionCount": { + "description": "The maximum number of REST incoming client connections that can be simultaneously connected to the Message VPN. This value may be higher than supported by the platform. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform.", + "format": "int64", + "type": "integer" + }, + "serviceRestIncomingPlainTextEnabled": { + "description": "Enable or disable the plain-text REST service for incoming clients in the Message VPN. Disabling causes clients currently connected to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "serviceRestIncomingPlainTextListenPort": { + "description": "The port number for incoming plain-text REST clients that connect to the Message VPN. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceRestIncomingPlainTextEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "serviceRestIncomingTlsEnabled": { + "description": "Enable or disable the use of encryption (TLS) for the REST service for incoming clients in the Message VPN. Disabling causes clients currently connected over TLS to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "serviceRestIncomingTlsListenPort": { + "description": "The port number for incoming REST clients that connect to the Message VPN over TLS. The port must be unique across the message backbone. A value of 0 means that the listen-port is unassigned and cannot be enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as serviceRestIncomingTlsEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "serviceRestMode": { + "description": "The REST service mode for incoming REST clients that connect to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"messaging\"`. The allowed values and their meaning are:\n\n
\n\"gateway\" - Act as a message gateway through which REST messages are propagated.\n\"messaging\" - Act as a message broker on which REST messages are queued.\n
\n Available since 2.6.", + "enum": [ + "gateway", + "messaging" + ], + "type": "string" + }, + "serviceRestOutgoingMaxConnectionCount": { + "description": "The maximum number of REST Consumer (outgoing) client connections that can be simultaneously connected to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default varies by platform.", + "format": "int64", + "type": "integer" + }, + "serviceSmfMaxConnectionCount": { + "description": "The maximum number of SMF client connections that can be simultaneously connected to the Message VPN. This value may be higher than supported by the platform. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default varies by platform.", + "format": "int64", + "type": "integer" + }, + "serviceSmfPlainTextEnabled": { + "description": "Enable or disable the plain-text SMF service in the Message VPN. Disabling causes clients currently connected to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "serviceSmfTlsEnabled": { + "description": "Enable or disable the use of encryption (TLS) for the SMF service in the Message VPN. Disabling causes clients currently connected over TLS to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "serviceWebAuthenticationClientCertRequest": { + "description": "Determines when to request a client certificate from a Web Transport client connecting via a TLS port. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"when-enabled-in-message-vpn\"`. The allowed values and their meaning are:\n\n
\n\"always\" - Always ask for a client certificate regardless of the \"message-vpn > authentication > client-certificate > shutdown\" configuration.\n\"never\" - Never ask for a client certificate regardless of the \"message-vpn > authentication > client-certificate > shutdown\" configuration.\n\"when-enabled-in-message-vpn\" - Only ask for a client-certificate if client certificate authentication is enabled under \"message-vpn >  authentication > client-certificate > shutdown\".\n
\n Available since 2.21.", + "enum": [ + "always", + "never", + "when-enabled-in-message-vpn" + ], + "type": "string" + }, + "serviceWebMaxConnectionCount": { + "description": "The maximum number of Web Transport client connections that can be simultaneously connected to the Message VPN. This value may be higher than supported by the platform. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform.", + "format": "int64", + "type": "integer" + }, + "serviceWebPlainTextEnabled": { + "description": "Enable or disable the plain-text Web Transport service in the Message VPN. Disabling causes clients currently connected to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "serviceWebTlsEnabled": { + "description": "Enable or disable the use of TLS for the Web Transport service in the Message VPN. Disabling causes clients currently connected over TLS to be disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "tlsAllowDowngradeToPlainTextEnabled": { + "description": "Enable or disable the allowing of TLS SMF clients to downgrade their connections to plain-text connections. Changing this will not affect existing connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnAclProfile": { + "properties": { + "aclProfileName": { + "description": "The name of the ACL Profile.", + "type": "string" + }, + "clientConnectDefaultAction": { + "description": "The default action to take when a client using the ACL Profile connects to the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"disallow\"`. The allowed values and their meaning are:\n\n
\n\"allow\" - Allow client connection unless an exception is found for it.\n\"disallow\" - Disallow client connection unless an exception is found for it.\n
\n", + "enum": [ + "allow", + "disallow" + ], + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "publishTopicDefaultAction": { + "description": "The default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"disallow\"`. The allowed values and their meaning are:\n\n
\n\"allow\" - Allow topic unless an exception is found for it.\n\"disallow\" - Disallow topic unless an exception is found for it.\n
\n", + "enum": [ + "allow", + "disallow" + ], + "type": "string" + }, + "subscribeShareNameDefaultAction": { + "description": "The default action to take when a client using the ACL Profile subscribes to a share-name subscription in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"allow\"`. The allowed values and their meaning are:\n\n
\n\"allow\" - Allow topic unless an exception is found for it.\n\"disallow\" - Disallow topic unless an exception is found for it.\n
\n Available since 2.14.", + "enum": [ + "allow", + "disallow" + ], + "type": "string" + }, + "subscribeTopicDefaultAction": { + "description": "The default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"disallow\"`. The allowed values and their meaning are:\n\n
\n\"allow\" - Allow topic unless an exception is found for it.\n\"disallow\" - Disallow topic unless an exception is found for it.\n
\n", + "enum": [ + "allow", + "disallow" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileClientConnectException": { + "properties": { + "aclProfileName": { + "description": "The name of the ACL Profile.", + "type": "string" + }, + "clientConnectExceptionAddress": { + "description": "The IP address/netmask of the client connect exception in canonical CIDR form.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileClientConnectExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Client Connect Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileClientConnectExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectException" + }, + "links": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileClientConnectExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileLinks": { + "properties": { + "clientConnectExceptionsUri": { + "description": "The URI of this ACL Profile's collection of Client Connect Exception objects.", + "type": "string" + }, + "publishExceptionsUri": { + "description": "The URI of this ACL Profile's collection of Publish Topic Exception objects. Deprecated since 2.14. Replaced by publishTopicExceptions.", + "type": "string" + }, + "publishTopicExceptionsUri": { + "description": "The URI of this ACL Profile's collection of Publish Topic Exception objects. Available since 2.14.", + "type": "string" + }, + "subscribeExceptionsUri": { + "description": "The URI of this ACL Profile's collection of Subscribe Topic Exception objects. Deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "type": "string" + }, + "subscribeShareNameExceptionsUri": { + "description": "The URI of this ACL Profile's collection of Subscribe Share Name Exception objects. Available since 2.14.", + "type": "string" + }, + "subscribeTopicExceptionsUri": { + "description": "The URI of this ACL Profile's collection of Subscribe Topic Exception objects. Available since 2.14.", + "type": "string" + }, + "uri": { + "description": "The URI of this ACL Profile object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfilePublishException": { + "properties": { + "aclProfileName": { + "description": "The name of the ACL Profile. Deprecated since 2.14. Replaced by publishTopicExceptions.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN. Deprecated since 2.14. Replaced by publishTopicExceptions.", + "type": "string" + }, + "publishExceptionTopic": { + "description": "The topic for the exception to the default action taken. May include wildcard characters. Deprecated since 2.14. Replaced by publishTopicExceptions.", + "type": "string" + }, + "topicSyntax": { + "description": "The syntax of the topic for the exception to the default action taken. The allowed values and their meaning are:\n\n
\n\"smf\" - Topic uses SMF syntax.\n\"mqtt\" - Topic uses MQTT syntax.\n
\n Deprecated since 2.14. Replaced by publishTopicExceptions.", + "enum": [ + "smf", + "mqtt" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfilePublishExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Publish Topic Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfilePublishExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAclProfilePublishException" + }, + "links": { + "$ref": "#/definitions/MsgVpnAclProfilePublishExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfilePublishExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfilePublishException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfilePublishExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfilePublishTopicException": { + "properties": { + "aclProfileName": { + "description": "The name of the ACL Profile.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "publishTopicException": { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "type": "string" + }, + "publishTopicExceptionSyntax": { + "description": "The syntax of the topic for the exception to the default action taken. The allowed values and their meaning are:\n\n
\n\"smf\" - Topic uses SMF syntax.\n\"mqtt\" - Topic uses MQTT syntax.\n
\n", + "enum": [ + "smf", + "mqtt" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfilePublishTopicExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Publish Topic Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfilePublishTopicExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicException" + }, + "links": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfilePublishTopicExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAclProfile" + }, + "links": { + "$ref": "#/definitions/MsgVpnAclProfileLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileSubscribeException": { + "properties": { + "aclProfileName": { + "description": "The name of the ACL Profile. Deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN. Deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "type": "string" + }, + "subscribeExceptionTopic": { + "description": "The topic for the exception to the default action taken. May include wildcard characters. Deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "type": "string" + }, + "topicSyntax": { + "description": "The syntax of the topic for the exception to the default action taken. The allowed values and their meaning are:\n\n
\n\"smf\" - Topic uses SMF syntax.\n\"mqtt\" - Topic uses MQTT syntax.\n
\n Deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "enum": [ + "smf", + "mqtt" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileSubscribeExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Subscribe Topic Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileSubscribeExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeException" + }, + "links": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileSubscribeExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileSubscribeShareNameException": { + "properties": { + "aclProfileName": { + "description": "The name of the ACL Profile.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "subscribeShareNameException": { + "description": "The subscribe share name exception to the default action taken. May include wildcard characters.", + "type": "string" + }, + "subscribeShareNameExceptionSyntax": { + "description": "The syntax of the subscribe share name for the exception to the default action taken. The allowed values and their meaning are:\n\n
\n\"smf\" - Topic uses SMF syntax.\n\"mqtt\" - Topic uses MQTT syntax.\n
\n", + "enum": [ + "smf", + "mqtt" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileSubscribeShareNameExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Subscribe Share Name Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileSubscribeShareNameExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameException" + }, + "links": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileSubscribeShareNameExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileSubscribeTopicException": { + "properties": { + "aclProfileName": { + "description": "The name of the ACL Profile.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "subscribeTopicException": { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "type": "string" + }, + "subscribeTopicExceptionSyntax": { + "description": "The syntax of the topic for the exception to the default action taken. The allowed values and their meaning are:\n\n
\n\"smf\" - Topic uses SMF syntax.\n\"mqtt\" - Topic uses MQTT syntax.\n
\n", + "enum": [ + "smf", + "mqtt" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileSubscribeTopicExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Subscribe Topic Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAclProfileSubscribeTopicExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicException" + }, + "links": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfileSubscribeTopicExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAclProfilesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfile" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAclProfileLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationKerberosRealm": { + "properties": { + "enabled": { + "description": "Enable or disable the Realm. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "kdcAddress": { + "description": "Address (FQDN or IP) and optional port of the Key Distribution Center for principals in this Realm. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "kerberosRealmName": { + "description": "The Realm Name. Must start with \"@\", typically all uppercase.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationKerberosRealmLinks": { + "properties": { + "uri": { + "description": "The URI of this Realm object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationKerberosRealmResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealm" + }, + "links": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealmLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationKerberosRealmsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealm" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealmLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProfile": { + "properties": { + "authorizationGroupsClaimName": { + "description": "The name of the groups claim. If non-empty, the specified claim will be used to determine groups for authorization. If empty, the authorizationType attribute of the Message VPN will be used to determine authorization. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"groups\"`.", + "type": "string" + }, + "authorizationGroupsClaimStringFormat": { + "description": "The format of the authorization groups claim value when it is a string. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"single\"`. The allowed values and their meaning are:\n\n
\n\"single\" - When the claim is a string, it is interpreted as as single group.\n\"space-delimited\" - When the claim is a string, it is interpreted as a space-delimited list of groups, similar to the \"scope\" claim.\n
\n Available since 2.32.", + "enum": [ + "single", + "space-delimited" + ], + "type": "string" + }, + "clientId": { + "description": "The OAuth client id. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "clientRequiredType": { + "description": "The required value for the TYP field in the ID token header. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"JWT\"`.", + "type": "string" + }, + "clientSecret": { + "description": "The OAuth client secret. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "clientValidateTypeEnabled": { + "description": "Enable or disable verification of the TYP field in the ID token header. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "disconnectOnTokenExpirationEnabled": { + "description": "Enable or disable the disconnection of clients when their tokens expire. Changing this value does not affect existing clients, only new client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "enabled": { + "description": "Enable or disable the OAuth profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "endpointDiscovery": { + "description": "The OpenID Connect discovery endpoint or OAuth Authorization Server Metadata endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointDiscoveryRefreshInterval": { + "description": "The number of seconds between discovery endpoint requests. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `86400`.", + "format": "int32", + "type": "integer" + }, + "endpointIntrospection": { + "description": "The OAuth introspection endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointIntrospectionTimeout": { + "description": "The maximum time in seconds a token introspection request is allowed to take. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "endpointJwks": { + "description": "The OAuth JWKS endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointJwksRefreshInterval": { + "description": "The number of seconds between JWKS endpoint requests. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `86400`.", + "format": "int32", + "type": "integer" + }, + "endpointUserinfo": { + "description": "The OpenID Connect Userinfo endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointUserinfoTimeout": { + "description": "The maximum time in seconds a userinfo request is allowed to take. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "issuer": { + "description": "The Issuer Identifier for the OAuth provider. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "mqttUsernameValidateEnabled": { + "description": "Enable or disable whether the API provided MQTT client username will be validated against the username calculated from the token(s). When enabled, connection attempts by MQTT clients are rejected if they differ. Note that this value only applies to MQTT clients; SMF client usernames will not be validated. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + }, + "oauthRole": { + "description": "The OAuth role of the broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"client\"`. The allowed values and their meaning are:\n\n
\n\"client\" - The broker is in the OAuth client role.\n\"resource-server\" - The broker is in the OAuth resource server role.\n
\n", + "enum": [ + "client", + "resource-server" + ], + "type": "string" + }, + "proxyName": { + "description": "The name of the proxy to use for discovery, user info, jwks, and introspection requests. Leave empty for no proxy. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.41.", + "type": "string" + }, + "resourceServerParseAccessTokenEnabled": { + "description": "Enable or disable parsing of the access token as a JWT. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerRequiredAudience": { + "description": "The required audience value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "resourceServerRequiredIssuer": { + "description": "The required issuer value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "resourceServerRequiredScope": { + "description": "A space-separated list of scopes that must be present in the scope claim. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "resourceServerRequiredType": { + "description": "The required TYP value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"at+jwt\"`.", + "type": "string" + }, + "resourceServerValidateAudienceEnabled": { + "description": "Enable or disable verification of the audience claim in the access token or introspection response. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerValidateIssuerEnabled": { + "description": "Enable or disable verification of the issuer claim in the access token or introspection response. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerValidateScopeEnabled": { + "description": "Enable or disable verification of the scope claim in the access token or introspection response. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerValidateTypeEnabled": { + "description": "Enable or disable verification of the TYP field in the access token header. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "usernameClaimName": { + "description": "The name of the username claim. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"sub\"`.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileClientRequiredClaim": { + "properties": { + "clientRequiredClaimName": { + "description": "The name of the ID token claim to verify.", + "type": "string" + }, + "clientRequiredClaimValue": { + "description": "The required claim value.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileClientRequiredClaimLinks": { + "properties": { + "uri": { + "description": "The URI of this Required Claim object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileClientRequiredClaimResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaim" + }, + "links": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaimLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileClientRequiredClaimsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaim" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaimLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileLinks": { + "properties": { + "clientRequiredClaimsUri": { + "description": "The URI of this OAuth Profile's collection of Required Claim objects.", + "type": "string" + }, + "resourceServerRequiredClaimsUri": { + "description": "The URI of this OAuth Profile's collection of Required Claim objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this OAuth Profile object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileResourceServerRequiredClaim": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + }, + "resourceServerRequiredClaimName": { + "description": "The name of the access token claim to verify.", + "type": "string" + }, + "resourceServerRequiredClaimValue": { + "description": "The required claim value.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimLinks": { + "properties": { + "uri": { + "description": "The URI of this Required Claim object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaim" + }, + "links": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaim" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProfileResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfile" + }, + "links": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProfilesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfile" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProvider": { + "properties": { + "audienceClaimName": { + "description": "The audience claim name, indicating which part of the object to use for determining the audience. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"aud\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "audienceClaimSource": { + "description": "The audience claim source, indicating where to search for the audience value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"id-token\"`. The allowed values and their meaning are:\n\n
\n\"access-token\" - The OAuth v2 access_token.\n\"id-token\" - The OpenID Connect id_token.\n\"introspection\" - The result of introspecting the OAuth v2 access_token.\n
\n Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "enum": [ + "access-token", + "id-token", + "introspection" + ], + "type": "string" + }, + "audienceClaimValue": { + "description": "The required audience value for a token to be considered valid. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "audienceValidationEnabled": { + "description": "Enable or disable audience validation. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "boolean" + }, + "authorizationGroupClaimName": { + "description": "The authorization group claim name, indicating which part of the object to use for determining the authorization group. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"scope\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "authorizationGroupClaimSource": { + "description": "The authorization group claim source, indicating where to search for the authorization group name. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"id-token\"`. The allowed values and their meaning are:\n\n
\n\"access-token\" - The OAuth v2 access_token.\n\"id-token\" - The OpenID Connect id_token.\n\"introspection\" - The result of introspecting the OAuth v2 access_token.\n
\n Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "enum": [ + "access-token", + "id-token", + "introspection" + ], + "type": "string" + }, + "authorizationGroupEnabled": { + "description": "Enable or disable OAuth based authorization. When enabled, the configured authorization type for OAuth clients is overridden. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "boolean" + }, + "disconnectOnTokenExpirationEnabled": { + "description": "Enable or disable the disconnection of clients when their tokens expire. Changing this value does not affect existing clients, only new client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "boolean" + }, + "enabled": { + "description": "Enable or disable OAuth Provider client authentication. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "boolean" + }, + "jwksRefreshInterval": { + "description": "The number of seconds between forced JWKS public key refreshing. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `86400`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "format": "int32", + "type": "integer" + }, + "jwksUri": { + "description": "The URI where the OAuth provider publishes its JWKS public keys. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN. Deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "type": "string" + }, + "oauthProviderName": { + "description": "The name of the OAuth Provider. Deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "type": "string" + }, + "tokenIgnoreTimeLimitsEnabled": { + "description": "Enable or disable whether to ignore time limits and accept tokens that are not yet valid or are no longer valid. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "boolean" + }, + "tokenIntrospectionParameterName": { + "description": "The parameter name used to identify the token during access token introspection. A standards compliant OAuth introspection server expects \"token\". Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"token\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "tokenIntrospectionPassword": { + "description": "The password to use when logging into the token introspection URI. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "tokenIntrospectionTimeout": { + "description": "The maximum time in seconds a token introspection is allowed to take. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "format": "int32", + "type": "integer" + }, + "tokenIntrospectionUri": { + "description": "The token introspection URI of the OAuth authentication server. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "tokenIntrospectionUsername": { + "description": "The username to use when logging into the token introspection URI. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "usernameClaimName": { + "description": "The username claim name, indicating which part of the object to use for determining the username. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"sub\"`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "string" + }, + "usernameClaimSource": { + "description": "The username claim source, indicating where to search for the username value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"id-token\"`. The allowed values and their meaning are:\n\n
\n\"access-token\" - The OAuth v2 access_token.\n\"id-token\" - The OpenID Connect id_token.\n\"introspection\" - The result of introspecting the OAuth v2 access_token.\n
\n Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "enum": [ + "access-token", + "id-token", + "introspection" + ], + "type": "string" + }, + "usernameValidateEnabled": { + "description": "Enable or disable whether the API provided username will be validated against the username calculated from the token(s); the connection attempt is rejected if they differ. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.25. authenticationOauthProviders replaced by authenticationOauthProfiles.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProviderLinks": { + "properties": { + "uri": { + "description": "The URI of this OAuth Provider object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthenticationOauthProviderResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProvider" + }, + "links": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProviderLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthenticationOauthProvidersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProvider" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProviderLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthorizationGroup": { + "properties": { + "aclProfileName": { + "description": "The ACL Profile of the Authorization Group. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "authorizationGroupName": { + "description": "The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with '\\'. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test\\#,lab,com'.", + "type": "string" + }, + "clientProfileName": { + "description": "The Client Profile of the Authorization Group. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Authorization Group in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "orderAfterAuthorizationGroupName": { + "description": "Lower the priority to be less than this group. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is not applicable.", + "type": "string" + }, + "orderBeforeAuthorizationGroupName": { + "description": "Raise the priority to be greater than this group. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is not applicable.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthorizationGroupLinks": { + "properties": { + "uri": { + "description": "The URI of this Authorization Group object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnAuthorizationGroupResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnAuthorizationGroup" + }, + "links": { + "$ref": "#/definitions/MsgVpnAuthorizationGroupLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnAuthorizationGroupsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnAuthorizationGroup" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnAuthorizationGroupLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridge": { + "properties": { + "bridgeName": { + "description": "The name of the Bridge.", + "type": "string" + }, + "bridgeVirtualRouter": { + "description": "The virtual router of the Bridge. The allowed values and their meaning are:\n\n
\n\"primary\" - The Bridge is used for the primary virtual router.\n\"backup\" - The Bridge is used for the backup virtual router.\n\"auto\" - The Bridge is automatically assigned a virtual router at creation, depending on the broker's active-standby role.\n
\n", + "enum": [ + "primary", + "backup", + "auto" + ], + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Bridge. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "maxTtl": { + "description": "The maximum time-to-live (TTL) in hops. Messages are discarded if their TTL exceeds this value. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `8`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "remoteAuthenticationBasicClientUsername": { + "description": "The Client Username the Bridge uses to login to the remote Message VPN. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "remoteAuthenticationBasicPassword": { + "description": "The password for the Client Username. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "remoteAuthenticationClientCertContent": { + "description": "The PEM formatted content for the client certificate used by the Bridge to login to the remote Message VPN. It must consist of a private key and between one and three certificates comprising the certificate trust chain. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.9.", + "type": "string" + }, + "remoteAuthenticationClientCertPassword": { + "description": "The password for the client certificate. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.9.", + "type": "string" + }, + "remoteAuthenticationScheme": { + "description": "The authentication scheme for the remote Message VPN. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"basic\"`. The allowed values and their meaning are:\n\n
\n\"basic\" - Basic Authentication Scheme (via username and password).\n\"client-certificate\" - Client Certificate Authentication Scheme (via certificate file or content).\n
\n", + "enum": [ + "basic", + "client-certificate" + ], + "type": "string" + }, + "remoteConnectionRetryCount": { + "description": "The number of retry attempts to establish a connection before moving on to the next remote Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "remoteConnectionRetryDelay": { + "description": "The number of seconds the broker waits for the bridge connection to be established before attempting a new connection. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "remoteDeliverToOnePriority": { + "description": "The priority for deliver-to-one (DTO) messages transmitted from the remote Message VPN. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"p1\"`. The allowed values and their meaning are:\n\n
\n\"p1\" - The 1st or highest priority.\n\"p2\" - The 2nd highest priority.\n\"p3\" - The 3rd highest priority.\n\"p4\" - The 4th highest priority.\n\"da\" - Ignore priority and deliver always.\n
\n", + "enum": [ + "p1", + "p2", + "p3", + "p4", + "da" + ], + "type": "string" + }, + "tlsCipherSuiteList": { + "description": "The colon-separated list of cipher suites supported for TLS connections to the remote Message VPN. The value \"default\" implies all supported suites ordered from most secure to least secure. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeLinks": { + "properties": { + "remoteMsgVpnsUri": { + "description": "The URI of this Bridge's collection of Remote Message VPN objects.", + "type": "string" + }, + "remoteSubscriptionsUri": { + "description": "The URI of this Bridge's collection of Remote Subscription objects.", + "type": "string" + }, + "tlsTrustedCommonNamesUri": { + "description": "The URI of this Bridge's collection of Trusted Common Name objects. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "uri": { + "description": "The URI of this Bridge object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeRemoteMsgVpn": { + "properties": { + "bridgeName": { + "description": "The name of the Bridge.", + "type": "string" + }, + "bridgeVirtualRouter": { + "description": "The virtual router of the Bridge. The allowed values and their meaning are:\n\n
\n\"primary\" - The Bridge is used for the primary virtual router.\n\"backup\" - The Bridge is used for the backup virtual router.\n\"auto\" - The Bridge is automatically assigned a virtual router at creation, depending on the broker's active-standby role.\n
\n", + "enum": [ + "primary", + "backup", + "auto" + ], + "type": "string" + }, + "clientUsername": { + "description": "The Client Username the Bridge uses to login to the remote Message VPN. This per remote Message VPN value overrides the value provided for the Bridge overall. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "compressedDataEnabled": { + "description": "Enable or disable data compression for the remote Message VPN connection. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "connectOrder": { + "description": "The preference given to incoming connections from remote Message VPN hosts, from 1 (highest priority) to 4 (lowest priority). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "egressFlowWindowSize": { + "description": "The number of outstanding guaranteed messages that can be transmitted over the remote Message VPN connection before an acknowledgment is received. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `255`.", + "format": "int64", + "type": "integer" + }, + "enabled": { + "description": "Enable or disable the remote Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "password": { + "description": "The password for the Client Username. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "queueBinding": { + "description": "The queue binding of the Bridge in the remote Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "remoteMsgVpnInterface": { + "description": "The physical interface on the local Message VPN host for connecting to the remote Message VPN. By default, an interface is chosen automatically (recommended), but if specified, `remoteMsgVpnLocation` must not be a virtual router name.", + "type": "string" + }, + "remoteMsgVpnLocation": { + "description": "The location of the remote Message VPN as either an FQDN with port, IP address with port, or virtual router name (starting with \"v:\").", + "type": "string" + }, + "remoteMsgVpnName": { + "description": "The name of the remote Message VPN.", + "type": "string" + }, + "tlsEnabled": { + "description": "Enable or disable encryption (TLS) for the remote Message VPN connection. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "unidirectionalClientProfile": { + "description": "The Client Profile for the unidirectional Bridge of the remote Message VPN. The Client Profile must exist in the local Message VPN, and it is used only for the TCP parameters. Note that the default client profile has a TCP maximum window size of 2 MB. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"#client-profile\"`.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeRemoteMsgVpnLinks": { + "properties": { + "uri": { + "description": "The URI of this Remote Message VPN object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeRemoteMsgVpnResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpn" + }, + "links": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpnLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridgeRemoteMsgVpnsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpn" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpnLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridgeRemoteSubscription": { + "properties": { + "bridgeName": { + "description": "The name of the Bridge.", + "type": "string" + }, + "bridgeVirtualRouter": { + "description": "The virtual router of the Bridge. The allowed values and their meaning are:\n\n
\n\"primary\" - The Bridge is used for the primary virtual router.\n\"backup\" - The Bridge is used for the backup virtual router.\n\"auto\" - The Bridge is automatically assigned a virtual router at creation, depending on the broker's active-standby role.\n
\n", + "enum": [ + "primary", + "backup", + "auto" + ], + "type": "string" + }, + "deliverAlwaysEnabled": { + "description": "Enable or disable deliver-always for the Bridge remote subscription topic instead of a deliver-to-one remote priority. A given topic for the Bridge may be deliver-to-one or deliver-always but not both.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "remoteSubscriptionTopic": { + "description": "The topic of the Bridge remote subscription.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeRemoteSubscriptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Remote Subscription object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeRemoteSubscriptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscription" + }, + "links": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscriptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridgeRemoteSubscriptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscription" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscriptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridgeResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnBridge" + }, + "links": { + "$ref": "#/definitions/MsgVpnBridgeLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridgeTlsTrustedCommonName": { + "properties": { + "bridgeName": { + "description": "The name of the Bridge. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "bridgeVirtualRouter": { + "description": "The virtual router of the Bridge. The allowed values and their meaning are:\n\n
\n\"primary\" - The Bridge is used for the primary virtual router.\n\"backup\" - The Bridge is used for the backup virtual router.\n\"auto\" - The Bridge is automatically assigned a virtual router at creation, depending on the broker's active-standby role.\n
\n Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "enum": [ + "primary", + "backup", + "auto" + ], + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "tlsTrustedCommonName": { + "description": "The expected trusted common name of the remote certificate. Deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeTlsTrustedCommonNameLinks": { + "properties": { + "uri": { + "description": "The URI of this Trusted Common Name object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnBridgeTlsTrustedCommonNameResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonName" + }, + "links": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonNameLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridgeTlsTrustedCommonNamesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonName" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonNameLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnBridgesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnBridge" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnBridgeLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnCertMatchingRule": { + "properties": { + "enabled": { + "description": "Enable or disable a certificate matching rule. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "ruleName": { + "description": "The name of the rule.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnCertMatchingRuleAttributeFilter": { + "properties": { + "attributeName": { + "description": "Client Username Attribute to be tested. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "attributeValue": { + "description": "Expected attribute value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "filterName": { + "description": "The name of the filter.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "ruleName": { + "description": "The name of the rule.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnCertMatchingRuleAttributeFilterLinks": { + "properties": { + "uri": { + "description": "The URI of this Certificate Matching Rule Attribute Filter object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnCertMatchingRuleAttributeFilterResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilter" + }, + "links": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilterLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnCertMatchingRuleAttributeFiltersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilter" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilterLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnCertMatchingRuleCondition": { + "properties": { + "attribute": { + "description": "Client Username Attribute to be compared with certificate content. Either an attribute or an expression must be provided on creation, but not both. The default value is `\"\"`.", + "type": "string" + }, + "expression": { + "description": "Glob expression to be matched with certificate content. Either an expression or an attribute must be provided on creation, but not both. The default value is `\"\"`.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "ruleName": { + "description": "The name of the rule.", + "type": "string" + }, + "source": { + "description": "Certificate field to be compared with the Attribute. The allowed values and their meaning are:\n\n
\n\"certificate-thumbprint\" - The attribute is computed as the SHA-1 hash over the entire DER-encoded contents of the client certificate.\n\"common-name\" - The attribute is extracted from the certificate's first instance of the Common Name attribute in the Subject DN.\n\"common-name-last\" - The attribute is extracted from the certificate's last instance of the Common Name attribute in the Subject DN.\n\"subject-alternate-name-msupn\" - The attribute is extracted from the certificate's Other Name type of the Subject Alternative Name and must have the msUPN signature.\n\"uid\" - The attribute is extracted from the certificate's first instance of the User Identifier attribute in the Subject DN.\n\"uid-last\" - The attribute is extracted from the certificate's last instance of the User Identifier attribute in the Subject DN.\n\"org-unit\" - The attribute is extracted from the certificate's first instance of the Org Unit attribute in the Subject DN.\n\"org-unit-last\" - The attribute is extracted from the certificate's last instance of the Org Unit attribute in the Subject DN.\n\"issuer\" - The attribute is extracted from the certificate's Issuer DN.\n\"subject\" - The attribute is extracted from the certificate's Subject DN.\n\"serial-number\" - The attribute is extracted from the certificate's Serial Number.\n\"dns-name\" - The attribute is extracted from the certificate's Subject Alt Name DNS Name.\n\"ip-address\" - The attribute is extracted from the certificate's Subject Alt Name IP Address.\n
\n", + "enum": [ + "certificate-thumbprint", + "common-name", + "common-name-last", + "subject-alternate-name-msupn", + "uid", + "uid-last", + "org-unit", + "org-unit-last", + "issuer", + "subject", + "serial-number", + "dns-name", + "ip-address" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnCertMatchingRuleConditionLinks": { + "properties": { + "uri": { + "description": "The URI of this Certificate Matching Rule Condition object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnCertMatchingRuleConditionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleCondition" + }, + "links": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleConditionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnCertMatchingRuleConditionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleCondition" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleConditionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnCertMatchingRuleLinks": { + "properties": { + "attributeFiltersUri": { + "description": "The URI of this Certificate Matching Rule's collection of Certificate Matching Rule Attribute Filter objects. Available since 2.28.", + "type": "string" + }, + "conditionsUri": { + "description": "The URI of this Certificate Matching Rule's collection of Certificate Matching Rule Condition objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Certificate Matching Rule object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnCertMatchingRuleResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnCertMatchingRule" + }, + "links": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnCertMatchingRulesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnCertMatchingRule" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnClientProfile": { + "properties": { + "allowBridgeConnectionsEnabled": { + "description": "Enable or disable allowing Bridge clients using the Client Profile to connect. Changing this setting does not affect existing Bridge client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "allowCutThroughForwardingEnabled": { + "description": "Enable or disable allowing clients using the Client Profile to bind to endpoints with the cut-through forwarding delivery mode. Changing this value does not affect existing client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Deprecated since 2.22. This attribute has been deprecated. Please visit the Solace Product Lifecycle Policy web page for details on deprecated features.", + "type": "boolean" + }, + "allowGuaranteedEndpointCreateDurability": { + "description": "The types of Queues and Topic Endpoints that clients using the client-profile can create. Changing this value does not affect existing client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"all\"`. The allowed values and their meaning are:\n\n
\n\"all\" - Client can create any type of endpoint.\n\"durable\" - Client can create only durable endpoints.\n\"non-durable\" - Client can create only non-durable endpoints.\n
\n Available since 2.14.", + "enum": [ + "all", + "durable", + "non-durable" + ], + "type": "string" + }, + "allowGuaranteedEndpointCreateEnabled": { + "description": "Enable or disable allowing clients using the Client Profile to create topic endpoints or queues. Changing this value does not affect existing client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "allowGuaranteedMsgReceiveEnabled": { + "description": "Enable or disable allowing clients using the Client Profile to receive guaranteed messages. Changing this setting does not affect existing client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "allowGuaranteedMsgSendEnabled": { + "description": "Enable or disable allowing clients using the Client Profile to send guaranteed messages. Changing this setting does not affect existing client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "allowSharedSubscriptionsEnabled": { + "description": "Enable or disable allowing shared subscriptions. Changing this setting does not affect existing subscriptions. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.11.", + "type": "boolean" + }, + "allowTransactedSessionsEnabled": { + "description": "Enable or disable allowing clients using the Client Profile to establish transacted sessions. Changing this setting does not affect existing client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "apiQueueManagementCopyFromOnCreateName": { + "description": "The name of a queue to copy settings from when a new queue is created by a client using the Client Profile. The referenced queue must exist in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.14. This attribute has been replaced with `apiQueueManagementCopyFromOnCreateTemplateName`.", + "type": "string" + }, + "apiQueueManagementCopyFromOnCreateTemplateName": { + "description": "The name of a queue template to copy settings from when a new queue is created by a client using the Client Profile. If the referenced queue template does not exist, queue creation will fail when it tries to resolve this template. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.14.", + "type": "string" + }, + "apiTopicEndpointManagementCopyFromOnCreateName": { + "description": "The name of a topic endpoint to copy settings from when a new topic endpoint is created by a client using the Client Profile. The referenced topic endpoint must exist in the Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Deprecated since 2.14. This attribute has been replaced with `apiTopicEndpointManagementCopyFromOnCreateTemplateName`.", + "type": "string" + }, + "apiTopicEndpointManagementCopyFromOnCreateTemplateName": { + "description": "The name of a topic endpoint template to copy settings from when a new topic endpoint is created by a client using the Client Profile. If the referenced topic endpoint template does not exist, topic endpoint creation will fail when it tries to resolve this template. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.14.", + "type": "string" + }, + "clientProfileName": { + "description": "The name of the Client Profile.", + "type": "string" + }, + "compressionEnabled": { + "description": "Enable or disable allowing clients using the Client Profile to use compression. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.10.", + "type": "boolean" + }, + "elidingDelay": { + "description": "The amount of time to delay the delivery of messages to clients using the Client Profile after the initial message has been delivered (the eliding delay interval), in milliseconds. A value of 0 means there is no delay in delivering messages to clients. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "elidingEnabled": { + "description": "Enable or disable message eliding for clients using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "elidingMaxTopicCount": { + "description": "The maximum number of topics tracked for message eliding per client connection using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `256`.", + "format": "int64", + "type": "integer" + }, + "eventClientProvisionedEndpointSpoolUsageThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "eventConnectionCountPerClientUsernameThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventEgressFlowCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventEndpointCountPerClientUsernameThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventIngressFlowCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventServiceSmfConnectionCountPerClientUsernameThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventServiceWebConnectionCountPerClientUsernameThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventSubscriptionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventTransactedSessionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventTransactionCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "maxConnectionCountPerClientUsername": { + "description": "The maximum number of client connections per Client Username using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform.", + "format": "int64", + "type": "integer" + }, + "maxEgressFlowCount": { + "description": "The maximum number of transmit flows that can be created by one client using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxEndpointCountPerClientUsername": { + "description": "The maximum number of queues and topic endpoints that can be created by clients with the same Client Username using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxIngressFlowCount": { + "description": "The maximum number of receive flows that can be created by one client using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxMsgsPerTransaction": { + "description": "The maximum number of publisher and consumer messages combined that is allowed within a transaction for each client associated with this client-profile. Exceeding this limit will result in a transaction prepare or commit failure. Changing this value during operation will not affect existing sessions. It is only validated at transaction creation time. Large transactions consume more resources and are more likely to require retrieving messages from the ADB or from disk to process the transaction prepare or commit requests. The transaction processing rate may diminish if a large number of messages must be retrieved from the ADB or from disk. Care should be taken to not use excessively large transactions needlessly to avoid exceeding resource limits and to avoid reducing the overall broker performance. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `256`. Available since 2.20.", + "format": "int32", + "type": "integer" + }, + "maxSubscriptionCount": { + "description": "The maximum number of subscriptions per client using the Client Profile. This limit is not enforced when a client adds a subscription to an endpoint, except for MQTT QoS 1 subscriptions. In addition, this limit is not enforced when a subscription is added using a management interface, such as CLI or SEMP. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default varies by platform.", + "format": "int64", + "type": "integer" + }, + "maxTransactedSessionCount": { + "description": "The maximum number of transacted sessions that can be created by one client using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10`.", + "format": "int64", + "type": "integer" + }, + "maxTransactionCount": { + "description": "The maximum number of transactions that can be created by one client using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default varies by platform.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "queueControl1MaxDepth": { + "description": "The maximum depth of the \"Control 1\" (C-1) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "queueControl1MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Control 1\" (C-1) priority queue, regardless of the `queueControl1MaxDepth` value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "queueDirect1MaxDepth": { + "description": "The maximum depth of the \"Direct 1\" (D-1) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "queueDirect1MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Direct 1\" (D-1) priority queue, regardless of the `queueDirect1MaxDepth` value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "queueDirect2MaxDepth": { + "description": "The maximum depth of the \"Direct 2\" (D-2) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "queueDirect2MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Direct 2\" (D-2) priority queue, regardless of the `queueDirect2MaxDepth` value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "queueDirect3MaxDepth": { + "description": "The maximum depth of the \"Direct 3\" (D-3) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "queueDirect3MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Direct 3\" (D-3) priority queue, regardless of the `queueDirect3MaxDepth` value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `4`.", + "format": "int32", + "type": "integer" + }, + "queueGuaranteed1MaxDepth": { + "description": "The maximum depth of the \"Guaranteed 1\" (G-1) priority queue, in work units. Each work unit is 2048 bytes of message data. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `20000`.", + "format": "int32", + "type": "integer" + }, + "queueGuaranteed1MinMsgBurst": { + "description": "The number of messages that are always allowed entry into the \"Guaranteed 1\" (G-1) priority queue, regardless of the `queueGuaranteed1MaxDepth` value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `255`.", + "format": "int32", + "type": "integer" + }, + "rejectMsgToSenderOnNoSubscriptionMatchEnabled": { + "description": "Enable or disable the sending of a negative acknowledgment (NACK) to a client using the Client Profile when discarding a guaranteed message due to no matching subscription found. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.2.", + "type": "boolean" + }, + "replicationAllowClientConnectWhenStandbyEnabled": { + "description": "Enable or disable allowing clients using the Client Profile to connect to the Message VPN when its replication state is standby. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "serviceMinKeepaliveTimeout": { + "description": "The minimum client keepalive timeout which will be enforced for client connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `30`. Available since 2.19.", + "format": "int32", + "type": "integer" + }, + "serviceSmfMaxConnectionCountPerClientUsername": { + "description": "The maximum number of SMF client connections per Client Username using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform.", + "format": "int64", + "type": "integer" + }, + "serviceSmfMinKeepaliveEnabled": { + "description": "Enable or disable the enforcement of a minimum keepalive timeout for SMF clients. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.19.", + "type": "boolean" + }, + "serviceWebInactiveTimeout": { + "description": "The timeout for inactive Web Transport client sessions using the Client Profile, in seconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `30`.", + "format": "int64", + "type": "integer" + }, + "serviceWebMaxConnectionCountPerClientUsername": { + "description": "The maximum number of Web Transport client connections per Client Username using the Client Profile. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform.", + "format": "int64", + "type": "integer" + }, + "serviceWebMaxPayload": { + "description": "The maximum Web Transport payload size before fragmentation occurs for clients using the Client Profile, in bytes. The size of the header is not included. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000000`.", + "format": "int64", + "type": "integer" + }, + "tcpCongestionWindowSize": { + "description": "The TCP initial congestion window size for clients using the Client Profile, in multiples of the TCP Maximum Segment Size (MSS). Changing the value from its default of 2 results in non-compliance with RFC 2581. Contact support before changing this value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `2`.", + "format": "int64", + "type": "integer" + }, + "tcpKeepaliveCount": { + "description": "The number of TCP keepalive retransmissions to a client using the Client Profile before declaring that it is not available. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5`.", + "format": "int64", + "type": "integer" + }, + "tcpKeepaliveIdleTime": { + "description": "The amount of time a client connection using the Client Profile must remain idle before TCP begins sending keepalive probes, in seconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "tcpKeepaliveInterval": { + "description": "The amount of time between TCP keepalive retransmissions to a client using the Client Profile when no acknowledgment is received, in seconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int64", + "type": "integer" + }, + "tcpMaxSegmentSize": { + "description": "The TCP maximum segment size for clients using the Client Profile, in bytes. Changes are applied to all existing connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1460`.", + "format": "int64", + "type": "integer" + }, + "tcpMaxWindowSize": { + "description": "The TCP maximum window size for clients using the Client Profile, in kilobytes. Changes are applied to all existing connections. This setting is ignored on the software broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `256`.", + "format": "int64", + "type": "integer" + }, + "tlsAllowDowngradeToPlainTextEnabled": { + "description": "Enable or disable allowing a client using the Client Profile to downgrade an encrypted connection to plain text. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.8.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnClientProfileLinks": { + "properties": { + "uri": { + "description": "The URI of this Client Profile object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnClientProfileResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnClientProfile" + }, + "links": { + "$ref": "#/definitions/MsgVpnClientProfileLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnClientProfilesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnClientProfile" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnClientProfileLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnClientUsername": { + "properties": { + "aclProfileName": { + "description": "The ACL Profile of the Client Username. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "clientProfileName": { + "description": "The Client Profile of the Client Username. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "clientUsername": { + "description": "The name of the Client Username.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Client Username. When disabled, all clients currently connected as the Client Username are disconnected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "guaranteedEndpointPermissionOverrideEnabled": { + "description": "Enable or disable guaranteed endpoint permission override for the Client Username. When enabled all guaranteed endpoints may be accessed, modified or deleted with the same permission as the owner. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "password": { + "description": "The password for the Client Username. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "subscriptionManagerEnabled": { + "description": "Enable or disable the subscription management capability of the Client Username. This is the ability to manage subscriptions on behalf of other Client Usernames. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnClientUsernameAttribute": { + "properties": { + "attributeName": { + "description": "The name of the Attribute.", + "type": "string" + }, + "attributeValue": { + "description": "The value of the Attribute.", + "type": "string" + }, + "clientUsername": { + "description": "The name of the Client Username.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnClientUsernameAttributeLinks": { + "properties": { + "uri": { + "description": "The URI of this Client Username Attribute object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnClientUsernameAttributeResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnClientUsernameAttribute" + }, + "links": { + "$ref": "#/definitions/MsgVpnClientUsernameAttributeLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnClientUsernameAttributesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnClientUsernameAttribute" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnClientUsernameAttributeLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnClientUsernameLinks": { + "properties": { + "attributesUri": { + "description": "The URI of this Client Username's collection of Client Username Attribute objects. Available since 2.27.", + "type": "string" + }, + "uri": { + "description": "The URI of this Client Username object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnClientUsernameResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnClientUsername" + }, + "links": { + "$ref": "#/definitions/MsgVpnClientUsernameLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnClientUsernamesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnClientUsername" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnClientUsernameLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCache": { + "properties": { + "cacheName": { + "description": "The name of the Distributed Cache.", + "type": "string" + }, + "cacheVirtualRouter": { + "description": "The virtual router of the Distributed Cache. The default value is `\"auto\"`. The allowed values and their meaning are:\n\n
\n\"auto\" - The Distributed Cache is automatically assigned a virtual router at creation, depending on the broker's active-standby role.\n
\n Available since 2.28.", + "enum": [ + "auto" + ], + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Distributed Cache. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "heartbeat": { + "description": "The heartbeat interval, in seconds, used by the Cache Instances to monitor connectivity with the message broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "scheduledDeleteMsgDayList": { + "description": "The scheduled delete message day(s), specified as \"daily\" or a comma-separated list of days. Days must be specified as \"Sun\", \"Mon\", \"Tue\", \"Wed\", \"Thu\", \"Fri\", or \"Sat\", with no spaces, and in sorted order from Sunday to Saturday. The empty-string (\"\") can also be specified, indicating no schedule is configured (\"scheduledDeleteMsgTimeList\" must also be configured to the empty-string). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "scheduledDeleteMsgTimeList": { + "description": "The scheduled delete message time(s), specified as \"hourly\" or a comma-separated list of 24-hour times in the form hh:mm, or h:mm. There must be no spaces, and times (up to 4) must be in sorted order from 0:00 to 23:59. The empty-string (\"\") can also be specified, indicating no schedule is configured (\"scheduledDeleteMsgDayList\" must also be configured to the empty-string). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheCluster": { + "properties": { + "cacheName": { + "description": "The name of the Distributed Cache.", + "type": "string" + }, + "clusterName": { + "description": "The name of the Cache Cluster.", + "type": "string" + }, + "deliverToOneOverrideEnabled": { + "description": "Enable or disable deliver-to-one override for the Cache Cluster. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "enabled": { + "description": "Enable or disable the Cache Cluster. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "eventDataByteRateThreshold": { + "$ref": "#/definitions/EventThresholdByValue" + }, + "eventDataMsgRateThreshold": { + "$ref": "#/definitions/EventThresholdByValue" + }, + "eventMaxMemoryThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "eventMaxTopicsThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "eventRequestQueueDepthThreshold": { + "$ref": "#/definitions/EventThresholdByPercent" + }, + "eventRequestRateThreshold": { + "$ref": "#/definitions/EventThresholdByValue" + }, + "eventResponseRateThreshold": { + "$ref": "#/definitions/EventThresholdByValue" + }, + "globalCachingEnabled": { + "description": "Enable or disable global caching for the Cache Cluster. When enabled, the Cache Instances will fetch topics from remote Home Cache Clusters when requested, and subscribe to those topics to cache them locally. When disabled, the Cache Instances will remove all subscriptions and cached messages for topics from remote Home Cache Clusters. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "globalCachingHeartbeat": { + "description": "The heartbeat interval, in seconds, used by the Cache Instances to monitor connectivity with the remote Home Cache Clusters. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "globalCachingTopicLifetime": { + "description": "The topic lifetime, in seconds. If no client requests are received for a given global topic over the duration of the topic lifetime, then the Cache Instance will remove the subscription and cached messages for that topic. A value of 0 disables aging. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3600`.", + "format": "int64", + "type": "integer" + }, + "maxMemory": { + "description": "The maximum memory usage, in megabytes (MB), for each Cache Instance in the Cache Cluster. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `2048`.", + "format": "int64", + "type": "integer" + }, + "maxMsgsPerTopic": { + "description": "The maximum number of messages per topic for each Cache Instance in the Cache Cluster. When at the maximum, old messages are removed as new messages arrive. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int64", + "type": "integer" + }, + "maxRequestQueueDepth": { + "description": "The maximum queue depth for cache requests received by the Cache Cluster. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `100000`.", + "format": "int64", + "type": "integer" + }, + "maxTopicCount": { + "description": "The maximum number of topics for each Cache Instance in the Cache Cluster. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `2000000`.", + "format": "int64", + "type": "integer" + }, + "msgLifetime": { + "description": "The message lifetime, in seconds. If a message remains cached for the duration of its lifetime, the Cache Instance will remove the message. A lifetime of 0 results in the message being retained indefinitely. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "newTopicAdvertisementEnabled": { + "description": "Enable or disable the advertising, onto the message bus, of new topics learned by each Cache Instance in the Cache Cluster. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeCluster": { + "properties": { + "cacheName": { + "description": "The name of the Distributed Cache.", + "type": "string" + }, + "clusterName": { + "description": "The name of the Cache Cluster.", + "type": "string" + }, + "homeClusterName": { + "description": "The name of the remote Home Cache Cluster.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeClusterLinks": { + "properties": { + "topicPrefixesUri": { + "description": "The URI of this Home Cache Cluster's collection of Topic Prefix objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Home Cache Cluster object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeClusterResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeCluster" + }, + "links": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefix": { + "properties": { + "cacheName": { + "description": "The name of the Distributed Cache.", + "type": "string" + }, + "clusterName": { + "description": "The name of the Cache Cluster.", + "type": "string" + }, + "homeClusterName": { + "description": "The name of the remote Home Cache Cluster.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "topicPrefix": { + "description": "A topic prefix for global topics available from the remote Home Cache Cluster. A wildcard (/>) is implied at the end of the prefix.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixLinks": { + "properties": { + "uri": { + "description": "The URI of this Topic Prefix object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefix" + }, + "links": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefix" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterGlobalCachingHomeClustersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeCluster" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterInstance": { + "properties": { + "autoStartEnabled": { + "description": "Enable or disable auto-start for the Cache Instance. When enabled, the Cache Instance will automatically attempt to transition from the Stopped operational state to Up whenever it restarts or reconnects to the message broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "cacheName": { + "description": "The name of the Distributed Cache.", + "type": "string" + }, + "clusterName": { + "description": "The name of the Cache Cluster.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Cache Instance. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "instanceName": { + "description": "The name of the Cache Instance.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "stopOnLostMsgEnabled": { + "description": "Enable or disable stop-on-lost-message for the Cache Instance. When enabled, the Cache Instance will transition to the stopped operational state upon losing a message. When stopped, it cannot accept or respond to cache requests, but continues to cache messages. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterInstanceLinks": { + "properties": { + "uri": { + "description": "The URI of this Cache Instance object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterInstanceResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstance" + }, + "links": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstanceLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterInstancesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstance" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstanceLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterLinks": { + "properties": { + "globalCachingHomeClustersUri": { + "description": "The URI of this Cache Cluster's collection of Home Cache Cluster objects.", + "type": "string" + }, + "instancesUri": { + "description": "The URI of this Cache Cluster's collection of Cache Instance objects.", + "type": "string" + }, + "topicsUri": { + "description": "The URI of this Cache Cluster's collection of Topic objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Cache Cluster object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnDistributedCacheCluster" + }, + "links": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterTopic": { + "properties": { + "cacheName": { + "description": "The name of the Distributed Cache.", + "type": "string" + }, + "clusterName": { + "description": "The name of the Cache Cluster.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "topic": { + "description": "The value of the Topic in the form a/b/c.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterTopicLinks": { + "properties": { + "uri": { + "description": "The URI of this Topic object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheClusterTopicResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopic" + }, + "links": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopicLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClusterTopicsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopic" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopicLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheClustersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheCluster" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCacheLinks": { + "properties": { + "clustersUri": { + "description": "The URI of this Distributed Cache's collection of Cache Cluster objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Distributed Cache object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDistributedCacheResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnDistributedCache" + }, + "links": { + "$ref": "#/definitions/MsgVpnDistributedCacheLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDistributedCachesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCache" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnDistributedCacheLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDmrBridge": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "remoteMsgVpnName": { + "description": "The remote Message VPN of the DMR Bridge. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "remoteNodeName": { + "description": "The name of the node at the remote end of the DMR Bridge.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDmrBridgeLinks": { + "properties": { + "uri": { + "description": "The URI of this DMR Bridge object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnDmrBridgeResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnDmrBridge" + }, + "links": { + "$ref": "#/definitions/MsgVpnDmrBridgeLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnDmrBridgesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnDmrBridge" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnDmrBridgeLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnJndiConnectionFactoriesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactory" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactoryLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnJndiConnectionFactory": { + "properties": { + "allowDuplicateClientIdEnabled": { + "description": "Enable or disable whether new JMS connections can use the same Client identifier (ID) as an existing connection. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.3.", + "type": "boolean" + }, + "clientDescription": { + "description": "The description of the Client. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "clientId": { + "description": "The Client identifier (ID). If not specified, a unique value for it will be generated. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "connectionFactoryName": { + "description": "The name of the JMS Connection Factory.", + "type": "string" + }, + "dtoReceiveOverrideEnabled": { + "description": "Enable or disable overriding by the Subscriber (Consumer) of the deliver-to-one (DTO) property on messages. When enabled, the Subscriber can receive all DTO tagged messages. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "dtoReceiveSubscriberLocalPriority": { + "description": "The priority for receiving deliver-to-one (DTO) messages by the Subscriber (Consumer) if the messages are published on the local broker that the Subscriber is directly connected to. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "dtoReceiveSubscriberNetworkPriority": { + "description": "The priority for receiving deliver-to-one (DTO) messages by the Subscriber (Consumer) if the messages are published on a remote broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "dtoSendEnabled": { + "description": "Enable or disable the deliver-to-one (DTO) property on messages sent by the Publisher (Producer). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "dynamicEndpointCreateDurableEnabled": { + "description": "Enable or disable whether a durable endpoint will be dynamically created on the broker when the client calls \"Session.createDurableSubscriber()\" or \"Session.createQueue()\". The created endpoint respects the message time-to-live (TTL) according to the \"dynamicEndpointRespectTtlEnabled\" property. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "dynamicEndpointRespectTtlEnabled": { + "description": "Enable or disable whether dynamically created durable and non-durable endpoints respect the message time-to-live (TTL) property. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "guaranteedReceiveAckTimeout": { + "description": "The timeout for sending the acknowledgment (ACK) for guaranteed messages received by the Subscriber (Consumer), in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int32", + "type": "integer" + }, + "guaranteedReceiveReconnectRetryCount": { + "description": "The maximum number of attempts to reconnect to the host or list of hosts after the guaranteed messaging connection has been lost. The value \"-1\" means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `-1`. Available since 2.14.", + "format": "int32", + "type": "integer" + }, + "guaranteedReceiveReconnectRetryWait": { + "description": "The amount of time to wait before making another attempt to connect or reconnect to the host after the guaranteed messaging connection has been lost, in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3000`. Available since 2.14.", + "format": "int32", + "type": "integer" + }, + "guaranteedReceiveWindowSize": { + "description": "The size of the window for guaranteed messages received by the Subscriber (Consumer), in messages. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `18`.", + "format": "int32", + "type": "integer" + }, + "guaranteedReceiveWindowSizeAckThreshold": { + "description": "The threshold for sending the acknowledgment (ACK) for guaranteed messages received by the Subscriber (Consumer) as a percentage of `guaranteedReceiveWindowSize`. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `60`.", + "format": "int32", + "type": "integer" + }, + "guaranteedSendAckTimeout": { + "description": "The timeout for receiving the acknowledgment (ACK) for guaranteed messages sent by the Publisher (Producer), in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `2000`.", + "format": "int32", + "type": "integer" + }, + "guaranteedSendWindowSize": { + "description": "The size of the window for non-persistent guaranteed messages sent by the Publisher (Producer), in messages. For persistent messages the window size is fixed at 1. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `255`.", + "format": "int32", + "type": "integer" + }, + "messagingDefaultDeliveryMode": { + "description": "The default delivery mode for messages sent by the Publisher (Producer). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"persistent\"`. The allowed values and their meaning are:\n\n
\n\"persistent\" - The broker spools messages (persists in the Message Spool) as part of the send operation.\n\"non-persistent\" - The broker does not spool messages (does not persist in the Message Spool) as part of the send operation.\n
\n", + "enum": [ + "persistent", + "non-persistent" + ], + "type": "string" + }, + "messagingDefaultDmqEligibleEnabled": { + "description": "Enable or disable whether messages sent by the Publisher (Producer) are Dead Message Queue (DMQ) eligible by default. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "messagingDefaultElidingEligibleEnabled": { + "description": "Enable or disable whether messages sent by the Publisher (Producer) are Eliding eligible by default. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "messagingJmsxUserIdEnabled": { + "description": "Enable or disable inclusion (adding or replacing) of the JMSXUserID property in messages sent by the Publisher (Producer). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "messagingTextInXmlPayloadEnabled": { + "description": "Enable or disable encoding of JMS text messages in Publisher (Producer) messages as XML payload. When disabled, JMS text messages are encoded as a binary attachment. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "transportCompressionLevel": { + "description": "The ZLIB compression level for the connection to the broker. The value \"0\" means no compression, and the value \"-1\" means the compression level is specified in the JNDI Properties file. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `-1`.", + "format": "int32", + "type": "integer" + }, + "transportConnectRetryCount": { + "description": "The maximum number of retry attempts to establish an initial connection to the host or list of hosts. The value \"0\" means a single attempt (no retries), and the value \"-1\" means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int32", + "type": "integer" + }, + "transportConnectRetryPerHostCount": { + "description": "The maximum number of retry attempts to establish an initial connection to each host on the list of hosts. The value \"0\" means a single attempt (no retries), and the value \"-1\" means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int32", + "type": "integer" + }, + "transportConnectTimeout": { + "description": "The timeout for establishing an initial connection to the broker, in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `30000`.", + "format": "int32", + "type": "integer" + }, + "transportDirectTransportEnabled": { + "description": "Enable or disable usage of Direct Transport mode. When enabled, NON-PERSISTENT messages are sent as direct messages and non-durable topic consumers and temporary queue consumers consume using direct subscriptions rather than from guaranteed endpoints. If disabled all messaging uses guaranteed transport. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "transportKeepaliveCount": { + "description": "The maximum number of consecutive application-level keepalive messages sent without the broker response before the connection to the broker is closed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int32", + "type": "integer" + }, + "transportKeepaliveEnabled": { + "description": "Enable or disable usage of application-level keepalive messages to maintain a connection with the broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "transportKeepaliveInterval": { + "description": "The interval between application-level keepalive messages, in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3000`.", + "format": "int32", + "type": "integer" + }, + "transportMsgCallbackOnIoThreadEnabled": { + "description": "Enable or disable delivery of asynchronous messages directly from the I/O thread. Contact support before enabling this property. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "transportOptimizeDirectEnabled": { + "description": "Enable or disable optimization for the Direct Transport delivery mode. If enabled, the client application is limited to one Publisher (Producer) and one non-durable Subscriber (Consumer). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "transportPort": { + "description": "The connection port number on the broker for SMF clients. The value \"-1\" means the port is specified in the JNDI Properties file. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `-1`.", + "format": "int32", + "type": "integer" + }, + "transportReadTimeout": { + "description": "The timeout for reading a reply from the broker, in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000`.", + "format": "int32", + "type": "integer" + }, + "transportReceiveBufferSize": { + "description": "The size of the receive socket buffer, in bytes. It corresponds to the SO_RCVBUF socket option. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `65536`.", + "format": "int32", + "type": "integer" + }, + "transportReconnectRetryCount": { + "description": "The maximum number of attempts to reconnect to the host or list of hosts after the connection has been lost. The value \"-1\" means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int32", + "type": "integer" + }, + "transportReconnectRetryWait": { + "description": "The amount of time before making another attempt to connect or reconnect to the host after the connection has been lost, in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3000`.", + "format": "int32", + "type": "integer" + }, + "transportSendBufferSize": { + "description": "The size of the send socket buffer, in bytes. It corresponds to the SO_SNDBUF socket option. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `65536`.", + "format": "int32", + "type": "integer" + }, + "transportTcpNoDelayEnabled": { + "description": "Enable or disable the TCP_NODELAY option. When enabled, Nagle's algorithm for TCP/IP congestion control (RFC 896) is disabled. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "xaEnabled": { + "description": "Enable or disable this as an XA Connection Factory. When enabled, the Connection Factory can be cast to \"XAConnectionFactory\", \"XAQueueConnectionFactory\" or \"XATopicConnectionFactory\". Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnJndiConnectionFactoryLinks": { + "properties": { + "uri": { + "description": "The URI of this JNDI Connection Factory object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnJndiConnectionFactoryResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactory" + }, + "links": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactoryLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnJndiQueue": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "physicalName": { + "description": "The physical name of the JMS Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "queueName": { + "description": "The JNDI name of the JMS Queue.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnJndiQueueLinks": { + "properties": { + "uri": { + "description": "The URI of this JNDI Queue object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnJndiQueueResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnJndiQueue" + }, + "links": { + "$ref": "#/definitions/MsgVpnJndiQueueLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnJndiQueuesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnJndiQueue" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnJndiQueueLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnJndiTopic": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "physicalName": { + "description": "The physical name of the JMS Topic. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "topicName": { + "description": "The JNDI name of the JMS Topic.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnJndiTopicLinks": { + "properties": { + "uri": { + "description": "The URI of this JNDI Topic object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnJndiTopicResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnJndiTopic" + }, + "links": { + "$ref": "#/definitions/MsgVpnJndiTopicLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnJndiTopicsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnJndiTopic" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnJndiTopicLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaReceiver": { + "properties": { + "authenticationBasicPassword": { + "description": "The password for the Username. To be used when authenticationScheme is \"basic\". This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationBasicUsername": { + "description": "The username the Kafka Receiver uses to login to the remote Kafka broker. To be used when authenticationScheme is \"basic\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationClientCertContent": { + "description": "The PEM formatted content for the client certificate used by the Kafka Receiver to login to the remote Kafka broker. To be used when authenticationScheme is \"client-certificate\". Alternatively this will be used for other values of authenticationScheme when the Kafka Broker has an `ssl.client.auth` setting of \"requested\" or \"required\" and KIP-684 (mTLS) is supported by the Kafka Broker. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`.", + "type": "string" + }, + "authenticationClientCertPassword": { + "description": "The password for the client certificate. To be used when authenticationScheme is \"client-certificate\". Alternatively this will be used for other values of authenticationScheme when the Kafka Broker has an `ssl.client.auth` setting of \"requested\" or \"required\" and KIP-684 (mTLS) is supported by the Kafka Broker. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`.", + "type": "string" + }, + "authenticationKerberosKeytabContent": { + "description": "The base64-encoded content of this User Principal's keytab. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationKerberosKeytabFileName": { + "description": "The name of this User Principal's keytab file. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationKerberosServiceName": { + "description": "The Kerberos service name of the remote Kafka broker, not including /hostname@REALM. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationKerberosUserPrincipalName": { + "description": "The Kerberos user principal name of the Kafka Receiver. This must include the @<REALM> suffix. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationOauthClientId": { + "description": "The OAuth client ID. To be used when authenticationScheme is \"oauth-client\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationOauthClientScope": { + "description": "The OAuth scope. To be used when authenticationScheme is \"oauth-client\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationOauthClientSecret": { + "description": "The OAuth client secret. To be used when authenticationScheme is \"oauth-client\". This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationOauthClientTokenEndpoint": { + "description": "The OAuth token endpoint URL that the Kafka Receiver will use to request a token for login to the Kafka broker. Must begin with \"https\". To be used when authenticationScheme is \"oauth-client\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationScheme": { + "description": "The authentication scheme for the Kafka Receiver. The bootstrap addresses must resolve to an appropriately configured and compatible listener port on the Kafka Broker for the given scheme. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - Anonymous Authentication. Used with Kafka Broker PLAINTEXT listener ports.\n\"basic\" - Basic Authentication. Used with Kafka Broker SASL_PLAINTEXT and SASL_SSL listener ports.\n\"scram\" - Salted Challenge Response Authentication. Used with Kafka Broker SASL_PLAINTEXT and SASL_SSL listener ports.\n\"client-certificate\" - Client Certificate Authentication. Used with Kafka Broker SSL listener ports.\n\"kerberos\" - Kerberos Authentication.\n\"oauth-client\" - Oauth Authentication. Used with Kafka Broker SASL_SSL listener ports.\n
\n", + "enum": [ + "none", + "basic", + "scram", + "client-certificate", + "kerberos", + "oauth-client" + ], + "type": "string" + }, + "authenticationScramHash": { + "description": "The hash used for SCRAM authentication. To be used when authenticationScheme is \"scram\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"sha-512\"`. The allowed values and their meaning are:\n\n
\n\"sha-256\" - SHA-2 256 bits.\n\"sha-512\" - SHA-2 512 bits.\n
\n", + "enum": [ + "sha-256", + "sha-512" + ], + "type": "string" + }, + "authenticationScramPassword": { + "description": "The password for the Username. To be used when authenticationScheme is \"scram\". This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationScramUsername": { + "description": "The username the Kafka Receiver uses to login to the remote Kafka broker. To be used when authenticationScheme is \"scram\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "batchDelay": { + "description": "Delay (in ms) to wait to accumulate a batch of messages to receive. Batching is done on a per-partition basis.\n\nThis corresponds to the Kafka consumer API `fetch.max.wait.ms` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `500`.", + "format": "int32", + "type": "integer" + }, + "batchMaxSize": { + "description": "Maximum size of a message batch, in bytes (B). Batching is done on a per-partition basis.\n\nThis corresponds to the Kafka consumer API `fetch.min.bytes` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "bootstrapAddressList": { + "description": "Comma separated list of addresses (and optional ports) of brokers in the Kafka Cluster from which the state of the entire Kafka Cluster can be learned. If a port is not provided with an address it will default to 9092.\n\nThis corresponds to the Kafka consumer API `bootstrap.servers` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Kafka Receiver. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "groupId": { + "description": "The id of the Kafka consumer group for the Receiver.\n\nThis corresponds to the Kafka consumer API `group.id` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "groupKeepaliveInterval": { + "description": "The time (in ms) between sending keepalives to the group.\n\nThis corresponds to the Kafka consumer API `heartbeat.interval.ms` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3000`.", + "format": "int32", + "type": "integer" + }, + "groupKeepaliveTimeout": { + "description": "The time (in ms) until unresponsive group members are removed, triggering a partition rebalance across other members of the group.\n\nThis corresponds to the Kafka consumer API `session.timeout.ms` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `45000`.", + "format": "int32", + "type": "integer" + }, + "groupMembershipType": { + "description": "The membership type of the Kafka consumer group for the Receiver. Static members can leave and rejoin the group (within groupKeepaliveTimeout) without prompting a group rebalance.\n\nThis corresponds to the Kafka consumer API `group.instance.id` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"dynamic\"`. The allowed values and their meaning are:\n\n
\n\"dynamic\" - Dynamic Membership.\n\"static\" - Static Membership.\n
\n", + "enum": [ + "dynamic", + "static" + ], + "type": "string" + }, + "groupPartitionSchemeList": { + "description": "The ordered, comma-separated list of schemes used for partition assignment of the consumer group for this Receiver. Both Eager (\"range\", \"roundrobin\") and Cooperative (\"cooperative-sticky\") schemes are supported. The elected group leader will choose the first common strategy provided by all members of the group. Eager and Cooperative schemes must not be mixed. For more information on these schemes, see Kafka documentation.\n\nThis corresponds to the Kafka consumer API `partition.assignment.strategy` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"range,roundrobin\"`.", + "type": "string" + }, + "kafkaReceiverName": { + "description": "The name of the Kafka Receiver.", + "type": "string" + }, + "metadataTopicExcludeList": { + "description": "A comma-separated list of POSIX.2 regular expressions. Commas within each regular expression must be escaped as double commas. Any matching topic names will be ignored in broker metadata. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "metadataTopicRefreshInterval": { + "description": "The time between refreshes of topic metadata from the Kafka Cluster. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `30000`.", + "format": "int32", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "transportTlsEnabled": { + "description": "Enable or disable encryption (TLS) for the Kafka Receiver. The bootstrap addresses must resolve to PLAINTEXT or SASL_PLAINTEXT listener ports when disabled, and SSL or SASL_SSL listener ports when enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnKafkaReceiverLinks": { + "properties": { + "topicBindingsUri": { + "description": "The URI of this Kafka Receiver's collection of Topic Binding objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Kafka Receiver object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnKafkaReceiverResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnKafkaReceiver" + }, + "links": { + "$ref": "#/definitions/MsgVpnKafkaReceiverLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaReceiverTopicBinding": { + "properties": { + "enabled": { + "description": "Enable or disable this topic binding of the Kafka Receiver. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "initialOffset": { + "description": "The initial offset to consume from the Kafka Topic if no member of the group has consumed and committed any offset already, or if the last committed offset has been deleted. Offsets are unique per partition.\n\nThis corresponds to the Kafka consumer API `auto.offset.reset` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"end\"`. The allowed values and their meaning are:\n\n
\n\"beginning\" - Start with the earliest offset available.\n\"end\" - Start with new offsets only.\n
\n", + "enum": [ + "beginning", + "end" + ], + "type": "string" + }, + "kafkaReceiverName": { + "description": "The name of the Kafka Receiver.", + "type": "string" + }, + "localKey": { + "description": "The Substitution Expression used to generate the key for each message received from Kafka. This expression can include fields extracted from the metadata of each individual Kafka message as it is received from the Kafka Topic.\n\nIf empty, no key is included for each message as it is published into Solace.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "localTopic": { + "description": "The Substitution Expression used to generate the Solace Topic for each message received from Kafka. This expression can include data extracted from the metadata of each individual Kafka message as it is received from the Kafka Topic.\n\nIf empty, the Topic Binding will not be operational.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "topicName": { + "description": "The name of the Topic or a POSIX.2 regular expression starting with '^'.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnKafkaReceiverTopicBindingLinks": { + "properties": { + "uri": { + "description": "The URI of this Topic Binding object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnKafkaReceiverTopicBindingResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBinding" + }, + "links": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBindingLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaReceiverTopicBindingsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBinding" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBindingLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaReceiversResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaReceiver" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaReceiverLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaSender": { + "properties": { + "authenticationBasicPassword": { + "description": "The password for the Username. To be used when authenticationScheme is \"basic\". This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationBasicUsername": { + "description": "The username the Kafka Sender uses to login to the remote Kafka broker. To be used when authenticationScheme is \"basic\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationClientCertContent": { + "description": "The PEM formatted content for the client certificate used by the Kafka Sender to login to the remote Kafka broker. To be used when authenticationScheme is \"client-certificate\". Alternatively this will be used for other values of authenticationScheme when the Kafka Broker has an `ssl.client.auth` setting of \"requested\" or \"required\" and KIP-684 (mTLS) is supported by the Kafka Broker. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`.", + "type": "string" + }, + "authenticationClientCertPassword": { + "description": "The password for the client certificate. To be used when authenticationScheme is \"client-certificate\". Alternatively this will be used for other values of authenticationScheme when the Kafka Broker has an `ssl.client.auth` setting of \"requested\" or \"required\" and KIP-684 (mTLS) is supported by the Kafka Broker. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`.", + "type": "string" + }, + "authenticationKerberosKeytabContent": { + "description": "The base64-encoded content of this User Principal's keytab. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationKerberosKeytabFileName": { + "description": "The name of this User Principal's keytab file. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationKerberosServiceName": { + "description": "The Kerberos service name of the remote Kafka broker, not including /hostname@REALM. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationKerberosUserPrincipalName": { + "description": "The Kerberos user principal name of the Kafka Sender. This must include the @<REALM> suffix. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.40.", + "type": "string" + }, + "authenticationOauthClientId": { + "description": "The OAuth client ID. To be used when authenticationScheme is \"oauth-client\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationOauthClientScope": { + "description": "The OAuth scope. To be used when authenticationScheme is \"oauth-client\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationOauthClientSecret": { + "description": "The OAuth client secret. To be used when authenticationScheme is \"oauth-client\". This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationOauthClientTokenEndpoint": { + "description": "The OAuth token endpoint URL that the Kafka Sender will use to request a token for login to the Kafka broker. Must begin with \"https\". To be used when authenticationScheme is \"oauth-client\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationScheme": { + "description": "The authentication scheme for the Kafka Sender. The bootstrap addresses must resolve to an appropriately configured and compatible listener port on the Kafka Broker for the given scheme. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - Anonymous Authentication. Used with Kafka Broker PLAINTEXT listener ports.\n\"basic\" - Basic Authentication. Used with Kafka Broker SASL_PLAINTEXT and SASL_SSL listener ports.\n\"scram\" - Salted Challenge Response Authentication. Used with Kafka Broker SASL_PLAINTEXT and SASL_SSL listener ports.\n\"client-certificate\" - Client Certificate Authentication. Used with Kafka Broker SSL listener ports.\n\"kerberos\" - Kerberos Authentication.\n\"oauth-client\" - Oauth Authentication. Used with Kafka Broker SASL_SSL listener ports.\n
\n", + "enum": [ + "none", + "basic", + "scram", + "client-certificate", + "kerberos", + "oauth-client" + ], + "type": "string" + }, + "authenticationScramHash": { + "description": "The hash used for SCRAM authentication. To be used when authenticationScheme is \"scram\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"sha-512\"`. The allowed values and their meaning are:\n\n
\n\"sha-256\" - SHA-2 256 bits.\n\"sha-512\" - SHA-2 512 bits.\n
\n", + "enum": [ + "sha-256", + "sha-512" + ], + "type": "string" + }, + "authenticationScramPassword": { + "description": "The password for the Username. To be used when authenticationScheme is \"scram\". This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationScramUsername": { + "description": "The username the Kafka Sender uses to login to the remote Kafka broker. To be used when authenticationScheme is \"scram\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "batchDelay": { + "description": "Delay (in ms) to wait to accumulate a batch of messages to send. Batching is done for all Senders on a per-partition basis.\n\nThis corresponds to the Kafka producer API `linger.ms` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5`.", + "format": "int32", + "type": "integer" + }, + "batchMaxMsgCount": { + "description": "Maximum number of messages sent in a single batch. Batching is done for all Senders on a per-partition basis. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000`.", + "format": "int32", + "type": "integer" + }, + "batchMaxSize": { + "description": "Maximum size of a message batch, in bytes (B). Batching is done for all Senders on a per-partition basis.\n\nThis corresponds to the Kafka producer API `batch.size` configuration setting, and should not exceed either the Kafka broker `message.max.bytes` configuration setting, or the per-Topic override of `max.message.bytes`.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000000`.", + "format": "int32", + "type": "integer" + }, + "bootstrapAddressList": { + "description": "Comma separated list of addresses (and optional ports) of brokers in the Kafka Cluster from which the state of the entire Kafka Cluster can be learned. If a port is not provided with an address it will default to 9092.\n\nThis corresponds to the Kafka producer API `bootstrap.servers` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the Kafka Sender. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "idempotenceEnabled": { + "description": "Enable or disable idempotence for the Kafka Sender. Idempotence guarantees in order at-least-once message delivery to the remote Kafka Topic, at the expense of performance. When idempotence is enabled the Queue Bindings of the Kafka Sender must have ackMode of \"all\" to be operational.\n\nThis corresponds to the Kafka producer API `enable.idempotence` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "kafkaSenderName": { + "description": "The name of the Kafka Sender.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "transportCompressionEnabled": { + "description": "Enable or disable compression for the Kafka Sender. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "transportCompressionLevel": { + "description": "Compression level. The valid range is dependent on the compression type.\n\nThis corresponds to the Kafka producer API `compression.level` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `-1`.", + "format": "int32", + "type": "integer" + }, + "transportCompressionType": { + "description": "Compression type. Only relevant if compression is enabled.\n\nThis corresponds to the Kafka producer API `compression.type` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"gzip\"`. The allowed values and their meaning are:\n\n
\n\"gzip\" - GZIP Compression.\n\"snappy\" - Snappy Compression.\n\"lz4\" - LZ4 Compression.\n\"zstd\" - Zstandard Compression.\n
\n", + "enum": [ + "gzip", + "snappy", + "lz4", + "zstd" + ], + "type": "string" + }, + "transportTlsEnabled": { + "description": "Enable or disable encryption (TLS) for the Kafka Sender. The bootstrap addresses must resolve to PLAINTEXT or SASL_PLAINTEXT listener ports when disabled, and SSL or SASL_SSL listener ports when enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnKafkaSenderLinks": { + "properties": { + "queueBindingsUri": { + "description": "The URI of this Kafka Sender's collection of Queue Binding objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Kafka Sender object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnKafkaSenderQueueBinding": { + "properties": { + "ackMode": { + "description": "The number of acks required from the remote Kafka Broker. When \"none\" messages are delivered at-most-once. When \"one\" or \"all\" messages are delivered at-least-once but may be reordered. This must be configured as \"all\" for an idempotent Kafka Sender, otherwise the Queue Binding will be operationally down.\n\nThis corresponds to the Kafka producer API `acks` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"all\"`. The allowed values and their meaning are:\n\n
\n\"none\" - No Acks.\n\"one\" - Leader Ack Only.\n\"all\" - All Replica Acks.\n
\n", + "enum": [ + "none", + "one", + "all" + ], + "type": "string" + }, + "enabled": { + "description": "Enable or disable this queue binding of the Kafka Sender. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "kafkaSenderName": { + "description": "The name of the Kafka Sender.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "partitionConsistentHash": { + "description": "The hash algorithm to use for consistent partition selection. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"crc\"`. The allowed values and their meaning are:\n\n
\n\"crc\" - CRC Hash.\n\"murmur2\" - Murmer2 Hash.\n\"fnv1a\" - Fowler-Noll-Vo 1a Hash.\n
\n", + "enum": [ + "crc", + "murmur2", + "fnv1a" + ], + "type": "string" + }, + "partitionExplicitNumber": { + "description": "The partition number to use for explicit partition selection. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "partitionRandomFallbackEnabled": { + "description": "Enable or disable fallback to the random partition selection scheme when the consistent partition scheme is being used but no partition key is available for the message. When enabled a random partition will be selected for each unkeyed messages, otherwise some partition will be selected for groups of unkeyed messages. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "partitionScheme": { + "description": "The partitioning scheme used to select a partition of the topic on the Kafka cluster to send messages to.\n\nThis corresponds to the Kafka producer API `partitioner.class` configuration setting.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"consistent\"`. The allowed values and their meaning are:\n\n
\n\"consistent\" - Select a consistent partition for each key value. A hash of the key will be used to select the partition number.\n\"explicit\" - Select an explicit partition independent of key value.\n\"random\" - Select a random partition independent of key value.\n
\n", + "enum": [ + "consistent", + "explicit", + "random" + ], + "type": "string" + }, + "queueName": { + "description": "The name of the Queue.", + "type": "string" + }, + "remoteKey": { + "description": "The Substitution Expression used to generate the key for each message sent to Kafka. This expression can include fields extracted from the metadata of each individual Solace message as it is taken from the Solace Queue.\n\nIf empty, no key is included for each message as it is published into Kafka.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "remoteTopic": { + "description": "The Kafka Topic on the Kafka Cluster to send each message taken from the Solace Queue to.\n\nIf empty, the Queue Binding will not be operational.\n\nModifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnKafkaSenderQueueBindingLinks": { + "properties": { + "uri": { + "description": "The URI of this Queue Binding object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnKafkaSenderQueueBindingResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBinding" + }, + "links": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBindingLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaSenderQueueBindingsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBinding" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBindingLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaSenderResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnKafkaSender" + }, + "links": { + "$ref": "#/definitions/MsgVpnKafkaSenderLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnKafkaSendersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaSender" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnKafkaSenderLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnLinks": { + "properties": { + "aclProfilesUri": { + "description": "The URI of this Message VPN's collection of ACL Profile objects.", + "type": "string" + }, + "authenticationKerberosRealmsUri": { + "description": "The URI of this Message VPN's collection of Realm objects. Available since 2.40.", + "type": "string" + }, + "authenticationOauthProfilesUri": { + "description": "The URI of this Message VPN's collection of OAuth Profile objects. Available since 2.25.", + "type": "string" + }, + "authenticationOauthProvidersUri": { + "description": "The URI of this Message VPN's collection of OAuth Provider objects. Deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "type": "string" + }, + "authorizationGroupsUri": { + "description": "The URI of this Message VPN's collection of Authorization Group objects.", + "type": "string" + }, + "bridgesUri": { + "description": "The URI of this Message VPN's collection of Bridge objects.", + "type": "string" + }, + "certMatchingRulesUri": { + "description": "The URI of this Message VPN's collection of Certificate Matching Rule objects. Available since 2.27.", + "type": "string" + }, + "clientProfilesUri": { + "description": "The URI of this Message VPN's collection of Client Profile objects.", + "type": "string" + }, + "clientUsernamesUri": { + "description": "The URI of this Message VPN's collection of Client Username objects.", + "type": "string" + }, + "distributedCachesUri": { + "description": "The URI of this Message VPN's collection of Distributed Cache objects. Available since 2.11.", + "type": "string" + }, + "dmrBridgesUri": { + "description": "The URI of this Message VPN's collection of DMR Bridge objects. Available since 2.11.", + "type": "string" + }, + "jndiConnectionFactoriesUri": { + "description": "The URI of this Message VPN's collection of JNDI Connection Factory objects. Available since 2.2.", + "type": "string" + }, + "jndiQueuesUri": { + "description": "The URI of this Message VPN's collection of JNDI Queue objects. Available since 2.2.", + "type": "string" + }, + "jndiTopicsUri": { + "description": "The URI of this Message VPN's collection of JNDI Topic objects. Available since 2.2.", + "type": "string" + }, + "kafkaReceiversUri": { + "description": "The URI of this Message VPN's collection of Kafka Receiver objects. Available since 2.36.", + "type": "string" + }, + "kafkaSendersUri": { + "description": "The URI of this Message VPN's collection of Kafka Sender objects. Available since 2.36.", + "type": "string" + }, + "mqttRetainCachesUri": { + "description": "The URI of this Message VPN's collection of MQTT Retain Cache objects. Available since 2.11.", + "type": "string" + }, + "mqttSessionsUri": { + "description": "The URI of this Message VPN's collection of MQTT Session objects. Available since 2.1.", + "type": "string" + }, + "proxiesUri": { + "description": "The URI of this Message VPN's collection of Proxy objects. Available since 2.36.", + "type": "string" + }, + "queueTemplatesUri": { + "description": "The URI of this Message VPN's collection of Queue Template objects. Available since 2.14.", + "type": "string" + }, + "queuesUri": { + "description": "The URI of this Message VPN's collection of Queue objects.", + "type": "string" + }, + "replayLogsUri": { + "description": "The URI of this Message VPN's collection of Replay Log objects. Available since 2.10.", + "type": "string" + }, + "replicatedTopicsUri": { + "description": "The URI of this Message VPN's collection of Replicated Topic objects. Available since 2.1.", + "type": "string" + }, + "restDeliveryPointsUri": { + "description": "The URI of this Message VPN's collection of REST Delivery Point objects.", + "type": "string" + }, + "sequencedTopicsUri": { + "description": "The URI of this Message VPN's collection of Sequenced Topic objects.", + "type": "string" + }, + "telemetryProfilesUri": { + "description": "The URI of this Message VPN's collection of Telemetry Profile objects. Available since 2.31.", + "type": "string" + }, + "topicEndpointTemplatesUri": { + "description": "The URI of this Message VPN's collection of Topic Endpoint Template objects. Available since 2.14.", + "type": "string" + }, + "topicEndpointsUri": { + "description": "The URI of this Message VPN's collection of Topic Endpoint objects. Available since 2.1.", + "type": "string" + }, + "uri": { + "description": "The URI of this Message VPN object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnMqttRetainCache": { + "properties": { + "cacheName": { + "description": "The name of the MQTT Retain Cache.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable this MQTT Retain Cache. When the cache is disabled, neither retain messages nor retain requests will be delivered by the cache. However, live retain messages will continue to be delivered to currently connected MQTT clients. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgLifetime": { + "description": "The message lifetime, in seconds. If a message remains cached for the duration of its lifetime, the cache will remove the message. A lifetime of 0 results in the message being retained indefinitely, otherwise it must be 3 seconds or more. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnMqttRetainCacheLinks": { + "properties": { + "uri": { + "description": "The URI of this MQTT Retain Cache object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnMqttRetainCacheResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnMqttRetainCache" + }, + "links": { + "$ref": "#/definitions/MsgVpnMqttRetainCacheLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnMqttRetainCachesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnMqttRetainCache" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnMqttRetainCacheLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnMqttSession": { + "properties": { + "enabled": { + "description": "Enable or disable the MQTT Session. When disabled, the client is disconnected, new messages matching QoS 0 subscriptions are discarded, and new messages matching QoS 1 subscriptions are stored for future delivery. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "mqttSessionClientId": { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "type": "string" + }, + "mqttSessionVirtualRouter": { + "description": "The virtual router of the MQTT Session. The allowed values and their meaning are:\n\n
\n\"primary\" - The MQTT Session belongs to the primary virtual router.\n\"backup\" - The MQTT Session belongs to the backup virtual router.\n\"auto\" - The MQTT Session is automatically assigned a virtual router at creation, depending on the broker's active-standby role.\n
\n", + "enum": [ + "primary", + "backup", + "auto" + ], + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "owner": { + "description": "The owner of the MQTT Session. For externally-created sessions this defaults to the Client Username of the connecting client. For management-created sessions this defaults to empty. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "queueConsumerAckPropagationEnabled": { + "description": "Enable or disable the propagation of consumer acknowledgments (ACKs) received on the active replication Message VPN to the standby replication Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.14.", + "type": "boolean" + }, + "queueDeadMsgQueue": { + "description": "The name of the Dead Message Queue (DMQ) used by the MQTT Session Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"#DEAD_MSG_QUEUE\"`. Available since 2.14.", + "type": "string" + }, + "queueEventBindCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "queueEventMsgSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "queueEventRejectLowPriorityMsgLimitThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "queueMaxBindCount": { + "description": "The maximum number of consumer flows that can bind to the MQTT Session Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`. Available since 2.14.", + "format": "int64", + "type": "integer" + }, + "queueMaxDeliveredUnackedMsgsPerFlow": { + "description": "The maximum number of messages delivered but not acknowledged per flow for the MQTT Session Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000`. Available since 2.14.", + "format": "int64", + "type": "integer" + }, + "queueMaxMsgSize": { + "description": "The maximum message size allowed in the MQTT Session Queue, in bytes (B). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000000`. Available since 2.14.", + "format": "int32", + "type": "integer" + }, + "queueMaxMsgSpoolUsage": { + "description": "The maximum message spool usage allowed by the MQTT Session Queue, in megabytes (MB). A value of 0 only allows spooling of the last message received and disables quota checking. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5000`. Available since 2.14.", + "format": "int64", + "type": "integer" + }, + "queueMaxRedeliveryCount": { + "description": "The maximum number of times the MQTT Session Queue will attempt redelivery of a message prior to it being discarded or moved to the DMQ. A value of 0 means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.14.", + "format": "int64", + "type": "integer" + }, + "queueMaxTtl": { + "description": "The maximum time in seconds a message can stay in the MQTT Session Queue when `queueRespectTtlEnabled` is `\"true\"`. A message expires when the lesser of the sender assigned time-to-live (TTL) in the message and the `queueMaxTtl` configured for the MQTT Session Queue, is exceeded. A value of 0 disables expiry. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.14.", + "format": "int64", + "type": "integer" + }, + "queueRejectLowPriorityMsgEnabled": { + "description": "Enable or disable the checking of low priority messages against the `queueRejectLowPriorityMsgLimit`. This may only be enabled if `queueRejectMsgToSenderOnDiscardBehavior` does not have a value of `\"never\"`. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.14.", + "type": "boolean" + }, + "queueRejectLowPriorityMsgLimit": { + "description": "The number of messages of any priority in the MQTT Session Queue above which low priority messages are not admitted but higher priority messages are allowed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.14.", + "format": "int64", + "type": "integer" + }, + "queueRejectMsgToSenderOnDiscardBehavior": { + "description": "Determines when to return negative acknowledgments (NACKs) to sending clients on message discards. Note that NACKs cause the message to not be delivered to any destination and Transacted Session commits to fail. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as queueRejectLowPriorityMsgEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"when-queue-enabled\"`. The allowed values and their meaning are:\n\n
\n\"never\" - Silently discard messages.\n\"when-queue-enabled\" - NACK each message discard back to the client, except messages that are discarded because an endpoint is administratively disabled.\n\"always\" - NACK each message discard back to the client, including messages that are discarded because an endpoint is administratively disabled.\n
\n Available since 2.14.", + "enum": [ + "never", + "when-queue-enabled", + "always" + ], + "type": "string" + }, + "queueRespectTtlEnabled": { + "description": "Enable or disable the respecting of the time-to-live (TTL) for messages in the MQTT Session Queue. When enabled, expired messages are discarded or moved to the DMQ. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.14.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnMqttSessionLinks": { + "properties": { + "subscriptionsUri": { + "description": "The URI of this MQTT Session's collection of Subscription objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this MQTT Session object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnMqttSessionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnMqttSession" + }, + "links": { + "$ref": "#/definitions/MsgVpnMqttSessionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnMqttSessionSubscription": { + "properties": { + "mqttSessionClientId": { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "type": "string" + }, + "mqttSessionVirtualRouter": { + "description": "The virtual router of the MQTT Session. The allowed values and their meaning are:\n\n
\n\"primary\" - The MQTT Session belongs to the primary virtual router.\n\"backup\" - The MQTT Session belongs to the backup virtual router.\n\"auto\" - The MQTT Session is automatically assigned a virtual router at creation, depending on the broker's active-standby role.\n
\n", + "enum": [ + "primary", + "backup", + "auto" + ], + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "subscriptionQos": { + "description": "The quality of service (QoS) for the subscription as either 0 (deliver at most once) or 1 (deliver at least once). QoS 2 is not supported, but QoS 2 messages attracted by QoS 0 or QoS 1 subscriptions are accepted and delivered accordingly. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "subscriptionTopic": { + "description": "The MQTT subscription topic.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnMqttSessionSubscriptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Subscription object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnMqttSessionSubscriptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscription" + }, + "links": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscriptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnMqttSessionSubscriptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscription" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscriptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnMqttSessionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnMqttSession" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnMqttSessionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnProxiesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnProxy" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnProxyLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnProxy": { + "properties": { + "authenticationBasicPassword": { + "description": "The password to use with basic authentication. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationBasicUsername": { + "description": "The username to use with basic authentication. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationScheme": { + "description": "The authentication scheme used to connect to the proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - No authentication.\n\"basic\" - Username/password authentication.\n
\n", + "enum": [ + "none", + "basic" + ], + "type": "string" + }, + "enabled": { + "description": "Enable or disable the proxy. When disabled, no connections are initiated to this particular Proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "host": { + "description": "The IP address or host name of the proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "port": { + "description": "The port to connect to on the proxy host. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`.", + "format": "int32", + "type": "integer" + }, + "proxyName": { + "description": "The name of the proxy.", + "type": "string" + }, + "proxyType": { + "description": "The type of proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"direct\"`. The allowed values and their meaning are:\n\n
\n\"direct\" - Direct connection (no proxy).\n\"http\" - HTTP proxy.\n
\n", + "enum": [ + "direct", + "http" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnProxyLinks": { + "properties": { + "uri": { + "description": "The URI of this Proxy object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnProxyResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnProxy" + }, + "links": { + "$ref": "#/definitions/MsgVpnProxyLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnQueue": { + "properties": { + "accessType": { + "description": "The access type for delivering messages to consumer flows bound to the Queue. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"exclusive\"`. The allowed values and their meaning are:\n\n
\n\"exclusive\" - Exclusive delivery of messages to the first bound consumer flow.\n\"non-exclusive\" - Non-exclusive delivery of messages to bound consumer flows in a round-robin (if partition count is zero) or partitioned (if partition count is non-zero) fashion.\n
\n", + "enum": [ + "exclusive", + "non-exclusive" + ], + "type": "string" + }, + "consumerAckPropagationEnabled": { + "description": "Enable or disable the propagation of consumer acknowledgments (ACKs) received on the active replication Message VPN to the standby replication Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "deadMsgQueue": { + "description": "The name of the Dead Message Queue (DMQ) used by the Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"#DEAD_MSG_QUEUE\"`. Available since 2.2.", + "type": "string" + }, + "deliveryCountEnabled": { + "description": "Enable or disable the ability for client applications to query the message delivery count of messages received from the Queue. This is a controlled availability feature. Please contact support to find out if this feature is supported for your use case. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.19.", + "type": "boolean" + }, + "deliveryDelay": { + "description": "The delay, in seconds, to apply to messages arriving on the Queue before the messages are eligible for delivery. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "egressEnabled": { + "description": "Enable or disable the transmission of messages from the Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "eventBindCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventMsgSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventRejectLowPriorityMsgLimitThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "ingressEnabled": { + "description": "Enable or disable the reception of messages to the Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "maxBindCount": { + "description": "The maximum number of consumer flows that can bind to the Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxDeliveredUnackedMsgsPerFlow": { + "description": "The maximum number of messages delivered but not acknowledged per flow for the Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000`.", + "format": "int64", + "type": "integer" + }, + "maxMsgSize": { + "description": "The maximum message size allowed in the Queue, in bytes (B). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000000`.", + "format": "int32", + "type": "integer" + }, + "maxMsgSpoolUsage": { + "description": "The maximum message spool usage allowed by the Queue, in megabytes (MB). A value of 0 only allows spooling of the last message received and disables quota checking. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5000`.", + "format": "int64", + "type": "integer" + }, + "maxRedeliveryCount": { + "description": "The maximum number of times the Queue will attempt redelivery of a message prior to it being discarded or moved to the DMQ. A value of 0 means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "maxTtl": { + "description": "The maximum time in seconds a message can stay in the Queue when `respectTtlEnabled` is `\"true\"`. A message expires when the lesser of the sender assigned time-to-live (TTL) in the message and the `maxTtl` configured for the Queue, is exceeded. A value of 0 disables expiry. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "owner": { + "description": "The Client Username that owns the Queue and has permission equivalent to `\"delete\"`. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "partitionCount": { + "description": "The count of partitions of the queue. Only relevant for queues with an access type of non-exclusive. When zero, bound clients receive messages round-robin. Otherwise, bound clients receive messages from individually assigned partitions. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.35.", + "format": "int32", + "type": "integer" + }, + "partitionRebalanceDelay": { + "description": "The delay (in seconds) before a partition rebalance is started once needed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5`. Available since 2.35.", + "format": "int64", + "type": "integer" + }, + "partitionRebalanceMaxHandoffTime": { + "description": "The maximum time (in seconds) to wait before handing off a partition while rebalancing. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`. Available since 2.35.", + "format": "int64", + "type": "integer" + }, + "permission": { + "description": "The permission level for all consumers of the Queue, excluding the owner. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"no-access\"`. The allowed values and their meaning are:\n\n
\n\"no-access\" - Disallows all access.\n\"read-only\" - Read-only access to the messages.\n\"consume\" - Consume (read and remove) messages.\n\"modify-topic\" - Consume messages or modify the topic/selector.\n\"delete\" - Consume messages, modify the topic/selector or delete the Client created endpoint altogether.\n
\n", + "enum": [ + "no-access", + "read-only", + "consume", + "modify-topic", + "delete" + ], + "type": "string" + }, + "queueName": { + "description": "The name of the Queue.", + "type": "string" + }, + "redeliveryDelayEnabled": { + "description": "Enable or disable a message redelivery delay. When false, messages are redelivered as soon as possible. When true, messages are redelivered according to the initial, max and multiplier. This should only be enabled when redelivery is enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.33.", + "type": "boolean" + }, + "redeliveryDelayInitialInterval": { + "description": "The delay to be used between the first 2 redelivery attempts. This value is in milliseconds. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMaxInterval": { + "description": "The maximum delay to be used between any 2 redelivery attempts. This value is in milliseconds. Due to technical limitations, some redelivery attempt delays may slightly exceed this value. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `64000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMultiplier": { + "description": "The amount each delay interval is multiplied by after each failed delivery attempt. This number is in a fixed-point decimal format in which you must divide by 100 to get the floating point value. For example, a value of 125 would cause the delay to be multiplied by 1.25. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `200`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryEnabled": { + "description": "Enable or disable message redelivery. When enabled, the number of redelivery attempts is controlled by maxRedeliveryCount. When disabled, the message will never be delivered from the queue more than once. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.18.", + "type": "boolean" + }, + "rejectLowPriorityMsgEnabled": { + "description": "Enable or disable the checking of low priority messages against the `rejectLowPriorityMsgLimit`. This may only be enabled if `rejectMsgToSenderOnDiscardBehavior` does not have a value of `\"never\"`. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "rejectLowPriorityMsgLimit": { + "description": "The number of messages of any priority in the Queue above which low priority messages are not admitted but higher priority messages are allowed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "rejectMsgToSenderOnDiscardBehavior": { + "description": "Determines when to return negative acknowledgments (NACKs) to sending clients on message discards. Note that NACKs cause the message to not be delivered to any destination and Transacted Session commits to fail. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as rejectLowPriorityMsgEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"when-queue-enabled\"`. The allowed values and their meaning are:\n\n
\n\"never\" - Silently discard messages.\n\"when-queue-enabled\" - NACK each message discard back to the client, except messages that are discarded because an endpoint is administratively disabled.\n\"always\" - NACK each message discard back to the client, including messages that are discarded because an endpoint is administratively disabled.\n
\n Available since 2.1.", + "enum": [ + "never", + "when-queue-enabled", + "always" + ], + "type": "string" + }, + "respectMsgPriorityEnabled": { + "description": "Enable or disable the respecting of message priority. When enabled, messages contained in the Queue are delivered in priority order, from 9 (highest) to 0 (lowest). Regardless of this setting, message priority is not respected when browsing the queue, when the queue is used by a bridge, or if the queue is partitioned. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled and ingressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.8.", + "type": "boolean" + }, + "respectTtlEnabled": { + "description": "Enable or disable the respecting of the time-to-live (TTL) for messages in the Queue. When enabled, expired messages are discarded or moved to the DMQ. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnQueueLinks": { + "properties": { + "subscriptionsUri": { + "description": "The URI of this Queue's collection of Queue Subscription objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Queue object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnQueueResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnQueue" + }, + "links": { + "$ref": "#/definitions/MsgVpnQueueLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnQueueSubscription": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "queueName": { + "description": "The name of the Queue.", + "type": "string" + }, + "subscriptionTopic": { + "description": "The topic of the Subscription.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnQueueSubscriptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Queue Subscription object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnQueueSubscriptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnQueueSubscription" + }, + "links": { + "$ref": "#/definitions/MsgVpnQueueSubscriptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnQueueSubscriptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnQueueSubscription" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnQueueSubscriptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnQueueTemplate": { + "properties": { + "accessType": { + "description": "The access type for delivering messages to consumer flows. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"exclusive\"`. The allowed values and their meaning are:\n\n
\n\"exclusive\" - Exclusive delivery of messages to the first bound consumer flow.\n\"non-exclusive\" - Non-exclusive delivery of messages to bound consumer flows in a round-robin (if partition count is zero) or partitioned (if partition count is non-zero) fashion.\n
\n", + "enum": [ + "exclusive", + "non-exclusive" + ], + "type": "string" + }, + "consumerAckPropagationEnabled": { + "description": "Enable or disable the propagation of consumer acknowledgments (ACKs) received on the active replication Message VPN to the standby replication Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "deadMsgQueue": { + "description": "The name of the Dead Message Queue (DMQ). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"#DEAD_MSG_QUEUE\"`.", + "type": "string" + }, + "deliveryDelay": { + "description": "The delay, in seconds, to apply to messages arriving on the Queue before the messages are eligible for delivery. This attribute does not apply to MQTT queues created from this template, but it may apply in future releases. Therefore, to maintain forward compatibility, do not set this value on templates that might be used for MQTT queues. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "durabilityOverride": { + "description": "Controls the durability of queues created from this template. If non-durable, the created queue will be non-durable, regardless of the specified durability. If none, the created queue will have the requested durability. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - The durability of the endpoint will be as requested on create.\n\"non-durable\" - The durability of the created queue will be non-durable, regardless of what was requested.\n
\n", + "enum": [ + "none", + "non-durable" + ], + "type": "string" + }, + "eventBindCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventMsgSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventRejectLowPriorityMsgLimitThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "maxBindCount": { + "description": "The maximum number of consumer flows that can bind. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "maxDeliveredUnackedMsgsPerFlow": { + "description": "The maximum number of messages delivered but not acknowledged per flow. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000`.", + "format": "int64", + "type": "integer" + }, + "maxMsgSize": { + "description": "The maximum message size allowed, in bytes (B). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000000`.", + "format": "int32", + "type": "integer" + }, + "maxMsgSpoolUsage": { + "description": "The maximum message spool usage allowed, in megabytes (MB). A value of 0 only allows spooling of the last message received and disables quota checking. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5000`.", + "format": "int64", + "type": "integer" + }, + "maxRedeliveryCount": { + "description": "The maximum number of message redelivery attempts that will occur prior to the message being discarded or moved to the DMQ. A value of 0 means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "maxTtl": { + "description": "The maximum time in seconds a message can stay in a Queue when `respectTtlEnabled` is `\"true\"`. A message expires when the lesser of the sender assigned time-to-live (TTL) in the message and the `maxTtl` configured for the Queue, is exceeded. A value of 0 disables expiry. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "permission": { + "description": "The permission level for all consumers, excluding the owner. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"no-access\"`. The allowed values and their meaning are:\n\n
\n\"no-access\" - Disallows all access.\n\"read-only\" - Read-only access to the messages.\n\"consume\" - Consume (read and remove) messages.\n\"modify-topic\" - Consume messages or modify the topic/selector.\n\"delete\" - Consume messages, modify the topic/selector or delete the Client created endpoint altogether.\n
\n", + "enum": [ + "no-access", + "read-only", + "consume", + "modify-topic", + "delete" + ], + "type": "string" + }, + "queueNameFilter": { + "description": "A pattern used to determine which Queues use settings from this Template. Two different wildcards can be used in the pattern: * and >. Similar to topic filters or subscription patterns, a > matches anything (but only when used at the end), and a * matches zero or more characters but never a slash (/). A > is only a wildcard when used at the end, after a /. A * is only allowed at the end, after a slash (/). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "queueTemplateName": { + "description": "The name of the Queue Template.", + "type": "string" + }, + "redeliveryDelayEnabled": { + "description": "Enable or disable a message redelivery delay. When false, messages are redelivered as soon as possible. When true, messages are redelivered according to the initial, max and multiplier. This should only be enabled when redelivery is enabled. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.33.", + "type": "boolean" + }, + "redeliveryDelayInitialInterval": { + "description": "The delay to be used between the first 2 redelivery attempts. This value is in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMaxInterval": { + "description": "The maximum delay to be used between any 2 redelivery attempts. This value is in milliseconds. Due to technical limitations, some redelivery attempt delays may slightly exceed this value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `64000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMultiplier": { + "description": "The amount each delay interval is multiplied by after each failed delivery attempt. This number is in a fixed-point decimal format in which you must divide by 100 to get the floating point value. For example, a value of 125 would cause the delay to be multiplied by 1.25. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `200`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryEnabled": { + "description": "Enable or disable message redelivery. When enabled, the number of redelivery attempts is controlled by maxRedeliveryCount. When disabled, the message will never be delivered from the queue more than once. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.18.", + "type": "boolean" + }, + "rejectLowPriorityMsgEnabled": { + "description": "Enable or disable the checking of low priority messages against the `rejectLowPriorityMsgLimit`. This may only be enabled if `rejectMsgToSenderOnDiscardBehavior` does not have a value of `\"never\"`. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "rejectLowPriorityMsgLimit": { + "description": "The number of messages of any priority above which low priority messages are not admitted but higher priority messages are allowed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "rejectMsgToSenderOnDiscardBehavior": { + "description": "Determines when to return negative acknowledgments (NACKs) to sending clients on message discards. Note that NACKs prevent the message from being delivered to any destination and Transacted Session commits to fail. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"when-queue-enabled\"`. The allowed values and their meaning are:\n\n
\n\"never\" - Silently discard messages.\n\"when-queue-enabled\" - NACK each message discard back to the client, except messages that are discarded because an endpoint is administratively disabled.\n\"always\" - NACK each message discard back to the client, including messages that are discarded because an endpoint is administratively disabled.\n
\n", + "enum": [ + "never", + "when-queue-enabled", + "always" + ], + "type": "string" + }, + "respectMsgPriorityEnabled": { + "description": "Enable or disable the respecting of message priority. When enabled, messages are delivered in priority order, from 9 (highest) to 0 (lowest). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "respectTtlEnabled": { + "description": "Enable or disable the respecting of the time-to-live (TTL) for messages. When enabled, expired messages are discarded or moved to the DMQ. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnQueueTemplateLinks": { + "properties": { + "uri": { + "description": "The URI of this Queue Template object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnQueueTemplateResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnQueueTemplate" + }, + "links": { + "$ref": "#/definitions/MsgVpnQueueTemplateLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnQueueTemplatesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnQueueTemplate" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnQueueTemplateLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnQueuesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnQueue" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnQueueLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnReplayLog": { + "properties": { + "egressEnabled": { + "description": "Enable or disable the transmission of messages from the Replay Log. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "ingressEnabled": { + "description": "Enable or disable the reception of messages to the Replay Log. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "maxSpoolUsage": { + "description": "The maximum spool usage allowed by the Replay Log, in megabytes (MB). If this limit is exceeded, old messages will be trimmed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "replayLogName": { + "description": "The name of the Replay Log.", + "type": "string" + }, + "topicFilterEnabled": { + "description": "Enable or disable topic filtering for the Replay Log. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.27.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnReplayLogLinks": { + "properties": { + "topicFilterSubscriptionsUri": { + "description": "The URI of this Replay Log's collection of Topic Filter Subscription objects. Available since 2.27.", + "type": "string" + }, + "uri": { + "description": "The URI of this Replay Log object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnReplayLogResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnReplayLog" + }, + "links": { + "$ref": "#/definitions/MsgVpnReplayLogLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnReplayLogTopicFilterSubscription": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "replayLogName": { + "description": "The name of the Replay Log.", + "type": "string" + }, + "topicFilterSubscription": { + "description": "The topic of the Subscription.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnReplayLogTopicFilterSubscriptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Topic Filter Subscription object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnReplayLogTopicFilterSubscriptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscription" + }, + "links": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscriptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnReplayLogTopicFilterSubscriptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscription" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscriptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnReplayLogsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnReplayLog" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnReplayLogLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnReplicatedTopic": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "replicatedTopic": { + "description": "The topic for applying replication. Published messages matching this topic will be replicated to the standby site.", + "type": "string" + }, + "replicationMode": { + "description": "The replication mode for the Replicated Topic. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"async\"`. The allowed values and their meaning are:\n\n
\n\"sync\" - Messages are acknowledged when replicated (spooled remotely).\n\"async\" - Messages are acknowledged when pending replication (spooled locally).\n
\n", + "enum": [ + "sync", + "async" + ], + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnReplicatedTopicLinks": { + "properties": { + "uri": { + "description": "The URI of this Replicated Topic object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnReplicatedTopicResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnReplicatedTopic" + }, + "links": { + "$ref": "#/definitions/MsgVpnReplicatedTopicLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnReplicatedTopicsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnReplicatedTopic" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnReplicatedTopicLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpn" + }, + "links": { + "$ref": "#/definitions/MsgVpnLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPoint": { + "properties": { + "clientProfileName": { + "description": "The Client Profile of the REST Delivery Point. It must exist in the local Message VPN. Its TCP parameters are used for all REST Consumers in this RDP. Its queue properties are used by the RDP client. The Client Profile is used inside the auto-generated Client Username for this RDP. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the REST Delivery Point. When disabled, no connections are initiated or messages delivered to any of the contained REST Consumers. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "restDeliveryPointName": { + "description": "The name of the REST Delivery Point.", + "type": "string" + }, + "service": { + "description": "The name of the service that this REST Delivery Point connects to. Internally the broker does not use this value; it is informational only. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.19.", + "type": "string" + }, + "vendor": { + "description": "The name of the vendor that this REST Delivery Point connects to. Internally the broker does not use this value; it is informational only. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.19.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointLinks": { + "properties": { + "queueBindingsUri": { + "description": "The URI of this REST Delivery Point's collection of Queue Binding objects.", + "type": "string" + }, + "restConsumersUri": { + "description": "The URI of this REST Delivery Point's collection of REST Consumer objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this REST Delivery Point object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBinding": { + "properties": { + "gatewayReplaceTargetAuthorityEnabled": { + "description": "Enable or disable whether the authority for the request-target is replaced with that configured for the REST Consumer remote. When enabled, the broker sends HTTP requests in absolute-form, with the request-target's authority taken from the REST Consumer's remote host and port configuration. When disabled, the broker sends HTTP requests whose request-target matches that of the original request message, including whether to use absolute-form or origin-form. This configuration is applicable only when the Message VPN is in REST gateway mode. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.6.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "postRequestTarget": { + "description": "The request-target string to use when sending requests. It identifies the target resource on the far-end REST Consumer upon which to apply the request. There are generally two common forms for the request-target. The origin-form is most often used in practice and contains the path and query components of the target URI. If the path component is empty then the client must generally send a \"/\" as the path. When making a request to a proxy, most often the absolute-form is required. This configuration is only applicable when the Message VPN is in REST messaging mode. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "queueBindingName": { + "description": "The name of a queue in the Message VPN.", + "type": "string" + }, + "requestTargetEvaluation": { + "description": "The type of evaluation to perform on the request target. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - Do not evaluate substitution expressions on the request target.\n\"substitution-expressions\" - Evaluate substitution expressions on the request target.\n
\n Available since 2.23.", + "enum": [ + "none", + "substitution-expressions" + ], + "type": "string" + }, + "restDeliveryPointName": { + "description": "The name of the REST Delivery Point.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingLinks": { + "properties": { + "protectedRequestHeadersUri": { + "description": "The URI of this Queue Binding's collection of Protected Request Header objects. Available since 2.30.", + "type": "string" + }, + "requestHeadersUri": { + "description": "The URI of this Queue Binding's collection of Request Header objects. Available since 2.23.", + "type": "string" + }, + "uri": { + "description": "The URI of this Queue Binding object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader": { + "properties": { + "headerName": { + "description": "The name of the protected HTTP request header.", + "type": "string" + }, + "headerValue": { + "description": "The value of the protected HTTP request header. Unlike a non-protected request header, this value cannot be displayed after it is set, and does not support substitution expressions. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "queueBindingName": { + "description": "The name of a queue in the Message VPN.", + "type": "string" + }, + "restDeliveryPointName": { + "description": "The name of the REST Delivery Point.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderLinks": { + "properties": { + "uri": { + "description": "The URI of this Protected Request Header object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader" + }, + "links": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeadersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingRequestHeader": { + "properties": { + "headerName": { + "description": "The name of the HTTP request header.", + "type": "string" + }, + "headerValue": { + "description": "A substitution expression for the value of the HTTP request header. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "queueBindingName": { + "description": "The name of a queue in the Message VPN.", + "type": "string" + }, + "restDeliveryPointName": { + "description": "The name of the REST Delivery Point.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingRequestHeaderLinks": { + "properties": { + "uri": { + "description": "The URI of this Request Header object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingRequestHeaderResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeader" + }, + "links": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeaderLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingRequestHeadersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeader" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeaderLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBinding" + }, + "links": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointQueueBindingsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBinding" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnRestDeliveryPoint" + }, + "links": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumer": { + "properties": { + "authenticationAwsAccessKeyId": { + "description": "The AWS access key id. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.26.", + "type": "string" + }, + "authenticationAwsRegion": { + "description": "The AWS region id. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.26.", + "type": "string" + }, + "authenticationAwsSecretAccessKey": { + "description": "The AWS secret access key. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.26.", + "type": "string" + }, + "authenticationAwsService": { + "description": "The AWS service id. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.26.", + "type": "string" + }, + "authenticationClientCertContent": { + "description": "The PEM formatted content for the client certificate that the REST Consumer will present to the REST host. It must consist of a private key and between one and three certificates comprising the certificate trust chain. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.9.", + "type": "string" + }, + "authenticationClientCertPassword": { + "description": "The password for the client certificate. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. The default value is `\"\"`. Available since 2.9.", + "type": "string" + }, + "authenticationHttpBasicPassword": { + "description": "The password for the username. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationHttpBasicUsername": { + "description": "The username that the REST Consumer will use to login to the REST host. Normally a username is only configured when basic authentication is selected for the REST Consumer. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationHttpHeaderName": { + "description": "The authentication header name. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.15.", + "type": "string" + }, + "authenticationHttpHeaderValue": { + "description": "The authentication header value. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.15.", + "type": "string" + }, + "authenticationOauthClientId": { + "description": "The OAuth client ID. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.19.", + "type": "string" + }, + "authenticationOauthClientScope": { + "description": "The OAuth scope. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.19.", + "type": "string" + }, + "authenticationOauthClientSecret": { + "description": "The OAuth client secret. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.19.", + "type": "string" + }, + "authenticationOauthClientTokenEndpoint": { + "description": "The OAuth token endpoint URL that the REST Consumer will use to request a token for login to the REST host. Must begin with \"https\". Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.19.", + "type": "string" + }, + "authenticationOauthClientTokenExpiryDefault": { + "description": "The default expiry time for a token, in seconds. Only used when the token endpoint does not return an expiry time. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `900`. Available since 2.30.", + "format": "int32", + "type": "integer" + }, + "authenticationOauthJwtSecretKey": { + "description": "The OAuth secret key used to sign the token request JWT. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.21.", + "type": "string" + }, + "authenticationOauthJwtTokenEndpoint": { + "description": "The OAuth token endpoint URL that the REST Consumer will use to request a token for login to the REST host. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.21.", + "type": "string" + }, + "authenticationOauthJwtTokenExpiryDefault": { + "description": "The default expiry time for a token, in seconds. Only used when the token endpoint does not return an expiry time. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `900`. Available since 2.30.", + "format": "int32", + "type": "integer" + }, + "authenticationScheme": { + "description": "The authentication scheme used by the REST Consumer to login to the REST host. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - Login with no authentication. This may be useful for anonymous connections or when a REST Consumer does not require authentication.\n\"http-basic\" - Login with a username and optional password according to HTTP Basic authentication as per RFC 2616.\n\"client-certificate\" - Login with a client TLS certificate as per RFC 5246. Client certificate authentication is only available on TLS connections.\n\"http-header\" - Login with a specified HTTP header.\n\"oauth-client\" - Login with OAuth 2.0 client credentials.\n\"oauth-jwt\" - Login with OAuth (RFC 7523 JWT Profile).\n\"transparent\" - Login using the Authorization header from the message properties, if present. Transparent authentication passes along existing Authorization header metadata instead of discarding it. Note that if the message is coming from a REST producer, the REST service must be configured to forward the Authorization header.\n\"aws\" - Login using AWS Signature Version 4 authentication (AWS4-HMAC-SHA256).\n
\n", + "enum": [ + "none", + "http-basic", + "client-certificate", + "http-header", + "oauth-client", + "oauth-jwt", + "transparent", + "aws" + ], + "type": "string" + }, + "enabled": { + "description": "Enable or disable the REST Consumer. When disabled, no connections are initiated or messages delivered to this particular REST Consumer. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "httpMethod": { + "description": "The HTTP method to use (POST or PUT). This is used only when operating in the REST service \"messaging\" mode and is ignored in \"gateway\" mode. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"post\"`. The allowed values and their meaning are:\n\n
\n\"post\" - Use the POST HTTP method.\n\"put\" - Use the PUT HTTP method.\n
\n Available since 2.17.", + "enum": [ + "post", + "put" + ], + "type": "string" + }, + "localInterface": { + "description": "The interface that will be used for all outgoing connections associated with the REST Consumer. When unspecified, an interface is automatically chosen. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "maxPostWaitTime": { + "description": "The maximum amount of time (in seconds) to wait for an HTTP POST response from the REST Consumer. Once this time is exceeded, the TCP connection is reset. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `30`.", + "format": "int32", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "outgoingConnectionCount": { + "description": "The number of concurrent TCP connections open to the REST Consumer. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int32", + "type": "integer" + }, + "proxyName": { + "description": "The name of the proxy to use. Leave empty for no proxy. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`. Available since 2.36.", + "type": "string" + }, + "remoteHost": { + "description": "The IP address or DNS name to which the broker is to connect to deliver messages for the REST Consumer. A host value must be configured for the REST Consumer to be operationally up. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "remotePort": { + "description": "The port associated with the host of the REST Consumer. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `8080`.", + "format": "int64", + "type": "integer" + }, + "restConsumerName": { + "description": "The name of the REST Consumer.", + "type": "string" + }, + "restDeliveryPointName": { + "description": "The name of the REST Delivery Point.", + "type": "string" + }, + "retryDelay": { + "description": "The number of seconds that must pass before retrying the remote REST Consumer connection. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int32", + "type": "integer" + }, + "tlsCipherSuiteList": { + "description": "The colon-separated list of cipher suites the REST Consumer uses in its encrypted connection. The value `\"default\"` implies all supported suites ordered from most secure to least secure. The list of default cipher suites is available in the `tlsCipherSuiteMsgBackboneDefaultList` attribute of the Broker object in the Monitoring API. The REST Consumer should choose the first suite from this list that it supports. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"default\"`.", + "type": "string" + }, + "tlsEnabled": { + "description": "Enable or disable encryption (TLS) for the REST Consumer. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as enabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerLinks": { + "properties": { + "oauthJwtClaimsUri": { + "description": "The URI of this REST Consumer's collection of Claim objects. Available since 2.21.", + "type": "string" + }, + "tlsTrustedCommonNamesUri": { + "description": "The URI of this REST Consumer's collection of Trusted Common Name objects. Deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "uri": { + "description": "The URI of this REST Consumer object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerOauthJwtClaim": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "oauthJwtClaimName": { + "description": "The name of the additional claim. Cannot be \"exp\", \"iat\", or \"jti\".", + "type": "string" + }, + "oauthJwtClaimValue": { + "description": "The value of the additional claim, which must be a string containing a valid JSON value.", + "type": "string" + }, + "restConsumerName": { + "description": "The name of the REST Consumer.", + "type": "string" + }, + "restDeliveryPointName": { + "description": "The name of the REST Delivery Point.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimLinks": { + "properties": { + "uri": { + "description": "The URI of this Claim object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaim" + }, + "links": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaim" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumer" + }, + "links": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonName": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN. Deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "restConsumerName": { + "description": "The name of the REST Consumer. Deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "restDeliveryPointName": { + "description": "The name of the REST Delivery Point. Deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + }, + "tlsTrustedCommonName": { + "description": "The expected trusted common name of the remote certificate. Deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNameLinks": { + "properties": { + "uri": { + "description": "The URI of this Trusted Common Name object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNameResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonName" + }, + "links": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNameLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNamesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonName" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNameLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointRestConsumersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumer" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnRestDeliveryPointsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPoint" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnSequencedTopic": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "sequencedTopic": { + "description": "Topic for applying sequence numbers.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnSequencedTopicLinks": { + "properties": { + "uri": { + "description": "The URI of this Sequenced Topic object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnSequencedTopicResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnSequencedTopic" + }, + "links": { + "$ref": "#/definitions/MsgVpnSequencedTopicLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnSequencedTopicsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnSequencedTopic" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnSequencedTopicLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfile": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "queueEventBindCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "queueEventMsgSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "queueMaxBindCount": { + "description": "The maximum number of consumer flows that can bind to the Queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`.", + "format": "int64", + "type": "integer" + }, + "queueMaxMsgSpoolUsage": { + "description": "The maximum message spool usage allowed by the Queue, in megabytes (MB). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `800000`.", + "format": "int64", + "type": "integer" + }, + "receiverAclConnectDefaultAction": { + "description": "The default action to take when a receiver client connects to the broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"disallow\"`. The allowed values and their meaning are:\n\n
\n\"allow\" - Allow client connection unless an exception is found for it.\n\"disallow\" - Disallow client connection unless an exception is found for it.\n
\n", + "enum": [ + "allow", + "disallow" + ], + "type": "string" + }, + "receiverEnabled": { + "description": "Enable or disable the ability for receiver clients to consume from the #telemetry queue. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "receiverEventConnectionCountPerClientUsernameThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "receiverMaxConnectionCountPerClientUsername": { + "description": "The maximum number of receiver connections per Client Username. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default is the maximum value supported by the platform.", + "format": "int64", + "type": "integer" + }, + "receiverTcpCongestionWindowSize": { + "description": "The TCP initial congestion window size for clients using the Client Profile, in multiples of the TCP Maximum Segment Size (MSS). Changing the value from its default of 2 results in non-compliance with RFC 2581. Contact support before changing this value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `2`.", + "format": "int64", + "type": "integer" + }, + "receiverTcpKeepaliveCount": { + "description": "The number of TCP keepalive retransmissions to a client using the Client Profile before declaring that it is not available. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5`.", + "format": "int64", + "type": "integer" + }, + "receiverTcpKeepaliveIdleTime": { + "description": "The amount of time a client connection using the Client Profile must remain idle before TCP begins sending keepalive probes, in seconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `3`.", + "format": "int64", + "type": "integer" + }, + "receiverTcpKeepaliveInterval": { + "description": "The amount of time between TCP keepalive retransmissions to a client using the Client Profile when no acknowledgment is received, in seconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int64", + "type": "integer" + }, + "receiverTcpMaxSegmentSize": { + "description": "The TCP maximum segment size for clients using the Client Profile, in bytes. Changes are applied to all existing connections. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1460`.", + "format": "int64", + "type": "integer" + }, + "receiverTcpMaxWindowSize": { + "description": "The TCP maximum window size for clients using the Client Profile, in kilobytes. Changes are applied to all existing connections. This setting is ignored on the software broker. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `256`.", + "format": "int64", + "type": "integer" + }, + "telemetryProfileName": { + "description": "The name of the Telemetry Profile.", + "type": "string" + }, + "traceEnabled": { + "description": "Enable or disable generation of all trace span data messages. When enabled, the state of configured trace filters control which messages get traced. When disabled, trace span data messages are never generated, regardless of the state of trace filters. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "traceSendSpanGenerationEnabled": { + "description": "Enable or disable generation of send spans. For the most complete view of broker message processing, this should be enabled. If the information provided by send spans are not needed, send spans can be disabled to reduce the performance impact of tracing. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.36.", + "type": "boolean" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileLinks": { + "properties": { + "receiverAclConnectExceptionsUri": { + "description": "The URI of this Telemetry Profile's collection of Receiver ACL Connect Exception objects.", + "type": "string" + }, + "traceFiltersUri": { + "description": "The URI of this Telemetry Profile's collection of Trace Filter objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Telemetry Profile object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileReceiverAclConnectException": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "receiverAclConnectExceptionAddress": { + "description": "The IP address/netmask of the receiver connect exception in CIDR form.", + "type": "string" + }, + "telemetryProfileName": { + "description": "The name of the Telemetry Profile.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileReceiverAclConnectExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Receiver ACL Connect Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileReceiverAclConnectExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectException" + }, + "links": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfileReceiverAclConnectExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfileResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnTelemetryProfile" + }, + "links": { + "$ref": "#/definitions/MsgVpnTelemetryProfileLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFilter": { + "properties": { + "enabled": { + "description": "Enable or disable the trace filter. When the filter is disabled, the filter's subscriptions will not trigger a message to be traced. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "telemetryProfileName": { + "description": "The name of the Telemetry Profile.", + "type": "string" + }, + "traceFilterName": { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFilterLinks": { + "properties": { + "subscriptionsUri": { + "description": "The URI of this Trace Filter's collection of Telemetry Trace Filter Subscription objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Trace Filter object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFilterResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilter" + }, + "links": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFilterSubscription": { + "properties": { + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "subscription": { + "description": "Messages matching this subscription will follow this filter's configuration.", + "type": "string" + }, + "subscriptionSyntax": { + "description": "The syntax of the trace filter subscription. The allowed values and their meaning are:\n\n
\n\"smf\" - Subscription uses SMF syntax.\n\"mqtt\" - Subscription uses MQTT syntax.\n
\n", + "enum": [ + "smf", + "mqtt" + ], + "type": "string" + }, + "telemetryProfileName": { + "description": "The name of the Telemetry Profile.", + "type": "string" + }, + "traceFilterName": { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFilterSubscriptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Telemetry Trace Filter Subscription object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFilterSubscriptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscription" + }, + "links": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscriptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFilterSubscriptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscription" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscriptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfileTraceFiltersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilter" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTelemetryProfilesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfile" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnTelemetryProfileLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTopicEndpoint": { + "properties": { + "accessType": { + "description": "The access type for delivering messages to consumer flows bound to the Topic Endpoint. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"exclusive\"`. The allowed values and their meaning are:\n\n
\n\"exclusive\" - Exclusive delivery of messages to the first bound consumer flow.\n\"non-exclusive\" - Non-exclusive delivery of messages to bound consumer flows in a round-robin (if partition count is zero) or partitioned (if partition count is non-zero) fashion.\n
\n Available since 2.4.", + "enum": [ + "exclusive", + "non-exclusive" + ], + "type": "string" + }, + "consumerAckPropagationEnabled": { + "description": "Enable or disable the propagation of consumer acknowledgments (ACKs) received on the active replication Message VPN to the standby replication Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "deadMsgQueue": { + "description": "The name of the Dead Message Queue (DMQ) used by the Topic Endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"#DEAD_MSG_QUEUE\"`. Available since 2.2.", + "type": "string" + }, + "deliveryCountEnabled": { + "description": "Enable or disable the ability for client applications to query the message delivery count of messages received from the Topic Endpoint. This is a controlled availability feature. Please contact support to find out if this feature is supported for your use case. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.19.", + "type": "boolean" + }, + "deliveryDelay": { + "description": "The delay, in seconds, to apply to messages arriving on the Topic Endpoint before the messages are eligible for delivery. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "egressEnabled": { + "description": "Enable or disable the transmission of messages from the Topic Endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "eventBindCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventRejectLowPriorityMsgLimitThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "ingressEnabled": { + "description": "Enable or disable the reception of messages to the Topic Endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "maxBindCount": { + "description": "The maximum number of consumer flows that can bind to the Topic Endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`. Available since 2.4.", + "format": "int64", + "type": "integer" + }, + "maxDeliveredUnackedMsgsPerFlow": { + "description": "The maximum number of messages delivered but not acknowledged per flow for the Topic Endpoint. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000`.", + "format": "int64", + "type": "integer" + }, + "maxMsgSize": { + "description": "The maximum message size allowed in the Topic Endpoint, in bytes (B). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000000`.", + "format": "int32", + "type": "integer" + }, + "maxRedeliveryCount": { + "description": "The maximum number of times the Topic Endpoint will attempt redelivery of a message prior to it being discarded or moved to the DMQ. A value of 0 means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "maxSpoolUsage": { + "description": "The maximum message spool usage allowed by the Topic Endpoint, in megabytes (MB). A value of 0 only allows spooling of the last message received and disables quota checking. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5000`.", + "format": "int64", + "type": "integer" + }, + "maxTtl": { + "description": "The maximum time in seconds a message can stay in the Topic Endpoint when `respectTtlEnabled` is `\"true\"`. A message expires when the lesser of the sender assigned time-to-live (TTL) in the message and the `maxTtl` configured for the Topic Endpoint, is exceeded. A value of 0 disables expiry. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "owner": { + "description": "The Client Username that owns the Topic Endpoint and has permission equivalent to `\"delete\"`. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "permission": { + "description": "The permission level for all consumers of the Topic Endpoint, excluding the owner. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"no-access\"`. The allowed values and their meaning are:\n\n
\n\"no-access\" - Disallows all access.\n\"read-only\" - Read-only access to the messages.\n\"consume\" - Consume (read and remove) messages.\n\"modify-topic\" - Consume messages or modify the topic/selector.\n\"delete\" - Consume messages, modify the topic/selector or delete the Client created endpoint altogether.\n
\n", + "enum": [ + "no-access", + "read-only", + "consume", + "modify-topic", + "delete" + ], + "type": "string" + }, + "redeliveryDelayEnabled": { + "description": "Enable or disable a message redelivery delay. When false, messages are redelivered as-soon-as-possible. When true, messages are redelivered according to the initial, max and multiplier. This should only be enabled when redelivery is enabled. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.33.", + "type": "boolean" + }, + "redeliveryDelayInitialInterval": { + "description": "The delay to be used between the first 2 redelivery attempts. This value is in milliseconds. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMaxInterval": { + "description": "The maximum delay to be used between any 2 redelivery attempts. This value is in milliseconds. Due to technical limitations, some redelivery attempt delays may slightly exceed this value. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `64000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMultiplier": { + "description": "The amount each delay interval is multiplied by after each failed delivery attempt. This number is in a fixed-point decimal format in which you must divide by 100 to get the floating point value. For example, a value of 125 would cause the delay to be multiplied by 1.25. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `200`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryEnabled": { + "description": "Enable or disable message redelivery. When enabled, the number of redelivery attempts is controlled by maxRedeliveryCount. When disabled, the message will never be delivered from the topic-endpoint more than once. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.18.", + "type": "boolean" + }, + "rejectLowPriorityMsgEnabled": { + "description": "Enable or disable the checking of low priority messages against the `rejectLowPriorityMsgLimit`. This may only be enabled if `rejectMsgToSenderOnDiscardBehavior` does not have a value of `\"never\"`. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "rejectLowPriorityMsgLimit": { + "description": "The number of messages of any priority in the Topic Endpoint above which low priority messages are not admitted but higher priority messages are allowed. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "rejectMsgToSenderOnDiscardBehavior": { + "description": "Determines when to return negative acknowledgments (NACKs) to sending clients on message discards. Note that NACKs cause the message to not be delivered to any destination and Transacted Session commits to fail. Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as rejectLowPriorityMsgEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"never\"`. The allowed values and their meaning are:\n\n
\n\"never\" - Silently discard messages.\n\"when-topic-endpoint-enabled\" - NACK each message discard back to the client, except messages that are discarded because an endpoint is administratively disabled.\n\"always\" - NACK each message discard back to the client, including messages that are discarded because an endpoint is administratively disabled.\n
\n", + "enum": [ + "never", + "when-topic-endpoint-enabled", + "always" + ], + "type": "string" + }, + "respectMsgPriorityEnabled": { + "description": "Enable or disable the respecting of message priority. When enabled, messages contained in the Topic Endpoint are delivered in priority order, from 9 (highest) to 0 (lowest). Modifying this attribute while the object (or the relevant part of the object) is administratively enabled may be service impacting as egressEnabled and ingressEnabled will be temporarily set to false to apply the change. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.8.", + "type": "boolean" + }, + "respectTtlEnabled": { + "description": "Enable or disable the respecting of the time-to-live (TTL) for messages in the Topic Endpoint. When enabled, expired messages are discarded or moved to the DMQ. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "topicEndpointName": { + "description": "The name of the Topic Endpoint.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTopicEndpointLinks": { + "properties": { + "uri": { + "description": "The URI of this Topic Endpoint object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTopicEndpointResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnTopicEndpoint" + }, + "links": { + "$ref": "#/definitions/MsgVpnTopicEndpointLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTopicEndpointTemplate": { + "properties": { + "accessType": { + "description": "The access type for delivering messages to consumer flows. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"exclusive\"`. The allowed values and their meaning are:\n\n
\n\"exclusive\" - Exclusive delivery of messages to the first bound consumer flow.\n\"non-exclusive\" - Non-exclusive delivery of messages to bound consumer flows in a round-robin (if partition count is zero) or partitioned (if partition count is non-zero) fashion.\n
\n", + "enum": [ + "exclusive", + "non-exclusive" + ], + "type": "string" + }, + "consumerAckPropagationEnabled": { + "description": "Enable or disable the propagation of consumer acknowledgments (ACKs) received on the active replication Message VPN to the standby replication Message VPN. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`.", + "type": "boolean" + }, + "deadMsgQueue": { + "description": "The name of the Dead Message Queue (DMQ). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"#DEAD_MSG_QUEUE\"`.", + "type": "string" + }, + "deliveryDelay": { + "description": "The delay, in seconds, to apply to messages arriving on the Topic Endpoint before the messages are eligible for delivery. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`. Available since 2.22.", + "format": "int64", + "type": "integer" + }, + "eventBindCountThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventMsgSpoolUsageThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "eventRejectLowPriorityMsgLimitThreshold": { + "$ref": "#/definitions/EventThreshold" + }, + "maxBindCount": { + "description": "The maximum number of consumer flows that can bind. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1`.", + "format": "int64", + "type": "integer" + }, + "maxDeliveredUnackedMsgsPerFlow": { + "description": "The maximum number of messages delivered but not acknowledged per flow. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000`.", + "format": "int64", + "type": "integer" + }, + "maxMsgSize": { + "description": "The maximum message size allowed, in bytes (B). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `10000000`.", + "format": "int32", + "type": "integer" + }, + "maxMsgSpoolUsage": { + "description": "The maximum message spool usage allowed, in megabytes (MB). A value of 0 only allows spooling of the last message received and disables quota checking. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `5000`.", + "format": "int64", + "type": "integer" + }, + "maxRedeliveryCount": { + "description": "The maximum number of message redelivery attempts that will occur prior to the message being discarded or moved to the DMQ. A value of 0 means to retry forever. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "maxTtl": { + "description": "The maximum time in seconds a message can stay in the Topic Endpoint when `respectTtlEnabled` is `\"true\"`. A message expires when the lesser of the sender assigned time-to-live (TTL) in the message and the `maxTtl` configured for the Topic Endpoint, is exceeded. A value of 0 disables expiry. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "msgVpnName": { + "description": "The name of the Message VPN.", + "type": "string" + }, + "permission": { + "description": "The permission level for all consumers, excluding the owner. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"no-access\"`. The allowed values and their meaning are:\n\n
\n\"no-access\" - Disallows all access.\n\"read-only\" - Read-only access to the messages.\n\"consume\" - Consume (read and remove) messages.\n\"modify-topic\" - Consume messages or modify the topic/selector.\n\"delete\" - Consume messages, modify the topic/selector or delete the Client created endpoint altogether.\n
\n", + "enum": [ + "no-access", + "read-only", + "consume", + "modify-topic", + "delete" + ], + "type": "string" + }, + "redeliveryDelayEnabled": { + "description": "Enable or disable a message redelivery delay. When false, messages are redelivered as-soon-as-possible. When true, messages are redelivered according to the initial, max and multiplier. This should only be enabled when redelivery is enabled. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`. Available since 2.33.", + "type": "boolean" + }, + "redeliveryDelayInitialInterval": { + "description": "The delay to be used between the first 2 redelivery attempts. This value is in milliseconds. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `1000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMaxInterval": { + "description": "The maximum delay to be used between any 2 redelivery attempts. This value is in milliseconds. Due to technical limitations, some redelivery attempt delays may slightly exceed this value. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `64000`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryDelayMultiplier": { + "description": "The amount each delay interval is multiplied by after each failed delivery attempt. This number is in a fixed-point decimal format in which you must divide by 100 to get the floating point value. For example, a value of 125 would cause the delay to be multiplied by 1.25. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `200`. Available since 2.33.", + "format": "int32", + "type": "integer" + }, + "redeliveryEnabled": { + "description": "Enable or disable message redelivery. When enabled, the number of redelivery attempts is controlled by maxRedeliveryCount. When disabled, the message will never be delivered from the topic-endpoint more than once. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `true`. Available since 2.18.", + "type": "boolean" + }, + "rejectLowPriorityMsgEnabled": { + "description": "Enable or disable the checking of low priority messages against the `rejectLowPriorityMsgLimit`. This may only be enabled if `rejectMsgToSenderOnDiscardBehavior` does not have a value of `\"never\"`. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "rejectLowPriorityMsgLimit": { + "description": "The number of messages that are permitted before low priority messages are rejected. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `0`.", + "format": "int64", + "type": "integer" + }, + "rejectMsgToSenderOnDiscardBehavior": { + "description": "Determines when to return negative acknowledgments (NACKs) to sending clients on message discards. Note that NACKs cause the message to not be delivered to any destination and Transacted Session commits to fail. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"never\"`. The allowed values and their meaning are:\n\n
\n\"never\" - Silently discard messages.\n\"when-topic-endpoint-enabled\" - NACK each message discard back to the client, except messages that are discarded because an endpoint is administratively disabled.\n\"always\" - NACK each message discard back to the client, including messages that are discarded because an endpoint is administratively disabled.\n
\n", + "enum": [ + "never", + "when-topic-endpoint-enabled", + "always" + ], + "type": "string" + }, + "respectMsgPriorityEnabled": { + "description": "Enable or disable the respecting of message priority. When enabled, messages are delivered in priority order, from 9 (highest) to 0 (lowest). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "respectTtlEnabled": { + "description": "Enable or disable the respecting of the time-to-live (TTL) for messages. When enabled, expired messages are discarded or moved to the DMQ. Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `false`.", + "type": "boolean" + }, + "topicEndpointNameFilter": { + "description": "A pattern used to determine which Topic Endpoints use settings from this Template. Two different wildcards can be used in the pattern: * and >. Similar to topic filters or subscription patterns, a > matches anything (but only when used at the end), and a * matches zero or more characters but never a slash (/). A > is only a wildcard when used at the end, after a /. A * is only allowed at the end, after a slash (/). Changes to this attribute are synchronized to HA mates and replication sites via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "topicEndpointTemplateName": { + "description": "The name of the Topic Endpoint Template.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTopicEndpointTemplateLinks": { + "properties": { + "uri": { + "description": "The URI of this Topic Endpoint Template object.", + "type": "string" + } + }, + "type": "object" + }, + "MsgVpnTopicEndpointTemplateResponse": { + "properties": { + "data": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplate" + }, + "links": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplateLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTopicEndpointTemplatesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplate" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplateLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnTopicEndpointsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpnTopicEndpoint" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnTopicEndpointLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "MsgVpnsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/MsgVpn" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/MsgVpnLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfile": { + "properties": { + "accessLevelGroupsClaimName": { + "description": "The name of the groups claim. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"groups\"`.", + "type": "string" + }, + "accessLevelGroupsClaimStringFormat": { + "description": "The format of the access level groups claim value when it is a string. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"single\"`. The allowed values and their meaning are:\n\n
\n\"single\" - When the claim is a string, it is interpreted as as single group.\n\"space-delimited\" - When the claim is a string, it is interpreted as a space-delimited list of groups, similar to the \"scope\" claim.\n
\n Available since 2.32.", + "enum": [ + "single", + "space-delimited" + ], + "type": "string" + }, + "clientId": { + "description": "The OAuth client id. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "clientRedirectUri": { + "description": "The OAuth redirect URI. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "clientRequiredType": { + "description": "The required value for the TYP field in the ID token header. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"JWT\"`.", + "type": "string" + }, + "clientScope": { + "description": "The OAuth scope. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"openid email\"`.", + "type": "string" + }, + "clientSecret": { + "description": "The OAuth client secret. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "clientValidateTypeEnabled": { + "description": "Enable or disable verification of the TYP field in the ID token header. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "defaultGlobalAccessLevel": { + "description": "The default global access level for this OAuth profile. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - User has no access to global data.\n\"read-only\" - User has read-only access to global data.\n\"read-write\" - User has read-write access to most global data.\n\"admin\" - User has read-write access to all global data.\n
\n", + "enum": [ + "none", + "read-only", + "read-write", + "admin" + ], + "type": "string" + }, + "defaultMsgVpnAccessLevel": { + "description": "The default message VPN access level for the OAuth profile. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - User has no access to a Message VPN.\n\"read-only\" - User has read-only access to a Message VPN.\n\"read-write\" - User has read-write access to most Message VPN settings.\n
\n", + "enum": [ + "none", + "read-only", + "read-write" + ], + "type": "string" + }, + "displayName": { + "description": "The user friendly name for the OAuth profile. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "enabled": { + "description": "Enable or disable the OAuth profile. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "endpointAuthorization": { + "description": "The OAuth authorization endpoint. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointDiscovery": { + "description": "The OpenID Connect discovery endpoint or OAuth Authorization Server Metadata endpoint. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointDiscoveryRefreshInterval": { + "description": "The number of seconds between discovery endpoint requests. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `86400`.", + "format": "int32", + "type": "integer" + }, + "endpointIntrospection": { + "description": "The OAuth introspection endpoint. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointIntrospectionTimeout": { + "description": "The maximum time in seconds a token introspection request is allowed to take. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "endpointJwks": { + "description": "The OAuth JWKS endpoint. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointJwksRefreshInterval": { + "description": "The number of seconds between JWKS endpoint requests. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `86400`.", + "format": "int32", + "type": "integer" + }, + "endpointToken": { + "description": "The OAuth token endpoint. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointTokenTimeout": { + "description": "The maximum time in seconds a token request is allowed to take. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "endpointUserinfo": { + "description": "The OpenID Connect Userinfo endpoint. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "endpointUserinfoTimeout": { + "description": "The maximum time in seconds a userinfo request is allowed to take. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `1`.", + "format": "int32", + "type": "integer" + }, + "interactiveEnabled": { + "description": "Enable or disable interactive logins via this OAuth provider. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "interactivePromptForExpiredSession": { + "description": "The value of the prompt parameter provided to the OAuth authorization server for login requests where the session has expired. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "interactivePromptForNewSession": { + "description": "The value of the prompt parameter provided to the OAuth authorization server for login requests where the session is new or the user has explicitly logged out. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"select_account\"`.", + "type": "string" + }, + "issuer": { + "description": "The Issuer Identifier for the OAuth provider. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + }, + "oauthRole": { + "description": "The OAuth role of the broker. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"client\"`. The allowed values and their meaning are:\n\n
\n\"client\" - The broker is in the OAuth client role.\n\"resource-server\" - The broker is in the OAuth resource server role.\n
\n", + "enum": [ + "client", + "resource-server" + ], + "type": "string" + }, + "proxyName": { + "description": "The name of the proxy to use for discovery, user info, jwks, and introspection requests. Leave empty for no proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`. Available since 2.41.", + "type": "string" + }, + "resourceServerParseAccessTokenEnabled": { + "description": "Enable or disable parsing of the access token as a JWT. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerRequiredAudience": { + "description": "The required audience value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "resourceServerRequiredIssuer": { + "description": "The required issuer value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "resourceServerRequiredScope": { + "description": "A space-separated list of scopes that must be present in the scope claim. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "resourceServerRequiredType": { + "description": "The required TYP value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"at+jwt\"`.", + "type": "string" + }, + "resourceServerValidateAudienceEnabled": { + "description": "Enable or disable verification of the audience claim in the access token or introspection response. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerValidateIssuerEnabled": { + "description": "Enable or disable verification of the issuer claim in the access token or introspection response. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerValidateScopeEnabled": { + "description": "Enable or disable verification of the scope claim in the access token or introspection response. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "resourceServerValidateTypeEnabled": { + "description": "Enable or disable verification of the TYP field in the access token header. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "sempEnabled": { + "description": "Enable or disable authentication of SEMP requests with OAuth tokens. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `true`.", + "type": "boolean" + }, + "usernameClaimName": { + "description": "The name of the username claim. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"sub\"`.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileAccessLevelGroup": { + "properties": { + "description": { + "description": "A description for the group. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "globalAccessLevel": { + "description": "The global access level for this group. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - User has no access to global data.\n\"read-only\" - User has read-only access to global data.\n\"read-write\" - User has read-write access to most global data.\n\"admin\" - User has read-write access to all global data.\n
\n", + "enum": [ + "none", + "read-only", + "read-write", + "admin" + ], + "type": "string" + }, + "groupName": { + "description": "The name of the group.", + "type": "string" + }, + "msgVpnAccessLevel": { + "description": "The default message VPN access level for this group. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - User has no access to a Message VPN.\n\"read-only\" - User has read-only access to a Message VPN.\n\"read-write\" - User has read-write access to most Message VPN settings.\n
\n", + "enum": [ + "none", + "read-only", + "read-write" + ], + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileAccessLevelGroupLinks": { + "properties": { + "msgVpnAccessLevelExceptionsUri": { + "description": "The URI of this Group Access Level's collection of Message VPN Access-Level Exception objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this Group Access Level object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileAccessLevelGroupMsgVpnAccessLevelException": { + "properties": { + "accessLevel": { + "description": "The message VPN access level. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - User has no access to a Message VPN.\n\"read-only\" - User has read-only access to a Message VPN.\n\"read-write\" - User has read-write access to most Message VPN settings.\n
\n", + "enum": [ + "none", + "read-only", + "read-write" + ], + "type": "string" + }, + "groupName": { + "description": "The name of the group.", + "type": "string" + }, + "msgVpnName": { + "description": "The name of the message VPN.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Message VPN Access-Level Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelException" + }, + "links": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileAccessLevelGroupResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfileAccessLevelGroup" + }, + "links": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileAccessLevelGroupsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfileAccessLevelGroup" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileClientAllowedHost": { + "properties": { + "allowedHost": { + "description": "An allowed value for the Host header.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileClientAllowedHostLinks": { + "properties": { + "uri": { + "description": "The URI of this Allowed Host Value object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileClientAllowedHostResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfileClientAllowedHost" + }, + "links": { + "$ref": "#/definitions/OauthProfileClientAllowedHostLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileClientAllowedHostsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfileClientAllowedHost" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileClientAllowedHostLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileClientAuthorizationParameter": { + "properties": { + "authorizationParameterName": { + "description": "The name of the authorization parameter.", + "type": "string" + }, + "authorizationParameterValue": { + "description": "The authorization parameter value. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileClientAuthorizationParameterLinks": { + "properties": { + "uri": { + "description": "The URI of this Authorization Parameter object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileClientAuthorizationParameterResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameter" + }, + "links": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameterLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileClientAuthorizationParametersResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameter" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameterLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileClientRequiredClaim": { + "properties": { + "clientRequiredClaimName": { + "description": "The name of the ID token claim to verify.", + "type": "string" + }, + "clientRequiredClaimValue": { + "description": "The required claim value, which must be a string containing a valid JSON value.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileClientRequiredClaimLinks": { + "properties": { + "uri": { + "description": "The URI of this Required Claim object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileClientRequiredClaimResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfileClientRequiredClaim" + }, + "links": { + "$ref": "#/definitions/OauthProfileClientRequiredClaimLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileClientRequiredClaimsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfileClientRequiredClaim" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileClientRequiredClaimLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileDefaultMsgVpnAccessLevelException": { + "properties": { + "accessLevel": { + "description": "The message VPN access level. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - User has no access to a Message VPN.\n\"read-only\" - User has read-only access to a Message VPN.\n\"read-write\" - User has read-write access to most Message VPN settings.\n
\n", + "enum": [ + "none", + "read-only", + "read-write" + ], + "type": "string" + }, + "msgVpnName": { + "description": "The name of the message VPN.", + "type": "string" + }, + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileDefaultMsgVpnAccessLevelExceptionLinks": { + "properties": { + "uri": { + "description": "The URI of this Message VPN Access-Level Exception object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileDefaultMsgVpnAccessLevelExceptionResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelException" + }, + "links": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelExceptionLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileDefaultMsgVpnAccessLevelExceptionsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelException" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelExceptionLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileLinks": { + "properties": { + "accessLevelGroupsUri": { + "description": "The URI of this OAuth Profile's collection of Group Access Level objects.", + "type": "string" + }, + "clientAllowedHostsUri": { + "description": "The URI of this OAuth Profile's collection of Allowed Host Value objects.", + "type": "string" + }, + "clientAuthorizationParametersUri": { + "description": "The URI of this OAuth Profile's collection of Authorization Parameter objects.", + "type": "string" + }, + "clientRequiredClaimsUri": { + "description": "The URI of this OAuth Profile's collection of Required Claim objects.", + "type": "string" + }, + "defaultMsgVpnAccessLevelExceptionsUri": { + "description": "The URI of this OAuth Profile's collection of Message VPN Access-Level Exception objects.", + "type": "string" + }, + "resourceServerRequiredClaimsUri": { + "description": "The URI of this OAuth Profile's collection of Required Claim objects.", + "type": "string" + }, + "uri": { + "description": "The URI of this OAuth Profile object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileResourceServerRequiredClaim": { + "properties": { + "oauthProfileName": { + "description": "The name of the OAuth profile.", + "type": "string" + }, + "resourceServerRequiredClaimName": { + "description": "The name of the access token claim to verify.", + "type": "string" + }, + "resourceServerRequiredClaimValue": { + "description": "The required claim value, which must be a string containing a valid JSON value.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileResourceServerRequiredClaimLinks": { + "properties": { + "uri": { + "description": "The URI of this Required Claim object.", + "type": "string" + } + }, + "type": "object" + }, + "OauthProfileResourceServerRequiredClaimResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaim" + }, + "links": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaimLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileResourceServerRequiredClaimsResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaim" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaimLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfileResponse": { + "properties": { + "data": { + "$ref": "#/definitions/OauthProfile" + }, + "links": { + "$ref": "#/definitions/OauthProfileLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "OauthProfilesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/OauthProfile" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/OauthProfileLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "ProxiesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/Proxy" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/ProxyLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "Proxy": { + "properties": { + "authenticationBasicPassword": { + "description": "The password to use with basic authentication. This attribute is absent from a GET and not updated when absent in a PUT, subject to the exceptions in note 4. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationBasicUsername": { + "description": "The username to use with basic authentication. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "authenticationScheme": { + "description": "The authentication scheme used to connect to the proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"none\"`. The allowed values and their meaning are:\n\n
\n\"none\" - No authentication.\n\"basic\" - Username/password authentication.\n
\n", + "enum": [ + "none", + "basic" + ], + "type": "string" + }, + "enabled": { + "description": "Enable or disable the proxy. When disabled, no connections are initiated to this particular Proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "host": { + "description": "The IP address or host name of the proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "port": { + "description": "The port to connect to on the proxy host. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `0`.", + "format": "int32", + "type": "integer" + }, + "proxyName": { + "description": "The name of the proxy.", + "type": "string" + }, + "proxyType": { + "description": "The type of proxy. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"direct\"`. The allowed values and their meaning are:\n\n
\n\"direct\" - Direct connection (no proxy).\n\"http\" - HTTP proxy.\n
\n", + "enum": [ + "direct", + "http" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProxyLinks": { + "properties": { + "uri": { + "description": "The URI of this Proxy object.", + "type": "string" + } + }, + "type": "object" + }, + "ProxyResponse": { + "properties": { + "data": { + "$ref": "#/definitions/Proxy" + }, + "links": { + "$ref": "#/definitions/ProxyLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "SempError": { + "properties": { + "code": { + "description": "The error code which uniquely identifies the error that has occurred.", + "format": "int32", + "type": "integer" + }, + "description": { + "description": "The verbose description of the problem.", + "type": "string" + }, + "status": { + "description": "The terse status string associated with `code`.", + "type": "string" + } + }, + "required": [ + "code", + "status", + "description" + ], + "type": "object" + }, + "SempMeta": { + "properties": { + "count": { + "description": "The total number of objects requested, irrespective of page size. This may be a count of all objects in a collection or a filtered subset. It represents a snapshot in time and may change when paging through results.", + "format": "int64", + "type": "integer" + }, + "error": { + "$ref": "#/definitions/SempError" + }, + "paging": { + "$ref": "#/definitions/SempPaging" + }, + "request": { + "$ref": "#/definitions/SempRequest" + }, + "responseCode": { + "description": "The HTTP response code, one of 200 (success), 4xx (client error), or 5xx (server error).", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "request", + "responseCode" + ], + "type": "object" + }, + "SempMetaOnlyResponse": { + "properties": { + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "SempPaging": { + "properties": { + "cursorQuery": { + "description": "The cursor, or position, for the next page of objects. Use this as the `cursor` query parameter of the next request.", + "type": "string" + }, + "nextPageUri": { + "description": "The URI of the next page of objects. `cursorQuery` is already embedded within this URI.", + "type": "string" + } + }, + "required": [ + "cursorQuery", + "nextPageUri" + ], + "type": "object" + }, + "SempRequest": { + "properties": { + "method": { + "description": "The HTTP method of the request which resulted in this response.", + "type": "string" + }, + "uri": { + "description": "The URI of the request which resulted in this response. The URI may be normalized.", + "type": "string" + } + }, + "required": [ + "method" + ], + "type": "object" + }, + "SystemInformation": { + "properties": { + "platform": { + "description": "The platform running the SEMP API. Deprecated since 2.2. /systemInformation was replaced by /about/api.", + "type": "string" + }, + "sempVersion": { + "description": "The version of the SEMP API. Deprecated since 2.2. /systemInformation was replaced by /about/api.", + "type": "string" + } + }, + "type": "object" + }, + "SystemInformationLinks": { + "properties": { + "uri": { + "description": "The URI of this System Information object.", + "type": "string" + } + }, + "type": "object" + }, + "SystemInformationResponse": { + "properties": { + "data": { + "$ref": "#/definitions/SystemInformation" + }, + "links": { + "$ref": "#/definitions/SystemInformationLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "VirtualHostname": { + "properties": { + "enabled": { + "description": "Enable or disable Virtual Hostname to Message VPN mapping. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `false`.", + "type": "boolean" + }, + "msgVpnName": { + "description": "The message VPN to which this virtual hostname is mapped. Changes to this attribute are synchronized to HA mates via config-sync. The default value is `\"\"`.", + "type": "string" + }, + "virtualHostname": { + "description": "The virtual hostname.", + "type": "string" + } + }, + "type": "object" + }, + "VirtualHostnameLinks": { + "properties": { + "uri": { + "description": "The URI of this Virtual Hostname object.", + "type": "string" + } + }, + "type": "object" + }, + "VirtualHostnameResponse": { + "properties": { + "data": { + "$ref": "#/definitions/VirtualHostname" + }, + "links": { + "$ref": "#/definitions/VirtualHostnameLinks" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + }, + "VirtualHostnamesResponse": { + "properties": { + "data": { + "items": { + "$ref": "#/definitions/VirtualHostname" + }, + "type": "array" + }, + "links": { + "items": { + "$ref": "#/definitions/VirtualHostnameLinks" + }, + "type": "array" + }, + "meta": { + "$ref": "#/definitions/SempMeta" + } + }, + "required": [ + "meta" + ], + "type": "object" + } + }, + "host": "www.solace.com", + "info": { + "contact": { + "email": "support@solace.com", + "name": "Solace", + "url": "http://www.solace.com" + }, + "description": "SEMP (starting in `v2`) is a RESTful API for configuring, monitoring, and administering a Solace PubSub+ broker. This specification defines the following API:\n\n\nAPI|Base Path|Purpose\n:---|:---|:---\nConfiguration|/SEMP/v2/config|Reading and writing configuration\n\n\n\nThe following APIs are also available:\n\n\nAPI|Base Path|Purpose\n:---|:---|:---\nAction|/SEMP/v2/action|Performing actions\nMonitoring|/SEMP/v2/monitor|Querying operational state\n\n\n\nFor tutorials, architectural and protocol design documentation, and other information about the SEMP API, consult the [SEMP documentation](https://docs.solace.com/Admin/SEMP/Using-SEMP.htm) on the Solace website. The SEMP API specifications are also [available for download](https://solace.com/downloads/).\n\nIf you need additional support, please contact us at [support@solace.com](mailto:support@solace.com).", + "title": "SEMP (Solace Element Management Protocol)", + "version": "2.41" + }, + "parameters": { + "countQuery": { + "default": 10, + "description": "Limit the count of objects in the response. See the documentation for the `count` parameter.", + "in": "query", + "minimum": 1, + "name": "count", + "required": false, + "type": "integer" + }, + "cursorQuery": { + "description": "The cursor, or position, for the next page of objects. See the documentation for the `cursor` parameter.", + "in": "query", + "name": "cursor", + "required": false, + "type": "string" + }, + "opaquePasswordQuery": { + "description": "Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the `opaquePassword` parameter.", + "in": "query", + "name": "opaquePassword", + "required": false, + "type": "string" + }, + "selectQuery": { + "collectionFormat": "csv", + "description": "Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the `select` parameter.", + "in": "query", + "items": { + "type": "string" + }, + "name": "select", + "required": false, + "type": "array" + }, + "whereQuery": { + "collectionFormat": "csv", + "description": "Include in the response only objects where certain conditions are true. See the the documentation for the `where` parameter.", + "in": "query", + "items": { + "type": "string" + }, + "name": "where", + "required": false, + "type": "array" + } + }, + "paths": { + "/": { + "get": { + "description": "Get a Broker object.\n\nThis object contains global configuration for the message broker.\n\n\nAttribute|Write-Only|Opaque\n:---|:---:|:---:\ntlsServerCertContent|x|x\ntlsServerCertPassword|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"vpn/read-only\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\nauthBruteForceProtectionEnabled|global/read-only\nauthClientCertRevocationCheckMode|global/read-only\nconfigSyncAuthenticationClientCertMaxChainDepth|global/read-only\nconfigSyncAuthenticationClientCertValidateDateEnabled|global/read-only\nconfigSyncClientProfileTcpInitialCongestionWindow|global/read-only\nconfigSyncClientProfileTcpKeepaliveCount|global/read-only\nconfigSyncClientProfileTcpKeepaliveIdle|global/read-only\nconfigSyncClientProfileTcpKeepaliveInterval|global/read-only\nconfigSyncClientProfileTcpMaxWindow|global/read-only\nconfigSyncClientProfileTcpMss|global/read-only\nconfigSyncEnabled|global/read-only\nconfigSyncSynchronizeUsernameEnabled|global/read-only\nconfigSyncTlsEnabled|global/read-only\nguaranteedMsgingDefragmentationScheduleDayList|global/read-only\nguaranteedMsgingDefragmentationScheduleEnabled|global/read-only\nguaranteedMsgingDefragmentationScheduleTimeList|global/read-only\nguaranteedMsgingDefragmentationThresholdEnabled|global/read-only\nguaranteedMsgingDefragmentationThresholdFragmentationPercentage|global/read-only\nguaranteedMsgingDefragmentationThresholdMinInterval|global/read-only\nguaranteedMsgingDefragmentationThresholdUsagePercentage|global/read-only\nguaranteedMsgingEnabled|global/read-only\nguaranteedMsgingEventCacheUsageThreshold.clearPercent|global/read-only\nguaranteedMsgingEventCacheUsageThreshold.clearValue|global/read-only\nguaranteedMsgingEventCacheUsageThreshold.setPercent|global/read-only\nguaranteedMsgingEventCacheUsageThreshold.setValue|global/read-only\nguaranteedMsgingEventDeliveredUnackedThreshold.clearPercent|global/read-only\nguaranteedMsgingEventDeliveredUnackedThreshold.setPercent|global/read-only\nguaranteedMsgingEventDiskUsageThreshold.clearPercent|global/read-only\nguaranteedMsgingEventDiskUsageThreshold.setPercent|global/read-only\nguaranteedMsgingEventEgressFlowCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventEgressFlowCountThreshold.clearValue|global/read-only\nguaranteedMsgingEventEgressFlowCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventEgressFlowCountThreshold.setValue|global/read-only\nguaranteedMsgingEventEndpointCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventEndpointCountThreshold.clearValue|global/read-only\nguaranteedMsgingEventEndpointCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventEndpointCountThreshold.setValue|global/read-only\nguaranteedMsgingEventIngressFlowCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventIngressFlowCountThreshold.clearValue|global/read-only\nguaranteedMsgingEventIngressFlowCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventIngressFlowCountThreshold.setValue|global/read-only\nguaranteedMsgingEventMsgCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventMsgCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventMsgSpoolFileCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventMsgSpoolFileCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventMsgSpoolUsageThreshold.clearPercent|global/read-only\nguaranteedMsgingEventMsgSpoolUsageThreshold.clearValue|global/read-only\nguaranteedMsgingEventMsgSpoolUsageThreshold.setPercent|global/read-only\nguaranteedMsgingEventMsgSpoolUsageThreshold.setValue|global/read-only\nguaranteedMsgingEventTransactedSessionCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventTransactedSessionCountThreshold.clearValue|global/read-only\nguaranteedMsgingEventTransactedSessionCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventTransactedSessionCountThreshold.setValue|global/read-only\nguaranteedMsgingEventTransactedSessionResourceCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventTransactedSessionResourceCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventTransactionCountThreshold.clearPercent|global/read-only\nguaranteedMsgingEventTransactionCountThreshold.clearValue|global/read-only\nguaranteedMsgingEventTransactionCountThreshold.setPercent|global/read-only\nguaranteedMsgingEventTransactionCountThreshold.setValue|global/read-only\nguaranteedMsgingMaxCacheUsage|global/read-only\nguaranteedMsgingMaxMsgSpoolUsage|global/read-only\nguaranteedMsgingMsgSpoolSyncMirroredMsgAckTimeout|global/read-only\nguaranteedMsgingMsgSpoolSyncMirroredSpoolFileAckTimeout|global/read-only\nguaranteedMsgingTransactionReplicationCompatibilityMode|global/read-only\noauthProfileDefault|global/read-only\nserviceAmqpEnabled|global/read-only\nserviceAmqpTlsListenPort|global/read-only\nserviceEventConnectionCountThreshold.clearPercent|global/read-only\nserviceEventConnectionCountThreshold.clearValue|global/read-only\nserviceEventConnectionCountThreshold.setPercent|global/read-only\nserviceEventConnectionCountThreshold.setValue|global/read-only\nserviceHealthCheckEnabled|global/read-only\nserviceHealthCheckListenPort|global/read-only\nserviceHealthCheckTlsEnabled|global/read-only\nserviceHealthCheckTlsListenPort|global/read-only\nserviceMateLinkEnabled|global/read-only\nserviceMateLinkListenPort|global/read-only\nserviceMqttEnabled|global/read-only\nserviceMsgBackboneEnabled|global/read-only\nserviceRedundancyEnabled|global/read-only\nserviceRedundancyFirstListenPort|global/read-only\nserviceRestEventOutgoingConnectionCountThreshold.clearPercent|global/read-only\nserviceRestEventOutgoingConnectionCountThreshold.clearValue|global/read-only\nserviceRestEventOutgoingConnectionCountThreshold.setPercent|global/read-only\nserviceRestEventOutgoingConnectionCountThreshold.setValue|global/read-only\nserviceRestIncomingEnabled|global/read-only\nserviceRestOutgoingEnabled|global/read-only\nserviceSempCorsAllowAnyHostEnabled|global/read-only\nserviceSempLegacyTimeoutEnabled|global/read-only\nserviceSempPlainTextEnabled|global/read-only\nserviceSempPlainTextListenPort|global/read-only\nserviceSempSessionIdleTimeout|global/read-only\nserviceSempSessionMaxLifetime|global/read-only\nserviceSempTlsEnabled|global/read-only\nserviceSempTlsListenPort|global/read-only\nserviceSmfCompressionListenPort|global/read-only\nserviceSmfEnabled|global/read-only\nserviceSmfEventConnectionCountThreshold.clearPercent|global/read-only\nserviceSmfEventConnectionCountThreshold.clearValue|global/read-only\nserviceSmfEventConnectionCountThreshold.setPercent|global/read-only\nserviceSmfEventConnectionCountThreshold.setValue|global/read-only\nserviceSmfPlainTextListenPort|global/read-only\nserviceSmfRoutingControlListenPort|global/read-only\nserviceSmfTlsListenPort|global/read-only\nserviceTlsEventConnectionCountThreshold.clearPercent|global/read-only\nserviceTlsEventConnectionCountThreshold.clearValue|global/read-only\nserviceTlsEventConnectionCountThreshold.setPercent|global/read-only\nserviceTlsEventConnectionCountThreshold.setValue|global/read-only\nserviceWebTransportEnabled|global/read-only\nserviceWebTransportPlainTextListenPort|global/read-only\nserviceWebTransportTlsListenPort|global/read-only\nserviceWebTransportWebUrlSuffix|global/read-only\ntlsBlockVersion11Enabled|global/read-only\ntlsCipherSuiteManagementList|global/read-only\ntlsCipherSuiteMsgBackboneList|global/read-only\ntlsCipherSuiteSecureShellList|global/read-only\ntlsCrimeExploitProtectionEnabled|global/read-only\ntlsServerCertContent|global/read-only\ntlsTicketLifetime|global/read-only\n\n\n\nThis has been available since 2.13.", + "operationId": "getBroker", + "parameters": [ + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Broker object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/BrokerResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Broker object.", + "tags": [ + "all" + ] + }, + "patch": { + "description": "Update a Broker object. Any attribute missing from the request will be left unchanged.\n\nThis object contains global configuration for the message broker.\n\n\nAttribute|Write-Only|Requires-Disable|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:\nserviceAmqpTlsListenPort|||x|\nserviceHealthCheckListenPort|||x|\nserviceHealthCheckTlsListenPort|||x|\nserviceMateLinkListenPort|||x|\nserviceRedundancyFirstListenPort|||x|\nserviceSempPlainTextListenPort||x||\nserviceSempTlsListenPort||x||\nserviceSmfCompressionListenPort|||x|\nserviceSmfPlainTextListenPort|||x|\nserviceSmfRoutingControlListenPort|||x|\nserviceSmfTlsListenPort|||x|\nserviceWebTransportPlainTextListenPort|||x|\nserviceWebTransportTlsListenPort|||x|\nserviceWebTransportWebUrlSuffix|||x|\ntlsServerCertContent|x|||x\ntlsServerCertPassword|x|||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nBroker|tlsServerCertPassword|tlsServerCertContent|\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\nEventThresholdByPercent|clearPercent|setPercent|\nEventThresholdByPercent|setPercent|clearPercent|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"vpn/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\nauthBruteForceProtectionEnabled|global/read-write\nauthClientCertRevocationCheckMode|global/admin\nconfigSyncAuthenticationClientCertMaxChainDepth|global/read-write\nconfigSyncAuthenticationClientCertValidateDateEnabled|global/read-write\nconfigSyncClientProfileTcpInitialCongestionWindow|global/read-write\nconfigSyncClientProfileTcpKeepaliveCount|global/read-write\nconfigSyncClientProfileTcpKeepaliveIdle|global/read-write\nconfigSyncClientProfileTcpKeepaliveInterval|global/read-write\nconfigSyncClientProfileTcpMaxWindow|global/read-write\nconfigSyncClientProfileTcpMss|global/read-write\nconfigSyncEnabled|global/read-write\nconfigSyncSynchronizeUsernameEnabled|global/read-write\nconfigSyncTlsEnabled|global/read-write\nguaranteedMsgingDefragmentationScheduleDayList|global/read-write\nguaranteedMsgingDefragmentationScheduleEnabled|global/read-write\nguaranteedMsgingDefragmentationScheduleTimeList|global/read-write\nguaranteedMsgingDefragmentationThresholdEnabled|global/read-write\nguaranteedMsgingDefragmentationThresholdFragmentationPercentage|global/read-write\nguaranteedMsgingDefragmentationThresholdMinInterval|global/read-write\nguaranteedMsgingDefragmentationThresholdUsagePercentage|global/read-write\nguaranteedMsgingEnabled|global/read-write\nguaranteedMsgingEventCacheUsageThreshold.clearPercent|global/read-write\nguaranteedMsgingEventCacheUsageThreshold.clearValue|global/read-write\nguaranteedMsgingEventCacheUsageThreshold.setPercent|global/read-write\nguaranteedMsgingEventCacheUsageThreshold.setValue|global/read-write\nguaranteedMsgingEventDeliveredUnackedThreshold.clearPercent|global/read-write\nguaranteedMsgingEventDeliveredUnackedThreshold.setPercent|global/read-write\nguaranteedMsgingEventDiskUsageThreshold.clearPercent|global/read-write\nguaranteedMsgingEventDiskUsageThreshold.setPercent|global/read-write\nguaranteedMsgingEventEgressFlowCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventEgressFlowCountThreshold.clearValue|global/read-write\nguaranteedMsgingEventEgressFlowCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventEgressFlowCountThreshold.setValue|global/read-write\nguaranteedMsgingEventEndpointCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventEndpointCountThreshold.clearValue|global/read-write\nguaranteedMsgingEventEndpointCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventEndpointCountThreshold.setValue|global/read-write\nguaranteedMsgingEventIngressFlowCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventIngressFlowCountThreshold.clearValue|global/read-write\nguaranteedMsgingEventIngressFlowCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventIngressFlowCountThreshold.setValue|global/read-write\nguaranteedMsgingEventMsgCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventMsgCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventMsgSpoolFileCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventMsgSpoolFileCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventMsgSpoolUsageThreshold.clearPercent|global/read-write\nguaranteedMsgingEventMsgSpoolUsageThreshold.clearValue|global/read-write\nguaranteedMsgingEventMsgSpoolUsageThreshold.setPercent|global/read-write\nguaranteedMsgingEventMsgSpoolUsageThreshold.setValue|global/read-write\nguaranteedMsgingEventTransactedSessionCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventTransactedSessionCountThreshold.clearValue|global/read-write\nguaranteedMsgingEventTransactedSessionCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventTransactedSessionCountThreshold.setValue|global/read-write\nguaranteedMsgingEventTransactedSessionResourceCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventTransactedSessionResourceCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventTransactionCountThreshold.clearPercent|global/read-write\nguaranteedMsgingEventTransactionCountThreshold.clearValue|global/read-write\nguaranteedMsgingEventTransactionCountThreshold.setPercent|global/read-write\nguaranteedMsgingEventTransactionCountThreshold.setValue|global/read-write\nguaranteedMsgingMaxCacheUsage|global/read-write\nguaranteedMsgingMaxMsgSpoolUsage|global/read-write\nguaranteedMsgingMsgSpoolSyncMirroredMsgAckTimeout|global/read-write\nguaranteedMsgingMsgSpoolSyncMirroredSpoolFileAckTimeout|global/read-write\nguaranteedMsgingTransactionReplicationCompatibilityMode|global/read-write\noauthProfileDefault|global/admin\nserviceAmqpEnabled|global/read-write\nserviceAmqpTlsListenPort|global/read-write\nserviceEventConnectionCountThreshold.clearPercent|global/read-write\nserviceEventConnectionCountThreshold.clearValue|global/read-write\nserviceEventConnectionCountThreshold.setPercent|global/read-write\nserviceEventConnectionCountThreshold.setValue|global/read-write\nserviceHealthCheckEnabled|global/read-write\nserviceHealthCheckListenPort|global/read-write\nserviceHealthCheckTlsEnabled|global/read-write\nserviceHealthCheckTlsListenPort|global/read-write\nserviceMateLinkEnabled|global/read-write\nserviceMateLinkListenPort|global/read-write\nserviceMqttEnabled|global/read-write\nserviceMsgBackboneEnabled|global/read-write\nserviceRedundancyEnabled|global/read-write\nserviceRedundancyFirstListenPort|global/read-write\nserviceRestEventOutgoingConnectionCountThreshold.clearPercent|global/read-write\nserviceRestEventOutgoingConnectionCountThreshold.clearValue|global/read-write\nserviceRestEventOutgoingConnectionCountThreshold.setPercent|global/read-write\nserviceRestEventOutgoingConnectionCountThreshold.setValue|global/read-write\nserviceRestIncomingEnabled|global/read-write\nserviceRestOutgoingEnabled|global/read-write\nserviceSempCorsAllowAnyHostEnabled|global/read-write\nserviceSempLegacyTimeoutEnabled|global/read-write\nserviceSempPlainTextEnabled|global/read-write\nserviceSempPlainTextListenPort|global/read-write\nserviceSempSessionIdleTimeout|global/read-write\nserviceSempSessionMaxLifetime|global/read-write\nserviceSempTlsEnabled|global/read-write\nserviceSempTlsListenPort|global/read-write\nserviceSmfCompressionListenPort|global/read-write\nserviceSmfEnabled|global/read-write\nserviceSmfEventConnectionCountThreshold.clearPercent|global/read-write\nserviceSmfEventConnectionCountThreshold.clearValue|global/read-write\nserviceSmfEventConnectionCountThreshold.setPercent|global/read-write\nserviceSmfEventConnectionCountThreshold.setValue|global/read-write\nserviceSmfPlainTextListenPort|global/read-write\nserviceSmfRoutingControlListenPort|global/read-write\nserviceSmfTlsListenPort|global/read-write\nserviceTlsEventConnectionCountThreshold.clearPercent|global/read-write\nserviceTlsEventConnectionCountThreshold.clearValue|global/read-write\nserviceTlsEventConnectionCountThreshold.setPercent|global/read-write\nserviceTlsEventConnectionCountThreshold.setValue|global/read-write\nserviceWebTransportEnabled|global/read-write\nserviceWebTransportPlainTextListenPort|global/read-write\nserviceWebTransportTlsListenPort|global/read-write\nserviceWebTransportWebUrlSuffix|global/read-write\ntlsBlockVersion11Enabled|global/read-write\ntlsCipherSuiteManagementList|global/read-write\ntlsCipherSuiteMsgBackboneList|global/read-write\ntlsCipherSuiteSecureShellList|global/read-write\ntlsCrimeExploitProtectionEnabled|global/read-write\ntlsServerCertContent|global/admin\ntlsServerCertPassword|global/admin\ntlsStandardDomainCertificateAuthoritiesEnabled|global/read-write\ntlsTicketLifetime|global/read-write\nwebManagerAllowUnencryptedWizardsEnabled|global/read-write\nwebManagerRedirectHttpEnabled|global/read-write\nwebManagerRedirectHttpOverrideTlsPort|global/read-write\n\n\n\nThis has been available since 2.13.", + "operationId": "updateBroker", + "parameters": [ + { + "description": "The Broker object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Broker" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Broker object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/BrokerResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Broker object.", + "tags": [ + "all" + ] + } + }, + "/about": { + "get": { + "description": "Get an About object.\n\nThis provides metadata about the SEMP API, such as the version of the API supported by the broker.\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/none\" is required to perform this operation.\n\nThis has been available since 2.13.", + "operationId": "getAbout", + "parameters": [ + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The About object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/AboutResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an About object.", + "tags": [ + "all", + "about" + ] + } + }, + "/about/api": { + "get": { + "description": "Get an API Description object.\n\nThe API Description object provides metadata about the SEMP API.\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/none\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "getAboutApi", + "parameters": [ + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The API Description object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/AboutApiResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an API Description object.", + "tags": [ + "all", + "about" + ] + } + }, + "/about/user": { + "get": { + "description": "Get a User object.\n\nSession and access level information about the user accessing the SEMP API.\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/none\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "getAboutUser", + "parameters": [ + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The User object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/AboutUserResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a User object.", + "tags": [ + "all", + "about" + ] + } + }, + "/about/user/msgVpns": { + "get": { + "description": "Get a list of User Message VPN objects.\n\nThis provides information about the Message VPN access level for the username used to access the SEMP API.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/none\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.2.", + "operationId": "getAboutUserMsgVpns", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of User Message VPN objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/AboutUserMsgVpnsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of User Message VPN objects.", + "tags": [ + "all", + "about" + ] + } + }, + "/about/user/msgVpns/{msgVpnName}": { + "get": { + "description": "Get a User Message VPN object.\n\nThis provides information about the Message VPN access level for the username used to access the SEMP API.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/none\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "getAboutUserMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The User Message VPN object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/AboutUserMsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a User Message VPN object.", + "tags": [ + "all", + "about" + ] + } + }, + "/certAuthorities": { + "get": { + "deprecated": true, + "description": "Get a list of Certificate Authority objects.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\ncertAuthorityName|x|x\ncertContent||x\ncrlDayList||x\ncrlTimeList||x\ncrlUrl||x\nocspNonResponderCertEnabled||x\nocspOverrideUrl||x\nocspTimeout||x\nrevocationCheckEnabled||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "operationId": "getCertAuthorities", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Certificate Authority objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthoritiesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Certificate Authority objects.", + "tags": [ + "all", + "certAuthority" + ] + }, + "post": { + "deprecated": true, + "description": "Create a Certificate Authority object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Const|Required|Deprecated\n:---|:---:|:---:|:---:|:---:\ncertAuthorityName|x|x|x|x\ncertContent||||x\ncrlDayList||||x\ncrlTimeList||||x\ncrlUrl||||x\nocspNonResponderCertEnabled||||x\nocspOverrideUrl||||x\nocspTimeout||||x\nrevocationCheckEnabled||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nCertAuthority|crlDayList|crlTimeList\nCertAuthority|crlTimeList|crlDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "operationId": "createCertAuthority", + "parameters": [ + { + "description": "The Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/CertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Authority object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Certificate Authority object.", + "tags": [ + "all", + "certAuthority" + ] + } + }, + "/certAuthorities/{certAuthorityName}": { + "delete": { + "deprecated": true, + "description": "Delete a Certificate Authority object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "operationId": "deleteCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Certificate Authority object.", + "tags": [ + "all", + "certAuthority" + ] + }, + "get": { + "deprecated": true, + "description": "Get a Certificate Authority object.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\ncertAuthorityName|x|x\ncertContent||x\ncrlDayList||x\ncrlTimeList||x\ncrlUrl||x\nocspNonResponderCertEnabled||x\nocspOverrideUrl||x\nocspTimeout||x\nrevocationCheckEnabled||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "operationId": "getCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Authority object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Certificate Authority object.", + "tags": [ + "all", + "certAuthority" + ] + }, + "patch": { + "deprecated": true, + "description": "Update a Certificate Authority object. Any attribute missing from the request will be left unchanged.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Const|Auto-Disable|Deprecated\n:---|:---:|:---:|:---:|:---:\ncertAuthorityName|x|x||x\ncertContent||||x\ncrlDayList||||x\ncrlTimeList||||x\ncrlUrl|||x|x\nocspNonResponderCertEnabled||||x\nocspOverrideUrl||||x\nocspTimeout||||x\nrevocationCheckEnabled||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nCertAuthority|crlDayList|crlTimeList\nCertAuthority|crlTimeList|crlDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "operationId": "updateCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/CertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Authority object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Certificate Authority object.", + "tags": [ + "all", + "certAuthority" + ] + }, + "put": { + "deprecated": true, + "description": "Replace a Certificate Authority object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Const|Auto-Disable|Deprecated\n:---|:---:|:---:|:---:|:---:\ncertAuthorityName|x|x||x\ncertContent||||x\ncrlDayList||||x\ncrlTimeList||||x\ncrlUrl|||x|x\nocspNonResponderCertEnabled||||x\nocspOverrideUrl||||x\nocspTimeout||||x\nrevocationCheckEnabled||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nCertAuthority|crlDayList|crlTimeList\nCertAuthority|crlTimeList|crlDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.", + "operationId": "replaceCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/CertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Authority object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Certificate Authority object.", + "tags": [ + "all", + "certAuthority" + ] + } + }, + "/certAuthorities/{certAuthorityName}/ocspTlsTrustedCommonNames": { + "get": { + "deprecated": true, + "description": "Get a list of OCSP Responder Trusted Common Name objects.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\ncertAuthorityName|x|x\nocspTlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities.", + "operationId": "getCertAuthorityOcspTlsTrustedCommonNames", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of OCSP Responder Trusted Common Name objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonNamesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of OCSP Responder Trusted Common Name objects.", + "tags": [ + "all", + "certAuthority" + ] + }, + "post": { + "deprecated": true, + "description": "Create an OCSP Responder Trusted Common Name object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:|:---:\ncertAuthorityName|x|||x|x\nocspTlsTrustedCommonName|x|x|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities.", + "operationId": "createCertAuthorityOcspTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The OCSP Responder Trusted Common Name object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonName" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OCSP Responder Trusted Common Name object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an OCSP Responder Trusted Common Name object.", + "tags": [ + "all", + "certAuthority" + ] + } + }, + "/certAuthorities/{certAuthorityName}/ocspTlsTrustedCommonNames/{ocspTlsTrustedCommonName}": { + "delete": { + "deprecated": true, + "description": "Delete an OCSP Responder Trusted Common Name object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities.", + "operationId": "deleteCertAuthorityOcspTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The expected Trusted Common Name of the OCSP responder remote certificate.", + "in": "path", + "name": "ocspTlsTrustedCommonName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an OCSP Responder Trusted Common Name object.", + "tags": [ + "all", + "certAuthority" + ] + }, + "get": { + "deprecated": true, + "description": "Get an OCSP Responder Trusted Common Name object.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\ncertAuthorityName|x|x\nocspTlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.19. Replaced by clientCertAuthorities.", + "operationId": "getCertAuthorityOcspTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The expected Trusted Common Name of the OCSP responder remote certificate.", + "in": "path", + "name": "ocspTlsTrustedCommonName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OCSP Responder Trusted Common Name object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/CertAuthorityOcspTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an OCSP Responder Trusted Common Name object.", + "tags": [ + "all", + "certAuthority" + ] + } + }, + "/clientCertAuthorities": { + "get": { + "description": "Get a list of Client Certificate Authority objects.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying\n:---|:---:\ncertAuthorityName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.19.", + "operationId": "getClientCertAuthorities", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Client Certificate Authority objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthoritiesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Client Certificate Authority objects.", + "tags": [ + "all", + "clientCertAuthority" + ] + }, + "post": { + "description": "Create a Client Certificate Authority object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Const|Required\n:---|:---:|:---:|:---:\ncertAuthorityName|x|x|x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nClientCertAuthority|crlDayList|crlTimeList\nClientCertAuthority|crlTimeList|crlDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "createClientCertAuthority", + "parameters": [ + { + "description": "The Client Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ClientCertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Certificate Authority object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Client Certificate Authority object.", + "tags": [ + "all", + "clientCertAuthority" + ] + } + }, + "/clientCertAuthorities/{certAuthorityName}": { + "delete": { + "description": "Delete a Client Certificate Authority object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "deleteClientCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Client Certificate Authority object.", + "tags": [ + "all", + "clientCertAuthority" + ] + }, + "get": { + "description": "Get a Client Certificate Authority object.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying\n:---|:---:\ncertAuthorityName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "getClientCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Certificate Authority object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Client Certificate Authority object.", + "tags": [ + "all", + "clientCertAuthority" + ] + }, + "patch": { + "description": "Update a Client Certificate Authority object. Any attribute missing from the request will be left unchanged.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Const|Auto-Disable\n:---|:---:|:---:|:---:\ncertAuthorityName|x|x|\ncrlUrl|||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nClientCertAuthority|crlDayList|crlTimeList\nClientCertAuthority|crlTimeList|crlDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "updateClientCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The Client Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ClientCertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Certificate Authority object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Client Certificate Authority object.", + "tags": [ + "all", + "clientCertAuthority" + ] + }, + "put": { + "description": "Replace a Client Certificate Authority object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nClients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.\n\n\nAttribute|Identifying|Const|Auto-Disable\n:---|:---:|:---:|:---:\ncertAuthorityName|x|x|\ncrlUrl|||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nClientCertAuthority|crlDayList|crlTimeList\nClientCertAuthority|crlTimeList|crlDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "replaceClientCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The Client Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ClientCertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Certificate Authority object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Client Certificate Authority object.", + "tags": [ + "all", + "clientCertAuthority" + ] + } + }, + "/clientCertAuthorities/{certAuthorityName}/ocspTlsTrustedCommonNames": { + "get": { + "description": "Get a list of OCSP Responder Trusted Common Name objects.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\n\nAttribute|Identifying\n:---|:---:\ncertAuthorityName|x\nocspTlsTrustedCommonName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.19.", + "operationId": "getClientCertAuthorityOcspTlsTrustedCommonNames", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of OCSP Responder Trusted Common Name objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonNamesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of OCSP Responder Trusted Common Name objects.", + "tags": [ + "all", + "clientCertAuthority" + ] + }, + "post": { + "description": "Create an OCSP Responder Trusted Common Name object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncertAuthorityName|x|||x\nocspTlsTrustedCommonName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "createClientCertAuthorityOcspTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The OCSP Responder Trusted Common Name object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonName" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OCSP Responder Trusted Common Name object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an OCSP Responder Trusted Common Name object.", + "tags": [ + "all", + "clientCertAuthority" + ] + } + }, + "/clientCertAuthorities/{certAuthorityName}/ocspTlsTrustedCommonNames/{ocspTlsTrustedCommonName}": { + "delete": { + "description": "Delete an OCSP Responder Trusted Common Name object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "deleteClientCertAuthorityOcspTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The expected Trusted Common Name of the OCSP responder remote certificate.", + "in": "path", + "name": "ocspTlsTrustedCommonName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an OCSP Responder Trusted Common Name object.", + "tags": [ + "all", + "clientCertAuthority" + ] + }, + "get": { + "description": "Get an OCSP Responder Trusted Common Name object.\n\nWhen an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.\n\n\nAttribute|Identifying\n:---|:---:\ncertAuthorityName|x\nocspTlsTrustedCommonName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "getClientCertAuthorityOcspTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The expected Trusted Common Name of the OCSP responder remote certificate.", + "in": "path", + "name": "ocspTlsTrustedCommonName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OCSP Responder Trusted Common Name object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/ClientCertAuthorityOcspTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an OCSP Responder Trusted Common Name object.", + "tags": [ + "all", + "clientCertAuthority" + ] + } + }, + "/dmrClusters": { + "get": { + "description": "Get a list of Cluster objects.\n\nA Cluster is a provisioned object on a message broker that contains global DMR configuration parameters.\n\n\nAttribute|Identifying|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||x||x\nauthenticationClientCertContent||x||x\nauthenticationClientCertPassword||x||\ndmrClusterName|x|||\ntlsServerCertEnforceTrustedCommonNameEnabled|||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getDmrClusters", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Cluster objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClustersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Cluster objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "description": "Create a Cluster object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA Cluster is a provisioned object on a message broker that contains global DMR configuration parameters.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword|||||x||x\nauthenticationClientCertContent|||||x||x\nauthenticationClientCertPassword|||||x||\ndirectOnlyEnabled||x|||||\ndmrClusterName|x|x|x||||\nnodeName||||x|||\ntlsServerCertEnforceTrustedCommonNameEnabled||||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nDmrCluster|authenticationClientCertPassword|authenticationClientCertContent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createDmrCluster", + "parameters": [ + { + "description": "The Cluster object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrCluster" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cluster object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Cluster object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}": { + "delete": { + "description": "Delete a Cluster object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA Cluster is a provisioned object on a message broker that contains global DMR configuration parameters.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteDmrCluster", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Cluster object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "description": "Get a Cluster object.\n\nA Cluster is a provisioned object on a message broker that contains global DMR configuration parameters.\n\n\nAttribute|Identifying|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||x||x\nauthenticationClientCertContent||x||x\nauthenticationClientCertPassword||x||\ndmrClusterName|x|||\ntlsServerCertEnforceTrustedCommonNameEnabled|||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getDmrCluster", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cluster object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Cluster object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "patch": { + "description": "Update a Cluster object. Any attribute missing from the request will be left unchanged.\n\nA Cluster is a provisioned object on a message broker that contains global DMR configuration parameters.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x||x\nauthenticationClientCertContent||||x|x||x\nauthenticationClientCertPassword||||x|x||\ndirectOnlyEnabled||x|||||\ndmrClusterName|x|x|||||\nnodeName|||x||||\ntlsServerCertEnforceTrustedCommonNameEnabled||||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nDmrCluster|authenticationClientCertPassword|authenticationClientCertContent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "updateDmrCluster", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The Cluster object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrCluster" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cluster object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Cluster object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "put": { + "description": "Replace a Cluster object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Cluster is a provisioned object on a message broker that contains global DMR configuration parameters.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x||x\nauthenticationClientCertContent||||x|x||x\nauthenticationClientCertPassword||||x|x||\ndirectOnlyEnabled||x|||||\ndmrClusterName|x|x|||||\nnodeName|||x||||\ntlsServerCertEnforceTrustedCommonNameEnabled||||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nDmrCluster|authenticationClientCertPassword|authenticationClientCertContent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "replaceDmrCluster", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The Cluster object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrCluster" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cluster object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Cluster object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/certMatchingRules": { + "get": { + "description": "Get a list of Certificate Matching Rule objects.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given link.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterCertMatchingRules", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Certificate Matching Rule objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRulesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Certificate Matching Rule objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "description": "Create a Certificate Matching Rule object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given link.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ndmrClusterName|x|||x\nruleName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "createDmrClusterCertMatchingRule", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRule" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Certificate Matching Rule object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/certMatchingRules/{ruleName}": { + "delete": { + "description": "Delete a Certificate Matching Rule object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given link.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "deleteDmrClusterCertMatchingRule", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Certificate Matching Rule object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "description": "Get a Certificate Matching Rule object.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given link.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterCertMatchingRule", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Certificate Matching Rule object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "patch": { + "description": "Update a Certificate Matching Rule object. Any attribute missing from the request will be left unchanged.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given link.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ndmrClusterName|x||x\nruleName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "updateDmrClusterCertMatchingRule", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRule" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Certificate Matching Rule object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "put": { + "description": "Replace a Certificate Matching Rule object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given link.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ndmrClusterName|x||x\nruleName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "replaceDmrClusterCertMatchingRule", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRule" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Certificate Matching Rule object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/certMatchingRules/{ruleName}/attributeFilters": { + "get": { + "description": "Get a list of Certificate Matching Rule Attribute Filter objects.\n\nA Cert Matching Rule Attribute Filter compares a link attribute to a string.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nfilterName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterCertMatchingRuleAttributeFilters", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Certificate Matching Rule Attribute Filter objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFiltersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Certificate Matching Rule Attribute Filter objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "description": "Create a Certificate Matching Rule Attribute Filter object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA Cert Matching Rule Attribute Filter compares a link attribute to a string.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ndmrClusterName|x|||x\nfilterName|x|x|x|\nruleName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "createDmrClusterCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Attribute Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/certMatchingRules/{ruleName}/attributeFilters/{filterName}": { + "delete": { + "description": "Delete a Certificate Matching Rule Attribute Filter object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA Cert Matching Rule Attribute Filter compares a link attribute to a string.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "deleteDmrClusterCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "description": "Get a Certificate Matching Rule Attribute Filter object.\n\nA Cert Matching Rule Attribute Filter compares a link attribute to a string.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nfilterName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "patch": { + "description": "Update a Certificate Matching Rule Attribute Filter object. Any attribute missing from the request will be left unchanged.\n\nA Cert Matching Rule Attribute Filter compares a link attribute to a string.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ndmrClusterName|x||x\nfilterName|x|x|\nruleName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "updateDmrClusterCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Attribute Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "put": { + "description": "Replace a Certificate Matching Rule Attribute Filter object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Cert Matching Rule Attribute Filter compares a link attribute to a string.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ndmrClusterName|x||x\nfilterName|x|x|\nruleName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "replaceDmrClusterCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Attribute Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/certMatchingRules/{ruleName}/conditions": { + "get": { + "description": "Get a list of Certificate Matching Rule Condition objects.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a link attribute or an expression.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nruleName|x\nsource|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterCertMatchingRuleConditions", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Certificate Matching Rule Condition objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleConditionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Certificate Matching Rule Condition objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "description": "Create a Certificate Matching Rule Condition object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a link attribute or an expression.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nattribute||x||\ndmrClusterName|x|||x\nexpression||x||\nruleName|x|||x\nsource|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "createDmrClusterCertMatchingRuleCondition", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Condition object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleCondition" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Condition object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleConditionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Certificate Matching Rule Condition object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/certMatchingRules/{ruleName}/conditions/{source}": { + "delete": { + "description": "Delete a Certificate Matching Rule Condition object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a link attribute or an expression.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "deleteDmrClusterCertMatchingRuleCondition", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "Certificate field to be compared with the Attribute.", + "in": "path", + "name": "source", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Certificate Matching Rule Condition object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "description": "Get a Certificate Matching Rule Condition object.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a link attribute or an expression.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nruleName|x\nsource|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterCertMatchingRuleCondition", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "Certificate field to be compared with the Attribute.", + "in": "path", + "name": "source", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Condition object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterCertMatchingRuleConditionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Certificate Matching Rule Condition object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links": { + "get": { + "description": "Get a list of Link objects.\n\nA Link connects nodes (either within a Cluster or between two different Clusters) and allows them to exchange topology information, subscriptions and data.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\ndmrClusterName|x||\nremoteNodeName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getDmrClusterLinks", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Link objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinksResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Link objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "description": "Create a Link object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA Link connects nodes (either within a Cluster or between two different Clusters) and allows them to exchange topology information, subscriptions and data.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword|||||x|x\ndmrClusterName|x|||x||\nremoteNodeName|x|x|x|||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createDmrClusterLink", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The Link object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterLink" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Link object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Link object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links/{remoteNodeName}": { + "delete": { + "description": "Delete a Link object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA Link connects nodes (either within a Cluster or between two different Clusters) and allows them to exchange topology information, subscriptions and data.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteDmrClusterLink", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Link object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "description": "Get a Link object.\n\nA Link connects nodes (either within a Cluster or between two different Clusters) and allows them to exchange topology information, subscriptions and data.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\ndmrClusterName|x||\nremoteNodeName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getDmrClusterLink", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Link object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Link object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "patch": { + "description": "Update a Link object. Any attribute missing from the request will be left unchanged.\n\nA Link connects nodes (either within a Cluster or between two different Clusters) and allows them to exchange topology information, subscriptions and data.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x|x\nauthenticationScheme|||||x|\ndmrClusterName|x||x|||\negressFlowWindowSize|||||x|\ninitiator|||||x|\nremoteNodeName|x|x||||\nspan|||||x|\ntransportCompressedEnabled|||||x|\ntransportTlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "updateDmrClusterLink", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The Link object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterLink" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Link object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Link object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "put": { + "description": "Replace a Link object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Link connects nodes (either within a Cluster or between two different Clusters) and allows them to exchange topology information, subscriptions and data.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x|x\nauthenticationScheme|||||x|\ndmrClusterName|x||x|||\negressFlowWindowSize|||||x|\ninitiator|||||x|\nremoteNodeName|x|x||||\nspan|||||x|\ntransportCompressedEnabled|||||x|\ntransportTlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "replaceDmrClusterLink", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The Link object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterLink" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Link object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Link object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links/{remoteNodeName}/attributes": { + "get": { + "description": "Get a list of Link Attribute objects.\n\nA Link Attribute is a key+value pair that can be used to locate a DMR Cluster Link, for example when using client certificate mapping.\n\n\nAttribute|Identifying\n:---|:---:\nattributeName|x\nattributeValue|x\ndmrClusterName|x\nremoteNodeName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterLinkAttributes", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Link Attribute objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkAttributesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Link Attribute objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "description": "Create a Link Attribute object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA Link Attribute is a key+value pair that can be used to locate a DMR Cluster Link, for example when using client certificate mapping.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nattributeName|x|x|x|\nattributeValue|x|x|x|\ndmrClusterName|x|||x\nremoteNodeName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "createDmrClusterLinkAttribute", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The Link Attribute object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterLinkAttribute" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Link Attribute object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkAttributeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Link Attribute object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links/{remoteNodeName}/attributes/{attributeName},{attributeValue}": { + "delete": { + "description": "Delete a Link Attribute object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA Link Attribute is a key+value pair that can be used to locate a DMR Cluster Link, for example when using client certificate mapping.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "deleteDmrClusterLinkAttribute", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Attribute.", + "in": "path", + "name": "attributeName", + "required": true, + "type": "string" + }, + { + "description": "The value of the Attribute.", + "in": "path", + "name": "attributeValue", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Link Attribute object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "description": "Get a Link Attribute object.\n\nA Link Attribute is a key+value pair that can be used to locate a DMR Cluster Link, for example when using client certificate mapping.\n\n\nAttribute|Identifying\n:---|:---:\nattributeName|x\nattributeValue|x\ndmrClusterName|x\nremoteNodeName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "getDmrClusterLinkAttribute", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Attribute.", + "in": "path", + "name": "attributeName", + "required": true, + "type": "string" + }, + { + "description": "The value of the Attribute.", + "in": "path", + "name": "attributeValue", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Link Attribute object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkAttributeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Link Attribute object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links/{remoteNodeName}/remoteAddresses": { + "get": { + "description": "Get a list of Remote Address objects.\n\nEach Remote Address, consisting of a FQDN or IP address and optional port, is used to connect to the remote node for this Link. Up to 4 addresses may be provided for each Link, and will be tried on a round-robin basis.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nremoteAddress|x\nremoteNodeName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getDmrClusterLinkRemoteAddresses", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Remote Address objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddressesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Remote Address objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "description": "Create a Remote Address object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nEach Remote Address, consisting of a FQDN or IP address and optional port, is used to connect to the remote node for this Link. Up to 4 addresses may be provided for each Link, and will be tried on a round-robin basis.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ndmrClusterName|x|||x\nremoteAddress|x|x|x|\nremoteNodeName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createDmrClusterLinkRemoteAddress", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The Remote Address object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddress" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Address object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddressResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Remote Address object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links/{remoteNodeName}/remoteAddresses/{remoteAddress}": { + "delete": { + "description": "Delete a Remote Address object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nEach Remote Address, consisting of a FQDN or IP address and optional port, is used to connect to the remote node for this Link. Up to 4 addresses may be provided for each Link, and will be tried on a round-robin basis.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteDmrClusterLinkRemoteAddress", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The FQDN or IP address (and optional port) of the remote node. If a port is not provided, it will vary based on the transport encoding: 55555 (plain-text), 55443 (encrypted), or 55003 (compressed).", + "in": "path", + "name": "remoteAddress", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Remote Address object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "description": "Get a Remote Address object.\n\nEach Remote Address, consisting of a FQDN or IP address and optional port, is used to connect to the remote node for this Link. Up to 4 addresses may be provided for each Link, and will be tried on a round-robin basis.\n\n\nAttribute|Identifying\n:---|:---:\ndmrClusterName|x\nremoteAddress|x\nremoteNodeName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getDmrClusterLinkRemoteAddress", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The FQDN or IP address (and optional port) of the remote node. If a port is not provided, it will vary based on the transport encoding: 55555 (plain-text), 55443 (encrypted), or 55003 (compressed).", + "in": "path", + "name": "remoteAddress", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Address object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkRemoteAddressResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Remote Address object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links/{remoteNodeName}/tlsTrustedCommonNames": { + "get": { + "deprecated": true, + "description": "Get a list of Trusted Common Name objects.\n\nThe Trusted Common Names for the Link are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\ndmrClusterName|x|x\nremoteNodeName|x|x\ntlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "getDmrClusterLinkTlsTrustedCommonNames", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Trusted Common Name objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonNamesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Trusted Common Name objects.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "post": { + "deprecated": true, + "description": "Create a Trusted Common Name object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nThe Trusted Common Names for the Link are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:|:---:\ndmrClusterName|x|||x|x\nremoteNodeName|x|||x|x\ntlsTrustedCommonName|x|x|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "createDmrClusterLinkTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The Trusted Common Name object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonName" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trusted Common Name object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Trusted Common Name object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/dmrClusters/{dmrClusterName}/links/{remoteNodeName}/tlsTrustedCommonNames/{tlsTrustedCommonName}": { + "delete": { + "deprecated": true, + "description": "Delete a Trusted Common Name object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nThe Trusted Common Names for the Link are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "deleteDmrClusterLinkTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The expected trusted common name of the remote certificate.", + "in": "path", + "name": "tlsTrustedCommonName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Trusted Common Name object.", + "tags": [ + "all", + "dmrCluster" + ] + }, + "get": { + "deprecated": true, + "description": "Get a Trusted Common Name object.\n\nThe Trusted Common Names for the Link are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\ndmrClusterName|x|x\nremoteNodeName|x|x\ntlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "getDmrClusterLinkTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Cluster.", + "in": "path", + "name": "dmrClusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the Link.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The expected trusted common name of the remote certificate.", + "in": "path", + "name": "tlsTrustedCommonName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trusted Common Name object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DmrClusterLinkTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Trusted Common Name object.", + "tags": [ + "all", + "dmrCluster" + ] + } + }, + "/domainCertAuthorities": { + "get": { + "description": "Get a list of Domain Certificate Authority objects.\n\nCertificate Authorities trusted for domain verification.\n\n\nAttribute|Identifying\n:---|:---:\ncertAuthorityName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.19.", + "operationId": "getDomainCertAuthorities", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Domain Certificate Authority objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DomainCertAuthoritiesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Domain Certificate Authority objects.", + "tags": [ + "all", + "domainCertAuthority" + ] + }, + "post": { + "description": "Create a Domain Certificate Authority object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nCertificate Authorities trusted for domain verification.\n\n\nAttribute|Identifying|Const|Required\n:---|:---:|:---:|:---:\ncertAuthorityName|x|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "createDomainCertAuthority", + "parameters": [ + { + "description": "The Domain Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DomainCertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Domain Certificate Authority object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/DomainCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Domain Certificate Authority object.", + "tags": [ + "all", + "domainCertAuthority" + ] + } + }, + "/domainCertAuthorities/{certAuthorityName}": { + "delete": { + "description": "Delete a Domain Certificate Authority object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nCertificate Authorities trusted for domain verification.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "deleteDomainCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Domain Certificate Authority object.", + "tags": [ + "all", + "domainCertAuthority" + ] + }, + "get": { + "description": "Get a Domain Certificate Authority object.\n\nCertificate Authorities trusted for domain verification.\n\n\nAttribute|Identifying\n:---|:---:\ncertAuthorityName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "getDomainCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Domain Certificate Authority object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/DomainCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Domain Certificate Authority object.", + "tags": [ + "all", + "domainCertAuthority" + ] + }, + "patch": { + "description": "Update a Domain Certificate Authority object. Any attribute missing from the request will be left unchanged.\n\nCertificate Authorities trusted for domain verification.\n\n\nAttribute|Identifying|Const\n:---|:---:|:---:\ncertAuthorityName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "updateDomainCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The Domain Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DomainCertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Domain Certificate Authority object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/DomainCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Domain Certificate Authority object.", + "tags": [ + "all", + "domainCertAuthority" + ] + }, + "put": { + "description": "Replace a Domain Certificate Authority object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nCertificate Authorities trusted for domain verification.\n\n\nAttribute|Identifying|Const\n:---|:---:|:---:\ncertAuthorityName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.19.", + "operationId": "replaceDomainCertAuthority", + "parameters": [ + { + "description": "The name of the Certificate Authority.", + "in": "path", + "name": "certAuthorityName", + "required": true, + "type": "string" + }, + { + "description": "The Domain Certificate Authority object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DomainCertAuthority" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Domain Certificate Authority object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/DomainCertAuthorityResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Domain Certificate Authority object.", + "tags": [ + "all", + "domainCertAuthority" + ] + } + }, + "/msgVpns": { + "get": { + "description": "Get a list of Message VPN objects.\n\nMessage VPNs (Virtual Private Networks) allow for the segregation of topic space and clients. They also group clients connecting to a network of message brokers, such that messages published within a particular group are only visible to that group's clients.\n\n\nAttribute|Identifying|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:\nauthenticationOauthDefaultProviderName|||x|\nbridgingTlsServerCertEnforceTrustedCommonNameEnabled|||x|\ndistributedCacheManagementEnabled|||x|\nmsgVpnName|x|||\nreplicationBridgeAuthenticationBasicPassword||x||x\nreplicationBridgeAuthenticationClientCertContent||x||x\nreplicationBridgeAuthenticationClientCertPassword||x||\nreplicationEnabledQueueBehavior||x||\nrestTlsServerCertEnforceTrustedCommonNameEnabled|||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpns", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Message VPN objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Message VPN objects.", + "tags": [ + "all", + "msgVpn" + ] + }, + "post": { + "description": "Create a Message VPN object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nMessage VPNs (Virtual Private Networks) allow for the segregation of topic space and clients. They also group clients connecting to a network of message brokers, such that messages published within a particular group are only visible to that group's clients.\n\n\nAttribute|Identifying|Const|Required|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationOauthDefaultProviderName|||||x|\nbridgingTlsServerCertEnforceTrustedCommonNameEnabled|||||x|\ndistributedCacheManagementEnabled|||||x|\nmsgVpnName|x|x|x|||\nreplicationBridgeAuthenticationBasicPassword||||x||x\nreplicationBridgeAuthenticationClientCertContent||||x||x\nreplicationBridgeAuthenticationClientCertPassword||||x||\nreplicationEnabledQueueBehavior||||x||\nrestTlsServerCertEnforceTrustedCommonNameEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\nEventThresholdByValue|clearValue|setValue|\nEventThresholdByValue|setValue|clearValue|\nMsgVpn|authenticationBasicProfileName|authenticationBasicType|\nMsgVpn|authorizationProfileName|authorizationType|\nMsgVpn|eventPublishTopicFormatMqttEnabled|eventPublishTopicFormatSmfEnabled|\nMsgVpn|eventPublishTopicFormatSmfEnabled|eventPublishTopicFormatMqttEnabled|\nMsgVpn|replicationBridgeAuthenticationBasicClientUsername|replicationBridgeAuthenticationBasicPassword|\nMsgVpn|replicationBridgeAuthenticationBasicPassword|replicationBridgeAuthenticationBasicClientUsername|\nMsgVpn|replicationBridgeAuthenticationClientCertPassword|replicationBridgeAuthenticationClientCertContent|\nMsgVpn|replicationEnabledQueueBehavior|replicationEnabled|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpn", + "parameters": [ + { + "description": "The Message VPN object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpn" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Message VPN object.", + "tags": [ + "all", + "msgVpn" + ] + } + }, + "/msgVpns/{msgVpnName}": { + "delete": { + "description": "Delete a Message VPN object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nMessage VPNs (Virtual Private Networks) allow for the segregation of topic space and clients. They also group clients connecting to a network of message brokers, such that messages published within a particular group are only visible to that group's clients.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Message VPN object.", + "tags": [ + "all", + "msgVpn" + ] + }, + "get": { + "description": "Get a Message VPN object.\n\nMessage VPNs (Virtual Private Networks) allow for the segregation of topic space and clients. They also group clients connecting to a network of message brokers, such that messages published within a particular group are only visible to that group's clients.\n\n\nAttribute|Identifying|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:\nauthenticationOauthDefaultProviderName|||x|\nbridgingTlsServerCertEnforceTrustedCommonNameEnabled|||x|\ndistributedCacheManagementEnabled|||x|\nmsgVpnName|x|||\nreplicationBridgeAuthenticationBasicPassword||x||x\nreplicationBridgeAuthenticationClientCertContent||x||x\nreplicationBridgeAuthenticationClientCertPassword||x||\nreplicationEnabledQueueBehavior||x||\nrestTlsServerCertEnforceTrustedCommonNameEnabled|||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Message VPN object.", + "tags": [ + "all", + "msgVpn" + ] + }, + "patch": { + "description": "Update a Message VPN object. Any attribute missing from the request will be left unchanged.\n\nMessage VPNs (Virtual Private Networks) allow for the segregation of topic space and clients. They also group clients connecting to a network of message brokers, such that messages published within a particular group are only visible to that group's clients.\n\n\nAttribute|Identifying|Const|Write-Only|Auto-Disable|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationOauthDefaultProviderName|||||x|\nbridgingTlsServerCertEnforceTrustedCommonNameEnabled|||||x|\ndistributedCacheManagementEnabled|||||x|\nmsgVpnName|x|x||||\nreplicationBridgeAuthenticationBasicPassword|||x|||x\nreplicationBridgeAuthenticationClientCertContent|||x|||x\nreplicationBridgeAuthenticationClientCertPassword|||x|||\nreplicationEnabledQueueBehavior|||x|||\nrestTlsServerCertEnforceTrustedCommonNameEnabled|||||x|\nserviceAmqpPlainTextListenPort||||x||\nserviceAmqpTlsListenPort||||x||\nserviceMqttPlainTextListenPort||||x||\nserviceMqttTlsListenPort||||x||\nserviceMqttTlsWebSocketListenPort||||x||\nserviceMqttWebSocketListenPort||||x||\nserviceRestIncomingPlainTextListenPort||||x||\nserviceRestIncomingTlsListenPort||||x||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\nEventThresholdByValue|clearValue|setValue|\nEventThresholdByValue|setValue|clearValue|\nMsgVpn|authenticationBasicProfileName|authenticationBasicType|\nMsgVpn|authorizationProfileName|authorizationType|\nMsgVpn|eventPublishTopicFormatMqttEnabled|eventPublishTopicFormatSmfEnabled|\nMsgVpn|eventPublishTopicFormatSmfEnabled|eventPublishTopicFormatMqttEnabled|\nMsgVpn|replicationBridgeAuthenticationBasicClientUsername|replicationBridgeAuthenticationBasicPassword|\nMsgVpn|replicationBridgeAuthenticationBasicPassword|replicationBridgeAuthenticationBasicClientUsername|\nMsgVpn|replicationBridgeAuthenticationClientCertPassword|replicationBridgeAuthenticationClientCertContent|\nMsgVpn|replicationEnabledQueueBehavior|replicationEnabled|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"vpn/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\nalias|global/read-write\nauthenticationBasicEnabled|global/read-write\nauthenticationBasicProfileName|global/read-write\nauthenticationBasicRadiusDomain|global/read-write\nauthenticationBasicType|global/read-write\nauthenticationClientCertAllowApiProvidedUsernameEnabled|global/read-write\nauthenticationClientCertCertificateMatchingRulesEnabled|global/read-write\nauthenticationClientCertEnabled|global/read-write\nauthenticationClientCertMaxChainDepth|global/read-write\nauthenticationClientCertRevocationCheckMode|global/read-write\nauthenticationClientCertUsernameSource|global/read-write\nauthenticationClientCertValidateDateEnabled|global/read-write\nauthenticationKerberosAllowApiProvidedUsernameEnabled|global/read-write\nauthenticationKerberosEnabled|global/read-write\nauthenticationOauthEnabled|global/read-write\nbridgingTlsServerCertEnforceTrustedCommonNameEnabled|global/read-write\nbridgingTlsServerCertMaxChainDepth|global/read-write\nbridgingTlsServerCertValidateDateEnabled|global/read-write\nbridgingTlsServerCertValidateNameEnabled|global/read-write\ndmrEnabled|global/read-write\nexportSubscriptionsEnabled|global/read-write\nmaxConnectionCount|global/read-write\nmaxEgressFlowCount|global/read-write\nmaxEndpointCount|global/read-write\nmaxIngressFlowCount|global/read-write\nmaxKafkaBrokerConnectionCount|global/read-write\nmaxMsgSpoolUsage|global/read-write\nmaxSubscriptionCount|global/read-write\nmaxTransactedSessionCount|global/read-write\nmaxTransactionCount|global/read-write\nmqttRetainMaxMemory|global/read-write\nreplicationBridgeAuthenticationBasicClientUsername|global/read-write\nreplicationBridgeAuthenticationBasicPassword|global/read-write\nreplicationBridgeAuthenticationClientCertContent|global/read-write\nreplicationBridgeAuthenticationClientCertPassword|global/read-write\nreplicationBridgeAuthenticationScheme|global/read-write\nreplicationBridgeCompressedDataEnabled|global/read-write\nreplicationBridgeEgressFlowWindowSize|global/read-write\nreplicationBridgeRetryDelay|global/read-write\nreplicationBridgeTlsEnabled|global/read-write\nreplicationBridgeUnidirectionalClientProfileName|global/read-write\nreplicationEnabled|global/read-write\nreplicationEnabledQueueBehavior|global/read-write\nreplicationQueueMaxMsgSpoolUsage|global/read-write\nreplicationRole|global/read-write\nrestTlsServerCertEnforceTrustedCommonNameEnabled|global/read-write\nrestTlsServerCertMaxChainDepth|global/read-write\nrestTlsServerCertValidateDateEnabled|global/read-write\nrestTlsServerCertValidateNameEnabled|global/read-write\nsempOverMsgBusAdminClientEnabled|global/read-write\nsempOverMsgBusAdminDistributedCacheEnabled|global/read-write\nsempOverMsgBusAdminEnabled|global/read-write\nsempOverMsgBusEnabled|global/read-write\nsempOverMsgBusShowEnabled|global/read-write\nserviceAmqpMaxConnectionCount|global/read-write\nserviceAmqpPlainTextListenPort|global/read-write\nserviceAmqpTlsListenPort|global/read-write\nserviceMqttMaxConnectionCount|global/read-write\nserviceMqttPlainTextListenPort|global/read-write\nserviceMqttTlsListenPort|global/read-write\nserviceMqttTlsWebSocketListenPort|global/read-write\nserviceMqttWebSocketListenPort|global/read-write\nserviceRestIncomingMaxConnectionCount|global/read-write\nserviceRestIncomingPlainTextListenPort|global/read-write\nserviceRestIncomingTlsListenPort|global/read-write\nserviceRestOutgoingMaxConnectionCount|global/read-write\nserviceSmfMaxConnectionCount|global/read-write\nserviceWebMaxConnectionCount|global/read-write\n\n\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpn" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Message VPN object.", + "tags": [ + "all", + "msgVpn" + ] + }, + "put": { + "description": "Replace a Message VPN object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nMessage VPNs (Virtual Private Networks) allow for the segregation of topic space and clients. They also group clients connecting to a network of message brokers, such that messages published within a particular group are only visible to that group's clients.\n\n\nAttribute|Identifying|Const|Write-Only|Auto-Disable|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationOauthDefaultProviderName|||||x|\nbridgingTlsServerCertEnforceTrustedCommonNameEnabled|||||x|\ndistributedCacheManagementEnabled|||||x|\nmsgVpnName|x|x||||\nreplicationBridgeAuthenticationBasicPassword|||x|||x\nreplicationBridgeAuthenticationClientCertContent|||x|||x\nreplicationBridgeAuthenticationClientCertPassword|||x|||\nreplicationEnabledQueueBehavior|||x|||\nrestTlsServerCertEnforceTrustedCommonNameEnabled|||||x|\nserviceAmqpPlainTextListenPort||||x||\nserviceAmqpTlsListenPort||||x||\nserviceMqttPlainTextListenPort||||x||\nserviceMqttTlsListenPort||||x||\nserviceMqttTlsWebSocketListenPort||||x||\nserviceMqttWebSocketListenPort||||x||\nserviceRestIncomingPlainTextListenPort||||x||\nserviceRestIncomingTlsListenPort||||x||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\nEventThresholdByValue|clearValue|setValue|\nEventThresholdByValue|setValue|clearValue|\nMsgVpn|authenticationBasicProfileName|authenticationBasicType|\nMsgVpn|authorizationProfileName|authorizationType|\nMsgVpn|eventPublishTopicFormatMqttEnabled|eventPublishTopicFormatSmfEnabled|\nMsgVpn|eventPublishTopicFormatSmfEnabled|eventPublishTopicFormatMqttEnabled|\nMsgVpn|replicationBridgeAuthenticationBasicClientUsername|replicationBridgeAuthenticationBasicPassword|\nMsgVpn|replicationBridgeAuthenticationBasicPassword|replicationBridgeAuthenticationBasicClientUsername|\nMsgVpn|replicationBridgeAuthenticationClientCertPassword|replicationBridgeAuthenticationClientCertContent|\nMsgVpn|replicationEnabledQueueBehavior|replicationEnabled|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"vpn/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\nalias|global/read-write\nauthenticationBasicEnabled|global/read-write\nauthenticationBasicProfileName|global/read-write\nauthenticationBasicRadiusDomain|global/read-write\nauthenticationBasicType|global/read-write\nauthenticationClientCertAllowApiProvidedUsernameEnabled|global/read-write\nauthenticationClientCertCertificateMatchingRulesEnabled|global/read-write\nauthenticationClientCertEnabled|global/read-write\nauthenticationClientCertMaxChainDepth|global/read-write\nauthenticationClientCertRevocationCheckMode|global/read-write\nauthenticationClientCertUsernameSource|global/read-write\nauthenticationClientCertValidateDateEnabled|global/read-write\nauthenticationKerberosAllowApiProvidedUsernameEnabled|global/read-write\nauthenticationKerberosEnabled|global/read-write\nauthenticationOauthEnabled|global/read-write\nbridgingTlsServerCertEnforceTrustedCommonNameEnabled|global/read-write\nbridgingTlsServerCertMaxChainDepth|global/read-write\nbridgingTlsServerCertValidateDateEnabled|global/read-write\nbridgingTlsServerCertValidateNameEnabled|global/read-write\ndmrEnabled|global/read-write\nexportSubscriptionsEnabled|global/read-write\nmaxConnectionCount|global/read-write\nmaxEgressFlowCount|global/read-write\nmaxEndpointCount|global/read-write\nmaxIngressFlowCount|global/read-write\nmaxKafkaBrokerConnectionCount|global/read-write\nmaxMsgSpoolUsage|global/read-write\nmaxSubscriptionCount|global/read-write\nmaxTransactedSessionCount|global/read-write\nmaxTransactionCount|global/read-write\nmqttRetainMaxMemory|global/read-write\nreplicationBridgeAuthenticationBasicClientUsername|global/read-write\nreplicationBridgeAuthenticationBasicPassword|global/read-write\nreplicationBridgeAuthenticationClientCertContent|global/read-write\nreplicationBridgeAuthenticationClientCertPassword|global/read-write\nreplicationBridgeAuthenticationScheme|global/read-write\nreplicationBridgeCompressedDataEnabled|global/read-write\nreplicationBridgeEgressFlowWindowSize|global/read-write\nreplicationBridgeRetryDelay|global/read-write\nreplicationBridgeTlsEnabled|global/read-write\nreplicationBridgeUnidirectionalClientProfileName|global/read-write\nreplicationEnabled|global/read-write\nreplicationEnabledQueueBehavior|global/read-write\nreplicationQueueMaxMsgSpoolUsage|global/read-write\nreplicationRole|global/read-write\nrestTlsServerCertEnforceTrustedCommonNameEnabled|global/read-write\nrestTlsServerCertMaxChainDepth|global/read-write\nrestTlsServerCertValidateDateEnabled|global/read-write\nrestTlsServerCertValidateNameEnabled|global/read-write\nsempOverMsgBusAdminClientEnabled|global/read-write\nsempOverMsgBusAdminDistributedCacheEnabled|global/read-write\nsempOverMsgBusAdminEnabled|global/read-write\nsempOverMsgBusEnabled|global/read-write\nsempOverMsgBusShowEnabled|global/read-write\nserviceAmqpMaxConnectionCount|global/read-write\nserviceAmqpPlainTextListenPort|global/read-write\nserviceAmqpTlsListenPort|global/read-write\nserviceMqttMaxConnectionCount|global/read-write\nserviceMqttPlainTextListenPort|global/read-write\nserviceMqttTlsListenPort|global/read-write\nserviceMqttTlsWebSocketListenPort|global/read-write\nserviceMqttWebSocketListenPort|global/read-write\nserviceRestIncomingMaxConnectionCount|global/read-write\nserviceRestIncomingPlainTextListenPort|global/read-write\nserviceRestIncomingTlsListenPort|global/read-write\nserviceRestOutgoingMaxConnectionCount|global/read-write\nserviceSmfMaxConnectionCount|global/read-write\nserviceWebMaxConnectionCount|global/read-write\n\n\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpn" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Message VPN object.", + "tags": [ + "all", + "msgVpn" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles": { + "get": { + "description": "Get a list of ACL Profile objects.\n\nAn ACL Profile controls whether an authenticated client is permitted to establish a connection with the message broker or permitted to publish and subscribe to specific topics.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnAclProfiles", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of ACL Profile objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of ACL Profile objects.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "post": { + "description": "Create an ACL Profile object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAn ACL Profile controls whether an authenticated client is permitted to establish a connection with the message broker or permitted to publish and subscribe to specific topics.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\naclProfileName|x|x|x|\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnAclProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The ACL Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The ACL Profile object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an ACL Profile object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}": { + "delete": { + "description": "Delete an ACL Profile object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAn ACL Profile controls whether an authenticated client is permitted to establish a connection with the message broker or permitted to publish and subscribe to specific topics.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnAclProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an ACL Profile object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "get": { + "description": "Get an ACL Profile object.\n\nAn ACL Profile controls whether an authenticated client is permitted to establish a connection with the message broker or permitted to publish and subscribe to specific topics.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnAclProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The ACL Profile object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an ACL Profile object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "patch": { + "description": "Update an ACL Profile object. Any attribute missing from the request will be left unchanged.\n\nAn ACL Profile controls whether an authenticated client is permitted to establish a connection with the message broker or permitted to publish and subscribe to specific topics.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\naclProfileName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnAclProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The ACL Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The ACL Profile object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an ACL Profile object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "put": { + "description": "Replace an ACL Profile object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nAn ACL Profile controls whether an authenticated client is permitted to establish a connection with the message broker or permitted to publish and subscribe to specific topics.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\naclProfileName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnAclProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The ACL Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The ACL Profile object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an ACL Profile object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/clientConnectExceptions": { + "get": { + "description": "Get a list of Client Connect Exception objects.\n\nA Client Connect Exception is an exception to the default action to take when a client using the ACL Profile connects to the Message VPN. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nclientConnectExceptionAddress|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnAclProfileClientConnectExceptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Client Connect Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Client Connect Exception objects.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "post": { + "description": "Create a Client Connect Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Client Connect Exception is an exception to the default action to take when a client using the ACL Profile connects to the Message VPN. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\naclProfileName|x|||x\nclientConnectExceptionAddress|x|x|x|\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnAclProfileClientConnectException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Client Connect Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Connect Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Client Connect Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/clientConnectExceptions/{clientConnectExceptionAddress}": { + "delete": { + "description": "Delete a Client Connect Exception object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Client Connect Exception is an exception to the default action to take when a client using the ACL Profile connects to the Message VPN. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnAclProfileClientConnectException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The IP address/netmask of the client connect exception in canonical CIDR form.", + "in": "path", + "name": "clientConnectExceptionAddress", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Client Connect Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "get": { + "description": "Get a Client Connect Exception object.\n\nA Client Connect Exception is an exception to the default action to take when a client using the ACL Profile connects to the Message VPN. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nclientConnectExceptionAddress|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnAclProfileClientConnectException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The IP address/netmask of the client connect exception in canonical CIDR form.", + "in": "path", + "name": "clientConnectExceptionAddress", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Connect Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileClientConnectExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Client Connect Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/publishExceptions": { + "get": { + "deprecated": true, + "description": "Get a list of Publish Topic Exception objects.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\naclProfileName|x|x\nmsgVpnName|x|x\npublishExceptionTopic|x|x\ntopicSyntax|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been deprecated since 2.14. Replaced by publishTopicExceptions.", + "operationId": "getMsgVpnAclProfilePublishExceptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Publish Topic Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Publish Topic Exception objects.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "post": { + "deprecated": true, + "description": "Create a Publish Topic Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:|:---:\naclProfileName|x|||x|x\nmsgVpnName|x|||x|x\npublishExceptionTopic|x|x|x||x\ntopicSyntax|x|x|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.14. Replaced by publishTopicExceptions.", + "operationId": "createMsgVpnAclProfilePublishException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Publish Topic Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Publish Topic Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Publish Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/publishExceptions/{topicSyntax},{publishExceptionTopic}": { + "delete": { + "deprecated": true, + "description": "Delete a Publish Topic Exception object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.14. Replaced by publishTopicExceptions.", + "operationId": "deleteMsgVpnAclProfilePublishException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "topicSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "publishExceptionTopic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Publish Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "get": { + "deprecated": true, + "description": "Get a Publish Topic Exception object.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\naclProfileName|x|x\nmsgVpnName|x|x\npublishExceptionTopic|x|x\ntopicSyntax|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.14. Replaced by publishTopicExceptions.", + "operationId": "getMsgVpnAclProfilePublishException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "topicSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "publishExceptionTopic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Publish Topic Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Publish Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/publishTopicExceptions": { + "get": { + "description": "Get a list of Publish Topic Exception objects.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\npublishTopicException|x\npublishTopicExceptionSyntax|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnAclProfilePublishTopicExceptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Publish Topic Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Publish Topic Exception objects.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "post": { + "description": "Create a Publish Topic Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\naclProfileName|x|||x\nmsgVpnName|x|||x\npublishTopicException|x|x|x|\npublishTopicExceptionSyntax|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "createMsgVpnAclProfilePublishTopicException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Publish Topic Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Publish Topic Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Publish Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/publishTopicExceptions/{publishTopicExceptionSyntax},{publishTopicException}": { + "delete": { + "description": "Delete a Publish Topic Exception object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "deleteMsgVpnAclProfilePublishTopicException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "publishTopicExceptionSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "publishTopicException", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Publish Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "get": { + "description": "Get a Publish Topic Exception object.\n\nA Publish Topic Exception is an exception to the default action to take when a client using the ACL Profile publishes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\npublishTopicException|x\npublishTopicExceptionSyntax|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnAclProfilePublishTopicException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "publishTopicExceptionSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "publishTopicException", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Publish Topic Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfilePublishTopicExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Publish Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/subscribeExceptions": { + "get": { + "deprecated": true, + "description": "Get a list of Subscribe Topic Exception objects.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\naclProfileName|x|x\nmsgVpnName|x|x\nsubscribeExceptionTopic|x|x\ntopicSyntax|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "operationId": "getMsgVpnAclProfileSubscribeExceptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Subscribe Topic Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Subscribe Topic Exception objects.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "post": { + "deprecated": true, + "description": "Create a Subscribe Topic Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:|:---:\naclProfileName|x|||x|x\nmsgVpnName|x|||x|x\nsubscribeExceptionTopic|x|x|x||x\ntopicSyntax|x|x|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "operationId": "createMsgVpnAclProfileSubscribeException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Subscribe Topic Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscribe Topic Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Subscribe Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/subscribeExceptions/{topicSyntax},{subscribeExceptionTopic}": { + "delete": { + "deprecated": true, + "description": "Delete a Subscribe Topic Exception object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "operationId": "deleteMsgVpnAclProfileSubscribeException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "topicSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "subscribeExceptionTopic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Subscribe Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "get": { + "deprecated": true, + "description": "Get a Subscribe Topic Exception object.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\naclProfileName|x|x\nmsgVpnName|x|x\nsubscribeExceptionTopic|x|x\ntopicSyntax|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.14. Replaced by subscribeTopicExceptions.", + "operationId": "getMsgVpnAclProfileSubscribeException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "topicSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "subscribeExceptionTopic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscribe Topic Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Subscribe Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/subscribeShareNameExceptions": { + "get": { + "description": "Get a list of Subscribe Share Name Exception objects.\n\nA Subscribe Share Name Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a share-name subscription in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\nsubscribeShareNameException|x\nsubscribeShareNameExceptionSyntax|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnAclProfileSubscribeShareNameExceptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Subscribe Share Name Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Subscribe Share Name Exception objects.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "post": { + "description": "Create a Subscribe Share Name Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Subscribe Share Name Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a share-name subscription in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\naclProfileName|x|||x\nmsgVpnName|x|||x\nsubscribeShareNameException|x|x|x|\nsubscribeShareNameExceptionSyntax|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "createMsgVpnAclProfileSubscribeShareNameException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Subscribe Share Name Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscribe Share Name Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Subscribe Share Name Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/subscribeShareNameExceptions/{subscribeShareNameExceptionSyntax},{subscribeShareNameException}": { + "delete": { + "description": "Delete a Subscribe Share Name Exception object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Subscribe Share Name Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a share-name subscription in the Message VPN. Exceptions must be expressed as a topic.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "deleteMsgVpnAclProfileSubscribeShareNameException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the subscribe share name for the exception to the default action taken.", + "in": "path", + "name": "subscribeShareNameExceptionSyntax", + "required": true, + "type": "string" + }, + { + "description": "The subscribe share name exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "subscribeShareNameException", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Subscribe Share Name Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "get": { + "description": "Get a Subscribe Share Name Exception object.\n\nA Subscribe Share Name Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a share-name subscription in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\nsubscribeShareNameException|x\nsubscribeShareNameExceptionSyntax|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnAclProfileSubscribeShareNameException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the subscribe share name for the exception to the default action taken.", + "in": "path", + "name": "subscribeShareNameExceptionSyntax", + "required": true, + "type": "string" + }, + { + "description": "The subscribe share name exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "subscribeShareNameException", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscribe Share Name Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeShareNameExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Subscribe Share Name Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/subscribeTopicExceptions": { + "get": { + "description": "Get a list of Subscribe Topic Exception objects.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\nsubscribeTopicException|x\nsubscribeTopicExceptionSyntax|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnAclProfileSubscribeTopicExceptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Subscribe Topic Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Subscribe Topic Exception objects.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "post": { + "description": "Create a Subscribe Topic Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\naclProfileName|x|||x\nmsgVpnName|x|||x\nsubscribeTopicException|x|x|x|\nsubscribeTopicExceptionSyntax|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "createMsgVpnAclProfileSubscribeTopicException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Subscribe Topic Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscribe Topic Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Subscribe Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/aclProfiles/{aclProfileName}/subscribeTopicExceptions/{subscribeTopicExceptionSyntax},{subscribeTopicException}": { + "delete": { + "description": "Delete a Subscribe Topic Exception object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "deleteMsgVpnAclProfileSubscribeTopicException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "subscribeTopicExceptionSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "subscribeTopicException", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Subscribe Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + }, + "get": { + "description": "Get a Subscribe Topic Exception object.\n\nA Subscribe Topic Exception is an exception to the default action to take when a client using the ACL Profile subscribes to a topic in the Message VPN. Exceptions must be expressed as a topic.\n\n\nAttribute|Identifying\n:---|:---:\naclProfileName|x\nmsgVpnName|x\nsubscribeTopicException|x\nsubscribeTopicExceptionSyntax|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnAclProfileSubscribeTopicException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ACL Profile.", + "in": "path", + "name": "aclProfileName", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the topic for the exception to the default action taken.", + "in": "path", + "name": "subscribeTopicExceptionSyntax", + "required": true, + "type": "string" + }, + { + "description": "The topic for the exception to the default action taken. May include wildcard characters.", + "in": "path", + "name": "subscribeTopicException", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscribe Topic Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAclProfileSubscribeTopicExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Subscribe Topic Exception object.", + "tags": [ + "all", + "msgVpn", + "aclProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationKerberosRealms": { + "get": { + "description": "Get a list of Realm objects.\n\nKerberos Realm.\n\n\nAttribute|Identifying\n:---|:---:\nkerberosRealmName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.40.", + "operationId": "getMsgVpnAuthenticationKerberosRealms", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Realm objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealmsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Realm objects.", + "tags": [ + "all", + "msgVpn", + "authenticationKerberosRealm" + ] + }, + "post": { + "description": "Create a Realm object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nKerberos Realm.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nkerberosRealmName|x|x|x|\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.40.", + "operationId": "createMsgVpnAuthenticationKerberosRealm", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Realm object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealm" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Realm object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealmResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Realm object.", + "tags": [ + "all", + "msgVpn", + "authenticationKerberosRealm" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationKerberosRealms/{kerberosRealmName}": { + "delete": { + "description": "Delete a Realm object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nKerberos Realm.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.40.", + "operationId": "deleteMsgVpnAuthenticationKerberosRealm", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Realm Name. Must start with \"@\", typically all uppercase.", + "in": "path", + "name": "kerberosRealmName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Realm object.", + "tags": [ + "all", + "msgVpn", + "authenticationKerberosRealm" + ] + }, + "get": { + "description": "Get a Realm object.\n\nKerberos Realm.\n\n\nAttribute|Identifying\n:---|:---:\nkerberosRealmName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.40.", + "operationId": "getMsgVpnAuthenticationKerberosRealm", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Realm Name. Must start with \"@\", typically all uppercase.", + "in": "path", + "name": "kerberosRealmName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Realm object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealmResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Realm object.", + "tags": [ + "all", + "msgVpn", + "authenticationKerberosRealm" + ] + }, + "patch": { + "description": "Update a Realm object. Any attribute missing from the request will be left unchanged.\n\nKerberos Realm.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nkdcAddress||||x\nkerberosRealmName|x|x||\nmsgVpnName|x||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.40.", + "operationId": "updateMsgVpnAuthenticationKerberosRealm", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Realm Name. Must start with \"@\", typically all uppercase.", + "in": "path", + "name": "kerberosRealmName", + "required": true, + "type": "string" + }, + { + "description": "The Realm object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealm" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Realm object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealmResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Realm object.", + "tags": [ + "all", + "msgVpn", + "authenticationKerberosRealm" + ] + }, + "put": { + "description": "Replace a Realm object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nKerberos Realm.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nkdcAddress||||x\nkerberosRealmName|x|x||\nmsgVpnName|x||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.40.", + "operationId": "replaceMsgVpnAuthenticationKerberosRealm", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Realm Name. Must start with \"@\", typically all uppercase.", + "in": "path", + "name": "kerberosRealmName", + "required": true, + "type": "string" + }, + { + "description": "The Realm object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealm" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Realm object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationKerberosRealmResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Realm object.", + "tags": [ + "all", + "msgVpn", + "authenticationKerberosRealm" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProfiles": { + "get": { + "description": "Get a list of OAuth Profile objects.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nclientSecret||x|x\nmsgVpnName|x||\noauthProfileName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.25.", + "operationId": "getMsgVpnAuthenticationOauthProfiles", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of OAuth Profile objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfilesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of OAuth Profile objects.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "post": { + "description": "Create an OAuth Profile object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nclientSecret|||||x|x\nmsgVpnName|x|||x||\noauthProfileName|x|x|x|||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "createMsgVpnAuthenticationOauthProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an OAuth Profile object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProfiles/{oauthProfileName}": { + "delete": { + "description": "Delete an OAuth Profile object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "deleteMsgVpnAuthenticationOauthProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an OAuth Profile object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "get": { + "description": "Get an OAuth Profile object.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nclientSecret||x|x\nmsgVpnName|x||\noauthProfileName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "getMsgVpnAuthenticationOauthProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an OAuth Profile object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "patch": { + "description": "Update an OAuth Profile object. Any attribute missing from the request will be left unchanged.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nclientSecret||||x|x\nmsgVpnName|x||x||\noauthProfileName|x|x|||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "updateMsgVpnAuthenticationOauthProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an OAuth Profile object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "put": { + "description": "Replace an OAuth Profile object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nclientSecret||||x|x\nmsgVpnName|x||x||\noauthProfileName|x|x|||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "replaceMsgVpnAuthenticationOauthProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an OAuth Profile object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProfiles/{oauthProfileName}/clientRequiredClaims": { + "get": { + "description": "Get a list of Required Claim objects.\n\nAdditional claims to be verified in the ID token.\n\n\nAttribute|Identifying\n:---|:---:\nclientRequiredClaimName|x\nmsgVpnName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.25.", + "operationId": "getMsgVpnAuthenticationOauthProfileClientRequiredClaims", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Required Claim objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaimsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Required Claim objects.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "post": { + "description": "Create a Required Claim object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAdditional claims to be verified in the ID token.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nclientRequiredClaimName|x|x|x|\nclientRequiredClaimValue||x|x|\nmsgVpnName|x|||x\noauthProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "createMsgVpnAuthenticationOauthProfileClientRequiredClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Required Claim object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaim" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Required Claim object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProfiles/{oauthProfileName}/clientRequiredClaims/{clientRequiredClaimName}": { + "delete": { + "description": "Delete a Required Claim object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAdditional claims to be verified in the ID token.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "deleteMsgVpnAuthenticationOauthProfileClientRequiredClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ID token claim to verify.", + "in": "path", + "name": "clientRequiredClaimName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Required Claim object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "get": { + "description": "Get a Required Claim object.\n\nAdditional claims to be verified in the ID token.\n\n\nAttribute|Identifying\n:---|:---:\nclientRequiredClaimName|x\nmsgVpnName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "getMsgVpnAuthenticationOauthProfileClientRequiredClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ID token claim to verify.", + "in": "path", + "name": "clientRequiredClaimName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileClientRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Required Claim object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProfiles/{oauthProfileName}/resourceServerRequiredClaims": { + "get": { + "description": "Get a list of Required Claim objects.\n\nAdditional claims to be verified in the access token.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\noauthProfileName|x\nresourceServerRequiredClaimName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.25.", + "operationId": "getMsgVpnAuthenticationOauthProfileResourceServerRequiredClaims", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Required Claim objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Required Claim objects.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "post": { + "description": "Create a Required Claim object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAdditional claims to be verified in the access token.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\noauthProfileName|x|||x\nresourceServerRequiredClaimName|x|x|x|\nresourceServerRequiredClaimValue||x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "createMsgVpnAuthenticationOauthProfileResourceServerRequiredClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Required Claim object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaim" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Required Claim object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProfiles/{oauthProfileName}/resourceServerRequiredClaims/{resourceServerRequiredClaimName}": { + "delete": { + "description": "Delete a Required Claim object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAdditional claims to be verified in the access token.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "deleteMsgVpnAuthenticationOauthProfileResourceServerRequiredClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the access token claim to verify.", + "in": "path", + "name": "resourceServerRequiredClaimName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Required Claim object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + }, + "get": { + "description": "Get a Required Claim object.\n\nAdditional claims to be verified in the access token.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\noauthProfileName|x\nresourceServerRequiredClaimName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.25.", + "operationId": "getMsgVpnAuthenticationOauthProfileResourceServerRequiredClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the access token claim to verify.", + "in": "path", + "name": "resourceServerRequiredClaimName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProfileResourceServerRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Required Claim object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProviders": { + "get": { + "deprecated": true, + "description": "Get a list of OAuth Provider objects.\n\nOAuth Providers contain information about the issuer of an OAuth token that is needed to validate the token and derive a client username from it.\n\n\nAttribute|Identifying|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:\naudienceClaimName|||x|\naudienceClaimSource|||x|\naudienceClaimValue|||x|\naudienceValidationEnabled|||x|\nauthorizationGroupClaimName|||x|\nauthorizationGroupClaimSource|||x|\nauthorizationGroupEnabled|||x|\ndisconnectOnTokenExpirationEnabled|||x|\nenabled|||x|\njwksRefreshInterval|||x|\njwksUri|||x|\nmsgVpnName|x||x|\noauthProviderName|x||x|\ntokenIgnoreTimeLimitsEnabled|||x|\ntokenIntrospectionParameterName|||x|\ntokenIntrospectionPassword||x|x|x\ntokenIntrospectionTimeout|||x|\ntokenIntrospectionUri|||x|\ntokenIntrospectionUsername|||x|\nusernameClaimName|||x|\nusernameClaimSource|||x|\nusernameValidateEnabled|||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "operationId": "getMsgVpnAuthenticationOauthProviders", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of OAuth Provider objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProvidersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of OAuth Provider objects.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProvider" + ] + }, + "post": { + "deprecated": true, + "description": "Create an OAuth Provider object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOAuth Providers contain information about the issuer of an OAuth token that is needed to validate the token and derive a client username from it.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:|:---:\naudienceClaimName||||||x|\naudienceClaimSource||||||x|\naudienceClaimValue||||||x|\naudienceValidationEnabled||||||x|\nauthorizationGroupClaimName||||||x|\nauthorizationGroupClaimSource||||||x|\nauthorizationGroupEnabled||||||x|\ndisconnectOnTokenExpirationEnabled||||||x|\nenabled||||||x|\njwksRefreshInterval||||||x|\njwksUri||||||x|\nmsgVpnName|x|||x||x|\noauthProviderName|x|x|x|||x|\ntokenIgnoreTimeLimitsEnabled||||||x|\ntokenIntrospectionParameterName||||||x|\ntokenIntrospectionPassword|||||x|x|x\ntokenIntrospectionTimeout||||||x|\ntokenIntrospectionUri||||||x|\ntokenIntrospectionUsername||||||x|\nusernameClaimName||||||x|\nusernameClaimSource||||||x|\nusernameValidateEnabled||||||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "operationId": "createMsgVpnAuthenticationOauthProvider", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Provider object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProvider" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Provider object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProviderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an OAuth Provider object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProvider" + ] + } + }, + "/msgVpns/{msgVpnName}/authenticationOauthProviders/{oauthProviderName}": { + "delete": { + "deprecated": true, + "description": "Delete an OAuth Provider object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOAuth Providers contain information about the issuer of an OAuth token that is needed to validate the token and derive a client username from it.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "operationId": "deleteMsgVpnAuthenticationOauthProvider", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth Provider.", + "in": "path", + "name": "oauthProviderName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an OAuth Provider object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProvider" + ] + }, + "get": { + "deprecated": true, + "description": "Get an OAuth Provider object.\n\nOAuth Providers contain information about the issuer of an OAuth token that is needed to validate the token and derive a client username from it.\n\n\nAttribute|Identifying|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:\naudienceClaimName|||x|\naudienceClaimSource|||x|\naudienceClaimValue|||x|\naudienceValidationEnabled|||x|\nauthorizationGroupClaimName|||x|\nauthorizationGroupClaimSource|||x|\nauthorizationGroupEnabled|||x|\ndisconnectOnTokenExpirationEnabled|||x|\nenabled|||x|\njwksRefreshInterval|||x|\njwksUri|||x|\nmsgVpnName|x||x|\noauthProviderName|x||x|\ntokenIgnoreTimeLimitsEnabled|||x|\ntokenIntrospectionParameterName|||x|\ntokenIntrospectionPassword||x|x|x\ntokenIntrospectionTimeout|||x|\ntokenIntrospectionUri|||x|\ntokenIntrospectionUsername|||x|\nusernameClaimName|||x|\nusernameClaimSource|||x|\nusernameValidateEnabled|||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "operationId": "getMsgVpnAuthenticationOauthProvider", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth Provider.", + "in": "path", + "name": "oauthProviderName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Provider object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProviderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an OAuth Provider object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProvider" + ] + }, + "patch": { + "deprecated": true, + "description": "Update an OAuth Provider object. Any attribute missing from the request will be left unchanged.\n\nOAuth Providers contain information about the issuer of an OAuth token that is needed to validate the token and derive a client username from it.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\naudienceClaimName|||||x|\naudienceClaimSource|||||x|\naudienceClaimValue|||||x|\naudienceValidationEnabled|||||x|\nauthorizationGroupClaimName|||||x|\nauthorizationGroupClaimSource|||||x|\nauthorizationGroupEnabled|||||x|\ndisconnectOnTokenExpirationEnabled|||||x|\nenabled|||||x|\njwksRefreshInterval|||||x|\njwksUri|||||x|\nmsgVpnName|x||x||x|\noauthProviderName|x|x|||x|\ntokenIgnoreTimeLimitsEnabled|||||x|\ntokenIntrospectionParameterName|||||x|\ntokenIntrospectionPassword||||x|x|x\ntokenIntrospectionTimeout|||||x|\ntokenIntrospectionUri|||||x|\ntokenIntrospectionUsername|||||x|\nusernameClaimName|||||x|\nusernameClaimSource|||||x|\nusernameValidateEnabled|||||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "operationId": "updateMsgVpnAuthenticationOauthProvider", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth Provider.", + "in": "path", + "name": "oauthProviderName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Provider object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProvider" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Provider object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProviderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an OAuth Provider object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProvider" + ] + }, + "put": { + "deprecated": true, + "description": "Replace an OAuth Provider object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nOAuth Providers contain information about the issuer of an OAuth token that is needed to validate the token and derive a client username from it.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Deprecated|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\naudienceClaimName|||||x|\naudienceClaimSource|||||x|\naudienceClaimValue|||||x|\naudienceValidationEnabled|||||x|\nauthorizationGroupClaimName|||||x|\nauthorizationGroupClaimSource|||||x|\nauthorizationGroupEnabled|||||x|\ndisconnectOnTokenExpirationEnabled|||||x|\nenabled|||||x|\njwksRefreshInterval|||||x|\njwksUri|||||x|\nmsgVpnName|x||x||x|\noauthProviderName|x|x|||x|\ntokenIgnoreTimeLimitsEnabled|||||x|\ntokenIntrospectionParameterName|||||x|\ntokenIntrospectionPassword||||x|x|x\ntokenIntrospectionTimeout|||||x|\ntokenIntrospectionUri|||||x|\ntokenIntrospectionUsername|||||x|\nusernameClaimName|||||x|\nusernameClaimSource|||||x|\nusernameValidateEnabled|||||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.25. Replaced by authenticationOauthProfiles.", + "operationId": "replaceMsgVpnAuthenticationOauthProvider", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the OAuth Provider.", + "in": "path", + "name": "oauthProviderName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Provider object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProvider" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Provider object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthenticationOauthProviderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an OAuth Provider object.", + "tags": [ + "all", + "msgVpn", + "authenticationOauthProvider" + ] + } + }, + "/msgVpns/{msgVpnName}/authorizationGroups": { + "get": { + "description": "Get a list of Authorization Group objects.\n\nTo use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.\n\n\nAttribute|Identifying|Write-Only\n:---|:---:|:---:\nauthorizationGroupName|x|\nmsgVpnName|x|\norderAfterAuthorizationGroupName||x\norderBeforeAuthorizationGroupName||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnAuthorizationGroups", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Authorization Group objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroupsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Authorization Group objects.", + "tags": [ + "all", + "msgVpn", + "authorizationGroup" + ] + }, + "post": { + "description": "Create an Authorization Group object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nTo use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only\n:---|:---:|:---:|:---:|:---:|:---:\nauthorizationGroupName|x|x|x||\nmsgVpnName|x|||x|\norderAfterAuthorizationGroupName|||||x\norderBeforeAuthorizationGroupName|||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Conflicts\n:---|:---|:---\nMsgVpnAuthorizationGroup|orderAfterAuthorizationGroupName|orderBeforeAuthorizationGroupName\nMsgVpnAuthorizationGroup|orderBeforeAuthorizationGroupName|orderAfterAuthorizationGroupName\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnAuthorizationGroup", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Authorization Group object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroup" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Group object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an Authorization Group object.", + "tags": [ + "all", + "msgVpn", + "authorizationGroup" + ] + } + }, + "/msgVpns/{msgVpnName}/authorizationGroups/{authorizationGroupName}": { + "delete": { + "description": "Delete an Authorization Group object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nTo use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnAuthorizationGroup", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with '\\'. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test\\#,lab,com'.", + "in": "path", + "name": "authorizationGroupName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an Authorization Group object.", + "tags": [ + "all", + "msgVpn", + "authorizationGroup" + ] + }, + "get": { + "description": "Get an Authorization Group object.\n\nTo use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.\n\n\nAttribute|Identifying|Write-Only\n:---|:---:|:---:\nauthorizationGroupName|x|\nmsgVpnName|x|\norderAfterAuthorizationGroupName||x\norderBeforeAuthorizationGroupName||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnAuthorizationGroup", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with '\\'. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test\\#,lab,com'.", + "in": "path", + "name": "authorizationGroupName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Group object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an Authorization Group object.", + "tags": [ + "all", + "msgVpn", + "authorizationGroup" + ] + }, + "patch": { + "description": "Update an Authorization Group object. Any attribute missing from the request will be left unchanged.\n\nTo use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:|:---:\naclProfileName|||||x\nauthorizationGroupName|x|x|||\nclientProfileName|||||x\nmsgVpnName|x||x||\norderAfterAuthorizationGroupName||||x|\norderBeforeAuthorizationGroupName||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Conflicts\n:---|:---|:---\nMsgVpnAuthorizationGroup|orderAfterAuthorizationGroupName|orderBeforeAuthorizationGroupName\nMsgVpnAuthorizationGroup|orderBeforeAuthorizationGroupName|orderAfterAuthorizationGroupName\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnAuthorizationGroup", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with '\\'. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test\\#,lab,com'.", + "in": "path", + "name": "authorizationGroupName", + "required": true, + "type": "string" + }, + { + "description": "The Authorization Group object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroup" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Group object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an Authorization Group object.", + "tags": [ + "all", + "msgVpn", + "authorizationGroup" + ] + }, + "put": { + "description": "Replace an Authorization Group object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nTo use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:|:---:\naclProfileName|||||x\nauthorizationGroupName|x|x|||\nclientProfileName|||||x\nmsgVpnName|x||x||\norderAfterAuthorizationGroupName||||x|\norderBeforeAuthorizationGroupName||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Conflicts\n:---|:---|:---\nMsgVpnAuthorizationGroup|orderAfterAuthorizationGroupName|orderBeforeAuthorizationGroupName\nMsgVpnAuthorizationGroup|orderBeforeAuthorizationGroupName|orderAfterAuthorizationGroupName\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnAuthorizationGroup", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with '\\'. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test\\#,lab,com'.", + "in": "path", + "name": "authorizationGroupName", + "required": true, + "type": "string" + }, + { + "description": "The Authorization Group object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroup" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Group object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnAuthorizationGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an Authorization Group object.", + "tags": [ + "all", + "msgVpn", + "authorizationGroup" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges": { + "get": { + "description": "Get a list of Bridge objects.\n\nBridges can be used to link two Message VPNs so that messages published to one Message VPN that match the topic subscriptions set for the bridge are also delivered to the linked Message VPN.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nbridgeName|x||\nbridgeVirtualRouter|x||\nmsgVpnName|x||\nremoteAuthenticationBasicPassword||x|x\nremoteAuthenticationClientCertContent||x|x\nremoteAuthenticationClientCertPassword||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnBridges", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Bridge objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Bridge objects.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "post": { + "description": "Create a Bridge object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nBridges can be used to link two Message VPNs so that messages published to one Message VPN that match the topic subscriptions set for the bridge are also delivered to the linked Message VPN.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nbridgeName|x|x|x|||\nbridgeVirtualRouter|x|x|x|||\nmsgVpnName|x|||x||\nremoteAuthenticationBasicPassword|||||x|x\nremoteAuthenticationClientCertContent|||||x|x\nremoteAuthenticationClientCertPassword|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnBridge|remoteAuthenticationBasicClientUsername|remoteAuthenticationBasicPassword\nMsgVpnBridge|remoteAuthenticationBasicPassword|remoteAuthenticationBasicClientUsername\nMsgVpnBridge|remoteAuthenticationClientCertPassword|remoteAuthenticationClientCertContent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Bridge object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridge" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Bridge object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Bridge object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges/{bridgeName},{bridgeVirtualRouter}": { + "delete": { + "description": "Delete a Bridge object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nBridges can be used to link two Message VPNs so that messages published to one Message VPN that match the topic subscriptions set for the bridge are also delivered to the linked Message VPN.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Bridge object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "get": { + "description": "Get a Bridge object.\n\nBridges can be used to link two Message VPNs so that messages published to one Message VPN that match the topic subscriptions set for the bridge are also delivered to the linked Message VPN.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nbridgeName|x||\nbridgeVirtualRouter|x||\nmsgVpnName|x||\nremoteAuthenticationBasicPassword||x|x\nremoteAuthenticationClientCertContent||x|x\nremoteAuthenticationClientCertPassword||x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Bridge object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Bridge object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "patch": { + "description": "Update a Bridge object. Any attribute missing from the request will be left unchanged.\n\nBridges can be used to link two Message VPNs so that messages published to one Message VPN that match the topic subscriptions set for the bridge are also delivered to the linked Message VPN.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nbridgeName|x|x||||\nbridgeVirtualRouter|x|x||||\nmaxTtl|||||x|\nmsgVpnName|x||x|||\nremoteAuthenticationBasicClientUsername|||||x|\nremoteAuthenticationBasicPassword||||x|x|x\nremoteAuthenticationClientCertContent||||x|x|x\nremoteAuthenticationClientCertPassword||||x|x|\nremoteAuthenticationScheme|||||x|\nremoteDeliverToOnePriority|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnBridge|remoteAuthenticationBasicClientUsername|remoteAuthenticationBasicPassword\nMsgVpnBridge|remoteAuthenticationBasicPassword|remoteAuthenticationBasicClientUsername\nMsgVpnBridge|remoteAuthenticationClientCertPassword|remoteAuthenticationClientCertContent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The Bridge object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridge" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Bridge object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Bridge object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "put": { + "description": "Replace a Bridge object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nBridges can be used to link two Message VPNs so that messages published to one Message VPN that match the topic subscriptions set for the bridge are also delivered to the linked Message VPN.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nbridgeName|x|x||||\nbridgeVirtualRouter|x|x||||\nmaxTtl|||||x|\nmsgVpnName|x||x|||\nremoteAuthenticationBasicClientUsername|||||x|\nremoteAuthenticationBasicPassword||||x|x|x\nremoteAuthenticationClientCertContent||||x|x|x\nremoteAuthenticationClientCertPassword||||x|x|\nremoteAuthenticationScheme|||||x|\nremoteDeliverToOnePriority|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnBridge|remoteAuthenticationBasicClientUsername|remoteAuthenticationBasicPassword\nMsgVpnBridge|remoteAuthenticationBasicPassword|remoteAuthenticationBasicClientUsername\nMsgVpnBridge|remoteAuthenticationClientCertPassword|remoteAuthenticationClientCertContent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The Bridge object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridge" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Bridge object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Bridge object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges/{bridgeName},{bridgeVirtualRouter}/remoteMsgVpns": { + "get": { + "description": "Get a list of Remote Message VPN objects.\n\nThe Remote Message VPN is the Message VPN that the Bridge connects to.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nbridgeName|x||\nbridgeVirtualRouter|x||\nmsgVpnName|x||\npassword||x|x\nremoteMsgVpnInterface|x||\nremoteMsgVpnLocation|x||\nremoteMsgVpnName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnBridgeRemoteMsgVpns", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Remote Message VPN objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpnsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Remote Message VPN objects.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "post": { + "description": "Create a Remote Message VPN object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Remote Message VPN is the Message VPN that the Bridge connects to.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nbridgeName|x|||x||\nbridgeVirtualRouter|x|||x||\nmsgVpnName|x|||x||\npassword|||||x|x\nremoteMsgVpnInterface|x|x||||\nremoteMsgVpnLocation|x|x|x|||\nremoteMsgVpnName|x|x|x|||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnBridgeRemoteMsgVpn|clientUsername|password\nMsgVpnBridgeRemoteMsgVpn|password|clientUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnBridgeRemoteMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The Remote Message VPN object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpn" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Message VPN object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Remote Message VPN object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges/{bridgeName},{bridgeVirtualRouter}/remoteMsgVpns/{remoteMsgVpnName},{remoteMsgVpnLocation},{remoteMsgVpnInterface}": { + "delete": { + "description": "Delete a Remote Message VPN object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Remote Message VPN is the Message VPN that the Bridge connects to.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnBridgeRemoteMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Message VPN.", + "in": "path", + "name": "remoteMsgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The location of the remote Message VPN as either an FQDN with port, IP address with port, or virtual router name (starting with \"v:\").", + "in": "path", + "name": "remoteMsgVpnLocation", + "required": true, + "type": "string" + }, + { + "description": "The physical interface on the local Message VPN host for connecting to the remote Message VPN. By default, an interface is chosen automatically (recommended), but if specified, `remoteMsgVpnLocation` must not be a virtual router name.", + "in": "path", + "name": "remoteMsgVpnInterface", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Remote Message VPN object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "get": { + "description": "Get a Remote Message VPN object.\n\nThe Remote Message VPN is the Message VPN that the Bridge connects to.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nbridgeName|x||\nbridgeVirtualRouter|x||\nmsgVpnName|x||\npassword||x|x\nremoteMsgVpnInterface|x||\nremoteMsgVpnLocation|x||\nremoteMsgVpnName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnBridgeRemoteMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Message VPN.", + "in": "path", + "name": "remoteMsgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The location of the remote Message VPN as either an FQDN with port, IP address with port, or virtual router name (starting with \"v:\").", + "in": "path", + "name": "remoteMsgVpnLocation", + "required": true, + "type": "string" + }, + { + "description": "The physical interface on the local Message VPN host for connecting to the remote Message VPN. By default, an interface is chosen automatically (recommended), but if specified, `remoteMsgVpnLocation` must not be a virtual router name.", + "in": "path", + "name": "remoteMsgVpnInterface", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Message VPN object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Remote Message VPN object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "patch": { + "description": "Update a Remote Message VPN object. Any attribute missing from the request will be left unchanged.\n\nThe Remote Message VPN is the Message VPN that the Bridge connects to.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nbridgeName|x||x|||\nbridgeVirtualRouter|x||x|||\nclientUsername|||||x|\ncompressedDataEnabled|||||x|\negressFlowWindowSize|||||x|\nmsgVpnName|x||x|||\npassword||||x|x|x\nremoteMsgVpnInterface|x|x||||\nremoteMsgVpnLocation|x|x||||\nremoteMsgVpnName|x|x||||\ntlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnBridgeRemoteMsgVpn|clientUsername|password\nMsgVpnBridgeRemoteMsgVpn|password|clientUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnBridgeRemoteMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Message VPN.", + "in": "path", + "name": "remoteMsgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The location of the remote Message VPN as either an FQDN with port, IP address with port, or virtual router name (starting with \"v:\").", + "in": "path", + "name": "remoteMsgVpnLocation", + "required": true, + "type": "string" + }, + { + "description": "The physical interface on the local Message VPN host for connecting to the remote Message VPN. By default, an interface is chosen automatically (recommended), but if specified, `remoteMsgVpnLocation` must not be a virtual router name.", + "in": "path", + "name": "remoteMsgVpnInterface", + "required": true, + "type": "string" + }, + { + "description": "The Remote Message VPN object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpn" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Message VPN object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Remote Message VPN object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "put": { + "description": "Replace a Remote Message VPN object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nThe Remote Message VPN is the Message VPN that the Bridge connects to.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nbridgeName|x||x|||\nbridgeVirtualRouter|x||x|||\nclientUsername|||||x|\ncompressedDataEnabled|||||x|\negressFlowWindowSize|||||x|\nmsgVpnName|x||x|||\npassword||||x|x|x\nremoteMsgVpnInterface|x|x||||\nremoteMsgVpnLocation|x|x||||\nremoteMsgVpnName|x|x||||\ntlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnBridgeRemoteMsgVpn|clientUsername|password\nMsgVpnBridgeRemoteMsgVpn|password|clientUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnBridgeRemoteMsgVpn", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Message VPN.", + "in": "path", + "name": "remoteMsgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The location of the remote Message VPN as either an FQDN with port, IP address with port, or virtual router name (starting with \"v:\").", + "in": "path", + "name": "remoteMsgVpnLocation", + "required": true, + "type": "string" + }, + { + "description": "The physical interface on the local Message VPN host for connecting to the remote Message VPN. By default, an interface is chosen automatically (recommended), but if specified, `remoteMsgVpnLocation` must not be a virtual router name.", + "in": "path", + "name": "remoteMsgVpnInterface", + "required": true, + "type": "string" + }, + { + "description": "The Remote Message VPN object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpn" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Message VPN object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteMsgVpnResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Remote Message VPN object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges/{bridgeName},{bridgeVirtualRouter}/remoteSubscriptions": { + "get": { + "description": "Get a list of Remote Subscription objects.\n\nA Remote Subscription is a topic subscription used by the Message VPN Bridge to attract messages from the remote message broker.\n\n\nAttribute|Identifying\n:---|:---:\nbridgeName|x\nbridgeVirtualRouter|x\nmsgVpnName|x\nremoteSubscriptionTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnBridgeRemoteSubscriptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Remote Subscription objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscriptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Remote Subscription objects.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "post": { + "description": "Create a Remote Subscription object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Remote Subscription is a topic subscription used by the Message VPN Bridge to attract messages from the remote message broker.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nbridgeName|x|||x\nbridgeVirtualRouter|x|||x\ndeliverAlwaysEnabled||x|x|\nmsgVpnName|x|||x\nremoteSubscriptionTopic|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnBridgeRemoteSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The Remote Subscription object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscription" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Subscription object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Remote Subscription object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges/{bridgeName},{bridgeVirtualRouter}/remoteSubscriptions/{remoteSubscriptionTopic}": { + "delete": { + "description": "Delete a Remote Subscription object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Remote Subscription is a topic subscription used by the Message VPN Bridge to attract messages from the remote message broker.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnBridgeRemoteSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The topic of the Bridge remote subscription.", + "in": "path", + "name": "remoteSubscriptionTopic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Remote Subscription object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "get": { + "description": "Get a Remote Subscription object.\n\nA Remote Subscription is a topic subscription used by the Message VPN Bridge to attract messages from the remote message broker.\n\n\nAttribute|Identifying\n:---|:---:\nbridgeName|x\nbridgeVirtualRouter|x\nmsgVpnName|x\nremoteSubscriptionTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnBridgeRemoteSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The topic of the Bridge remote subscription.", + "in": "path", + "name": "remoteSubscriptionTopic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Remote Subscription object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeRemoteSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Remote Subscription object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges/{bridgeName},{bridgeVirtualRouter}/tlsTrustedCommonNames": { + "get": { + "deprecated": true, + "description": "Get a list of Trusted Common Name objects.\n\nThe Trusted Common Names for the Bridge are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\nbridgeName|x|x\nbridgeVirtualRouter|x|x\nmsgVpnName|x|x\ntlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "getMsgVpnBridgeTlsTrustedCommonNames", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Trusted Common Name objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonNamesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Trusted Common Name objects.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "post": { + "deprecated": true, + "description": "Create a Trusted Common Name object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Trusted Common Names for the Bridge are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:|:---:\nbridgeName|x|||x|x\nbridgeVirtualRouter|x|||x|x\nmsgVpnName|x|||x|x\ntlsTrustedCommonName|x|x|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "createMsgVpnBridgeTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The Trusted Common Name object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonName" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trusted Common Name object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Trusted Common Name object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/bridges/{bridgeName},{bridgeVirtualRouter}/tlsTrustedCommonNames/{tlsTrustedCommonName}": { + "delete": { + "deprecated": true, + "description": "Delete a Trusted Common Name object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Trusted Common Names for the Bridge are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "deleteMsgVpnBridgeTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The expected trusted common name of the remote certificate.", + "in": "path", + "name": "tlsTrustedCommonName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Trusted Common Name object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + }, + "get": { + "deprecated": true, + "description": "Get a Trusted Common Name object.\n\nThe Trusted Common Names for the Bridge are used by encrypted transports to verify the name in the certificate presented by the remote node. They must include the common name of the remote node's server certificate or client certificate, depending upon the initiator of the connection.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\nbridgeName|x|x\nbridgeVirtualRouter|x|x\nmsgVpnName|x|x\ntlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.18. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "getMsgVpnBridgeTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Bridge.", + "in": "path", + "name": "bridgeName", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the Bridge.", + "in": "path", + "name": "bridgeVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The expected trusted common name of the remote certificate.", + "in": "path", + "name": "tlsTrustedCommonName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trusted Common Name object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnBridgeTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Trusted Common Name object.", + "tags": [ + "all", + "msgVpn", + "bridge" + ] + } + }, + "/msgVpns/{msgVpnName}/certMatchingRules": { + "get": { + "description": "Get a list of Certificate Matching Rule objects.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given username.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnCertMatchingRules", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Certificate Matching Rule objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRulesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Certificate Matching Rule objects.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "post": { + "description": "Create a Certificate Matching Rule object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given username.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nruleName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "createMsgVpnCertMatchingRule", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRule" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Certificate Matching Rule object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + } + }, + "/msgVpns/{msgVpnName}/certMatchingRules/{ruleName}": { + "delete": { + "description": "Delete a Certificate Matching Rule object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given username.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "deleteMsgVpnCertMatchingRule", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Certificate Matching Rule object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "get": { + "description": "Get a Certificate Matching Rule object.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given username.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnCertMatchingRule", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Certificate Matching Rule object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "patch": { + "description": "Update a Certificate Matching Rule object. Any attribute missing from the request will be left unchanged.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given username.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nruleName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "updateMsgVpnCertMatchingRule", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRule" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Certificate Matching Rule object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "put": { + "description": "Replace a Certificate Matching Rule object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Cert Matching Rule is a collection of conditions and attribute filters that all have to be satisfied for certificate to be acceptable as authentication for a given username.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nruleName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "replaceMsgVpnCertMatchingRule", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRule" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Certificate Matching Rule object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + } + }, + "/msgVpns/{msgVpnName}/certMatchingRules/{ruleName}/attributeFilters": { + "get": { + "description": "Get a list of Certificate Matching Rule Attribute Filter objects.\n\nA Cert Matching Rule Attribute Filter compares a username attribute to a string.\n\n\nAttribute|Identifying\n:---|:---:\nfilterName|x\nmsgVpnName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.28.", + "operationId": "getMsgVpnCertMatchingRuleAttributeFilters", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Certificate Matching Rule Attribute Filter objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFiltersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Certificate Matching Rule Attribute Filter objects.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "post": { + "description": "Create a Certificate Matching Rule Attribute Filter object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cert Matching Rule Attribute Filter compares a username attribute to a string.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nfilterName|x|x|x|\nmsgVpnName|x|||x\nruleName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "createMsgVpnCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Attribute Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + } + }, + "/msgVpns/{msgVpnName}/certMatchingRules/{ruleName}/attributeFilters/{filterName}": { + "delete": { + "description": "Delete a Certificate Matching Rule Attribute Filter object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cert Matching Rule Attribute Filter compares a username attribute to a string.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "deleteMsgVpnCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "get": { + "description": "Get a Certificate Matching Rule Attribute Filter object.\n\nA Cert Matching Rule Attribute Filter compares a username attribute to a string.\n\n\nAttribute|Identifying\n:---|:---:\nfilterName|x\nmsgVpnName|x\nruleName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "getMsgVpnCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "patch": { + "description": "Update a Certificate Matching Rule Attribute Filter object. Any attribute missing from the request will be left unchanged.\n\nA Cert Matching Rule Attribute Filter compares a username attribute to a string.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nfilterName|x|x|\nmsgVpnName|x||x\nruleName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "updateMsgVpnCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Attribute Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "put": { + "description": "Replace a Certificate Matching Rule Attribute Filter object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Cert Matching Rule Attribute Filter compares a username attribute to a string.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nfilterName|x|x|\nmsgVpnName|x||x\nruleName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.28.", + "operationId": "replaceMsgVpnCertMatchingRuleAttributeFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The name of the filter.", + "in": "path", + "name": "filterName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Attribute Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Attribute Filter object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleAttributeFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Certificate Matching Rule Attribute Filter object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + } + }, + "/msgVpns/{msgVpnName}/certMatchingRules/{ruleName}/conditions": { + "get": { + "description": "Get a list of Certificate Matching Rule Condition objects.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a username attribute or an expression.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nruleName|x\nsource|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnCertMatchingRuleConditions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Certificate Matching Rule Condition objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleConditionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Certificate Matching Rule Condition objects.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "post": { + "description": "Create a Certificate Matching Rule Condition object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a username attribute or an expression.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nattribute||x||\nexpression||x||\nmsgVpnName|x|||x\nruleName|x|||x\nsource|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "createMsgVpnCertMatchingRuleCondition", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "The Certificate Matching Rule Condition object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleCondition" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Condition object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleConditionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Certificate Matching Rule Condition object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + } + }, + "/msgVpns/{msgVpnName}/certMatchingRules/{ruleName}/conditions/{source}": { + "delete": { + "description": "Delete a Certificate Matching Rule Condition object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a username attribute or an expression.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "deleteMsgVpnCertMatchingRuleCondition", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "Certificate field to be compared with the Attribute.", + "in": "path", + "name": "source", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Certificate Matching Rule Condition object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + }, + "get": { + "description": "Get a Certificate Matching Rule Condition object.\n\nA Cert Matching Rule Condition compares data extracted from a certificate to a username attribute or an expression.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nruleName|x\nsource|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnCertMatchingRuleCondition", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the rule.", + "in": "path", + "name": "ruleName", + "required": true, + "type": "string" + }, + { + "description": "Certificate field to be compared with the Attribute.", + "in": "path", + "name": "source", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Certificate Matching Rule Condition object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnCertMatchingRuleConditionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Certificate Matching Rule Condition object.", + "tags": [ + "all", + "msgVpn", + "certMatchingRule" + ] + } + }, + "/msgVpns/{msgVpnName}/clientProfiles": { + "get": { + "description": "Get a list of Client Profile objects.\n\nClient Profiles are used to assign common configuration properties to clients that have been successfully authorized.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\nallowCutThroughForwardingEnabled||x\napiQueueManagementCopyFromOnCreateName||x\napiTopicEndpointManagementCopyFromOnCreateName||x\nclientProfileName|x|\nmsgVpnName|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnClientProfiles", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Client Profile objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientProfilesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Client Profile objects.", + "tags": [ + "all", + "msgVpn", + "clientProfile" + ] + }, + "post": { + "description": "Create a Client Profile object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nClient Profiles are used to assign common configuration properties to clients that have been successfully authorized.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:|:---:\nallowCutThroughForwardingEnabled|||||x\napiQueueManagementCopyFromOnCreateName|||||x\napiTopicEndpointManagementCopyFromOnCreateName|||||x\nclientProfileName|x|x|x||\nmsgVpnName|x|||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\nEventThresholdByPercent|clearPercent|setPercent|\nEventThresholdByPercent|setPercent|clearPercent|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnClientProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnClientProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Profile object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Client Profile object.", + "tags": [ + "all", + "msgVpn", + "clientProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/clientProfiles/{clientProfileName}": { + "delete": { + "description": "Delete a Client Profile object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nClient Profiles are used to assign common configuration properties to clients that have been successfully authorized.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnClientProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Profile.", + "in": "path", + "name": "clientProfileName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Client Profile object.", + "tags": [ + "all", + "msgVpn", + "clientProfile" + ] + }, + "get": { + "description": "Get a Client Profile object.\n\nClient Profiles are used to assign common configuration properties to clients that have been successfully authorized.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\nallowCutThroughForwardingEnabled||x\napiQueueManagementCopyFromOnCreateName||x\napiTopicEndpointManagementCopyFromOnCreateName||x\nclientProfileName|x|\nmsgVpnName|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnClientProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Profile.", + "in": "path", + "name": "clientProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Profile object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Client Profile object.", + "tags": [ + "all", + "msgVpn", + "clientProfile" + ] + }, + "patch": { + "description": "Update a Client Profile object. Any attribute missing from the request will be left unchanged.\n\nClient Profiles are used to assign common configuration properties to clients that have been successfully authorized.\n\n\nAttribute|Identifying|Const|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:\nallowCutThroughForwardingEnabled||||x\napiQueueManagementCopyFromOnCreateName||||x\napiTopicEndpointManagementCopyFromOnCreateName||||x\nclientProfileName|x|x||\nmsgVpnName|x||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\nEventThresholdByPercent|clearPercent|setPercent|\nEventThresholdByPercent|setPercent|clearPercent|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnClientProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Profile.", + "in": "path", + "name": "clientProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Client Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnClientProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Profile object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Client Profile object.", + "tags": [ + "all", + "msgVpn", + "clientProfile" + ] + }, + "put": { + "description": "Replace a Client Profile object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nClient Profiles are used to assign common configuration properties to clients that have been successfully authorized.\n\n\nAttribute|Identifying|Const|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:\nallowCutThroughForwardingEnabled||||x\napiQueueManagementCopyFromOnCreateName||||x\napiTopicEndpointManagementCopyFromOnCreateName||||x\nclientProfileName|x|x||\nmsgVpnName|x||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\nEventThresholdByPercent|clearPercent|setPercent|\nEventThresholdByPercent|setPercent|clearPercent|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnClientProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Profile.", + "in": "path", + "name": "clientProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Client Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnClientProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Profile object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Client Profile object.", + "tags": [ + "all", + "msgVpn", + "clientProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/clientUsernames": { + "get": { + "description": "Get a list of Client Username objects.\n\nA client is only authorized to connect to a Message VPN that is associated with a Client Username that the client has been assigned.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nclientUsername|x||\nmsgVpnName|x||\npassword||x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnClientUsernames", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Client Username objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernamesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Client Username objects.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + }, + "post": { + "description": "Create a Client Username object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA client is only authorized to connect to a Message VPN that is associated with a Client Username that the client has been assigned.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nclientUsername|x|x|x|||\nmsgVpnName|x|||x||\npassword|||||x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnClientUsername", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client Username object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnClientUsername" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Username object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Client Username object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + } + }, + "/msgVpns/{msgVpnName}/clientUsernames/{clientUsername}": { + "delete": { + "description": "Delete a Client Username object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA client is only authorized to connect to a Message VPN that is associated with a Client Username that the client has been assigned.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnClientUsername", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Client Username object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + }, + "get": { + "description": "Get a Client Username object.\n\nA client is only authorized to connect to a Message VPN that is associated with a Client Username that the client has been assigned.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nclientUsername|x||\nmsgVpnName|x||\npassword||x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnClientUsername", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Username object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Client Username object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + }, + "patch": { + "description": "Update a Client Username object. Any attribute missing from the request will be left unchanged.\n\nA client is only authorized to connect to a Message VPN that is associated with a Client Username that the client has been assigned.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\naclProfileName|||||x|\nclientProfileName|||||x|\nclientUsername|x|x||||\nmsgVpnName|x||x|||\npassword||||x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnClientUsername", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + }, + { + "description": "The Client Username object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnClientUsername" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Username object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Client Username object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + }, + "put": { + "description": "Replace a Client Username object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA client is only authorized to connect to a Message VPN that is associated with a Client Username that the client has been assigned.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\naclProfileName|||||x|\nclientProfileName|||||x|\nclientUsername|x|x||||\nmsgVpnName|x||x|||\npassword||||x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnClientUsername", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + }, + { + "description": "The Client Username object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnClientUsername" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Username object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Client Username object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + } + }, + "/msgVpns/{msgVpnName}/clientUsernames/{clientUsername}/attributes": { + "get": { + "description": "Get a list of Client Username Attribute objects.\n\nA ClientUsername Attribute is a key+value pair that can be used to locate a client username, for example when using client certificate mapping.\n\n\nAttribute|Identifying\n:---|:---:\nattributeName|x\nattributeValue|x\nclientUsername|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnClientUsernameAttributes", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Client Username Attribute objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameAttributesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Client Username Attribute objects.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + }, + "post": { + "description": "Create a Client Username Attribute object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA ClientUsername Attribute is a key+value pair that can be used to locate a client username, for example when using client certificate mapping.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nattributeName|x|x|x|\nattributeValue|x|x|x|\nclientUsername|x|||x\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "createMsgVpnClientUsernameAttribute", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + }, + { + "description": "The Client Username Attribute object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameAttribute" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Username Attribute object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameAttributeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Client Username Attribute object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + } + }, + "/msgVpns/{msgVpnName}/clientUsernames/{clientUsername}/attributes/{attributeName},{attributeValue}": { + "delete": { + "description": "Delete a Client Username Attribute object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA ClientUsername Attribute is a key+value pair that can be used to locate a client username, for example when using client certificate mapping.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "deleteMsgVpnClientUsernameAttribute", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + }, + { + "description": "The name of the Attribute.", + "in": "path", + "name": "attributeName", + "required": true, + "type": "string" + }, + { + "description": "The value of the Attribute.", + "in": "path", + "name": "attributeValue", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Client Username Attribute object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + }, + "get": { + "description": "Get a Client Username Attribute object.\n\nA ClientUsername Attribute is a key+value pair that can be used to locate a client username, for example when using client certificate mapping.\n\n\nAttribute|Identifying\n:---|:---:\nattributeName|x\nattributeValue|x\nclientUsername|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnClientUsernameAttribute", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Client Username.", + "in": "path", + "name": "clientUsername", + "required": true, + "type": "string" + }, + { + "description": "The name of the Attribute.", + "in": "path", + "name": "attributeName", + "required": true, + "type": "string" + }, + { + "description": "The value of the Attribute.", + "in": "path", + "name": "attributeValue", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Client Username Attribute object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnClientUsernameAttributeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Client Username Attribute object.", + "tags": [ + "all", + "msgVpn", + "clientUsername" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches": { + "get": { + "description": "Get a list of Distributed Cache objects.\n\nA Distributed Cache is a collection of one or more Cache Clusters that belong to the same Message VPN. Each Cache Cluster in a Distributed Cache is configured to subscribe to a different set of topics. This effectively divides up the configured topic space, to provide scaling to very large topic spaces or very high cached message throughput.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCaches", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Distributed Cache objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCachesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Distributed Cache objects.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "post": { + "description": "Create a Distributed Cache object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Distributed Cache is a collection of one or more Cache Clusters that belong to the same Message VPN. Each Cache Cluster in a Distributed Cache is configured to subscribe to a different set of topics. This effectively divides up the configured topic space, to provide scaling to very large topic spaces or very high cached message throughput.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncacheName|x|x|x|\ncacheVirtualRouter||x||\nmsgVpnName|x|||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnDistributedCache|scheduledDeleteMsgDayList|scheduledDeleteMsgTimeList\nMsgVpnDistributedCache|scheduledDeleteMsgTimeList|scheduledDeleteMsgDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnDistributedCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Distributed Cache object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCache" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Distributed Cache object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Distributed Cache object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}": { + "delete": { + "description": "Delete a Distributed Cache object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Distributed Cache is a collection of one or more Cache Clusters that belong to the same Message VPN. Each Cache Cluster in a Distributed Cache is configured to subscribe to a different set of topics. This effectively divides up the configured topic space, to provide scaling to very large topic spaces or very high cached message throughput.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnDistributedCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Distributed Cache object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "get": { + "description": "Get a Distributed Cache object.\n\nA Distributed Cache is a collection of one or more Cache Clusters that belong to the same Message VPN. Each Cache Cluster in a Distributed Cache is configured to subscribe to a different set of topics. This effectively divides up the configured topic space, to provide scaling to very large topic spaces or very high cached message throughput.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Distributed Cache object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Distributed Cache object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "patch": { + "description": "Update a Distributed Cache object. Any attribute missing from the request will be left unchanged.\n\nA Distributed Cache is a collection of one or more Cache Clusters that belong to the same Message VPN. Each Cache Cluster in a Distributed Cache is configured to subscribe to a different set of topics. This effectively divides up the configured topic space, to provide scaling to very large topic spaces or very high cached message throughput.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ncacheName|x|x|\ncacheVirtualRouter||x|\nmsgVpnName|x||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnDistributedCache|scheduledDeleteMsgDayList|scheduledDeleteMsgTimeList\nMsgVpnDistributedCache|scheduledDeleteMsgTimeList|scheduledDeleteMsgDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "updateMsgVpnDistributedCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The Distributed Cache object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCache" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Distributed Cache object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Distributed Cache object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "put": { + "description": "Replace a Distributed Cache object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Distributed Cache is a collection of one or more Cache Clusters that belong to the same Message VPN. Each Cache Cluster in a Distributed Cache is configured to subscribe to a different set of topics. This effectively divides up the configured topic space, to provide scaling to very large topic spaces or very high cached message throughput.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ncacheName|x|x|\ncacheVirtualRouter||x|\nmsgVpnName|x||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnDistributedCache|scheduledDeleteMsgDayList|scheduledDeleteMsgTimeList\nMsgVpnDistributedCache|scheduledDeleteMsgTimeList|scheduledDeleteMsgDayList\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "replaceMsgVpnDistributedCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The Distributed Cache object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCache" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Distributed Cache object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Distributed Cache object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters": { + "get": { + "description": "Get a list of Cache Cluster objects.\n\nA Cache Cluster is a collection of one or more Cache Instances that subscribe to exactly the same topics. Cache Instances are grouped together in a Cache Cluster for the purpose of fault tolerance and load balancing. As published messages are received, the message broker message bus sends these live data messages to the Cache Instances in the Cache Cluster. This enables client cache requests to be served by any of Cache Instances in the Cache Cluster.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusters", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Cache Cluster objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClustersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Cache Cluster objects.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "post": { + "description": "Create a Cache Cluster object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cache Cluster is a collection of one or more Cache Instances that subscribe to exactly the same topics. Cache Instances are grouped together in a Cache Cluster for the purpose of fault tolerance and load balancing. As published messages are received, the message broker message bus sends these live data messages to the Cache Instances in the Cache Cluster. This enables client cache requests to be served by any of Cache Instances in the Cache Cluster.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncacheName|x|||x\nclusterName|x|x|x|\nmsgVpnName|x|||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nEventThresholdByPercent|clearPercent|setPercent\nEventThresholdByPercent|setPercent|clearPercent\nEventThresholdByValue|clearValue|setValue\nEventThresholdByValue|setValue|clearValue\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnDistributedCacheCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The Cache Cluster object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheCluster" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Cluster object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}": { + "delete": { + "description": "Delete a Cache Cluster object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cache Cluster is a collection of one or more Cache Instances that subscribe to exactly the same topics. Cache Instances are grouped together in a Cache Cluster for the purpose of fault tolerance and load balancing. As published messages are received, the message broker message bus sends these live data messages to the Cache Instances in the Cache Cluster. This enables client cache requests to be served by any of Cache Instances in the Cache Cluster.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnDistributedCacheCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "get": { + "description": "Get a Cache Cluster object.\n\nA Cache Cluster is a collection of one or more Cache Instances that subscribe to exactly the same topics. Cache Instances are grouped together in a Cache Cluster for the purpose of fault tolerance and load balancing. As published messages are received, the message broker message bus sends these live data messages to the Cache Instances in the Cache Cluster. This enables client cache requests to be served by any of Cache Instances in the Cache Cluster.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Cluster object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "patch": { + "description": "Update a Cache Cluster object. Any attribute missing from the request will be left unchanged.\n\nA Cache Cluster is a collection of one or more Cache Instances that subscribe to exactly the same topics. Cache Instances are grouped together in a Cache Cluster for the purpose of fault tolerance and load balancing. As published messages are received, the message broker message bus sends these live data messages to the Cache Instances in the Cache Cluster. This enables client cache requests to be served by any of Cache Instances in the Cache Cluster.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\ncacheName|x||x|\nclusterName|x|x||\ndeliverToOneOverrideEnabled||||x\nmsgVpnName|x||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nEventThresholdByPercent|clearPercent|setPercent\nEventThresholdByPercent|setPercent|clearPercent\nEventThresholdByValue|clearValue|setValue\nEventThresholdByValue|setValue|clearValue\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "updateMsgVpnDistributedCacheCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The Cache Cluster object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheCluster" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Cluster object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "put": { + "description": "Replace a Cache Cluster object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Cache Cluster is a collection of one or more Cache Instances that subscribe to exactly the same topics. Cache Instances are grouped together in a Cache Cluster for the purpose of fault tolerance and load balancing. As published messages are received, the message broker message bus sends these live data messages to the Cache Instances in the Cache Cluster. This enables client cache requests to be served by any of Cache Instances in the Cache Cluster.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\ncacheName|x||x|\nclusterName|x|x||\ndeliverToOneOverrideEnabled||||x\nmsgVpnName|x||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nEventThresholdByPercent|clearPercent|setPercent\nEventThresholdByPercent|setPercent|clearPercent\nEventThresholdByValue|clearValue|setValue\nEventThresholdByValue|setValue|clearValue\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "replaceMsgVpnDistributedCacheCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The Cache Cluster object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheCluster" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Cluster object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/globalCachingHomeClusters": { + "get": { + "description": "Get a list of Home Cache Cluster objects.\n\nA Home Cache Cluster is a Cache Cluster that is the \"definitive\" Cache Cluster for a given topic in the context of the Global Caching feature.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nhomeClusterName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterGlobalCachingHomeClusters", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Home Cache Cluster objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClustersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Home Cache Cluster objects.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "post": { + "description": "Create a Home Cache Cluster object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Home Cache Cluster is a Cache Cluster that is the \"definitive\" Cache Cluster for a given topic in the context of the Global Caching feature.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncacheName|x|||x\nclusterName|x|||x\nhomeClusterName|x|x|x|\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnDistributedCacheClusterGlobalCachingHomeCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The Home Cache Cluster object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeCluster" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Home Cache Cluster object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Home Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/globalCachingHomeClusters/{homeClusterName}": { + "delete": { + "description": "Delete a Home Cache Cluster object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Home Cache Cluster is a Cache Cluster that is the \"definitive\" Cache Cluster for a given topic in the context of the Global Caching feature.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnDistributedCacheClusterGlobalCachingHomeCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Home Cache Cluster.", + "in": "path", + "name": "homeClusterName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Home Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "get": { + "description": "Get a Home Cache Cluster object.\n\nA Home Cache Cluster is a Cache Cluster that is the \"definitive\" Cache Cluster for a given topic in the context of the Global Caching feature.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nhomeClusterName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterGlobalCachingHomeCluster", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Home Cache Cluster.", + "in": "path", + "name": "homeClusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Home Cache Cluster object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Home Cache Cluster object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/globalCachingHomeClusters/{homeClusterName}/topicPrefixes": { + "get": { + "description": "Get a list of Topic Prefix objects.\n\nA Topic Prefix is a prefix for a global topic that is available from the containing Home Cache Cluster.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nhomeClusterName|x\nmsgVpnName|x\ntopicPrefix|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixes", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Home Cache Cluster.", + "in": "path", + "name": "homeClusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Topic Prefix objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Topic Prefix objects.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "post": { + "description": "Create a Topic Prefix object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Prefix is a prefix for a global topic that is available from the containing Home Cache Cluster.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncacheName|x|||x\nclusterName|x|||x\nhomeClusterName|x|||x\nmsgVpnName|x|||x\ntopicPrefix|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefix", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Home Cache Cluster.", + "in": "path", + "name": "homeClusterName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Prefix object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefix" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Prefix object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Topic Prefix object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/globalCachingHomeClusters/{homeClusterName}/topicPrefixes/{topicPrefix}": { + "delete": { + "description": "Delete a Topic Prefix object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Prefix is a prefix for a global topic that is available from the containing Home Cache Cluster.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefix", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Home Cache Cluster.", + "in": "path", + "name": "homeClusterName", + "required": true, + "type": "string" + }, + { + "description": "A topic prefix for global topics available from the remote Home Cache Cluster. A wildcard (/>) is implied at the end of the prefix.", + "in": "path", + "name": "topicPrefix", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Topic Prefix object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "get": { + "description": "Get a Topic Prefix object.\n\nA Topic Prefix is a prefix for a global topic that is available from the containing Home Cache Cluster.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nhomeClusterName|x\nmsgVpnName|x\ntopicPrefix|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefix", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the remote Home Cache Cluster.", + "in": "path", + "name": "homeClusterName", + "required": true, + "type": "string" + }, + { + "description": "A topic prefix for global topics available from the remote Home Cache Cluster. A wildcard (/>) is implied at the end of the prefix.", + "in": "path", + "name": "topicPrefix", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Prefix object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterGlobalCachingHomeClusterTopicPrefixResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Topic Prefix object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/instances": { + "get": { + "description": "Get a list of Cache Instance objects.\n\nA Cache Instance is a single Cache process that belongs to a single Cache Cluster. A Cache Instance object provisioned on the broker is used to disseminate configuration information to the Cache process. Cache Instances listen for and cache live data messages that match the topic subscriptions configured for their parent Cache Cluster.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\ninstanceName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterInstances", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Cache Instance objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstancesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Cache Instance objects.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "post": { + "description": "Create a Cache Instance object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cache Instance is a single Cache process that belongs to a single Cache Cluster. A Cache Instance object provisioned on the broker is used to disseminate configuration information to the Cache process. Cache Instances listen for and cache live data messages that match the topic subscriptions configured for their parent Cache Cluster.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncacheName|x|||x\nclusterName|x|||x\ninstanceName|x|x|x|\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnDistributedCacheClusterInstance", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The Cache Instance object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstance" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Instance object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstanceResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Cache Instance object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/instances/{instanceName}": { + "delete": { + "description": "Delete a Cache Instance object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Cache Instance is a single Cache process that belongs to a single Cache Cluster. A Cache Instance object provisioned on the broker is used to disseminate configuration information to the Cache process. Cache Instances listen for and cache live data messages that match the topic subscriptions configured for their parent Cache Cluster.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnDistributedCacheClusterInstance", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Instance.", + "in": "path", + "name": "instanceName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Cache Instance object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "get": { + "description": "Get a Cache Instance object.\n\nA Cache Instance is a single Cache process that belongs to a single Cache Cluster. A Cache Instance object provisioned on the broker is used to disseminate configuration information to the Cache process. Cache Instances listen for and cache live data messages that match the topic subscriptions configured for their parent Cache Cluster.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\ninstanceName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterInstance", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Instance.", + "in": "path", + "name": "instanceName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Instance object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstanceResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Cache Instance object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "patch": { + "description": "Update a Cache Instance object. Any attribute missing from the request will be left unchanged.\n\nA Cache Instance is a single Cache process that belongs to a single Cache Cluster. A Cache Instance object provisioned on the broker is used to disseminate configuration information to the Cache process. Cache Instances listen for and cache live data messages that match the topic subscriptions configured for their parent Cache Cluster.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ncacheName|x||x\nclusterName|x||x\ninstanceName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "updateMsgVpnDistributedCacheClusterInstance", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Instance.", + "in": "path", + "name": "instanceName", + "required": true, + "type": "string" + }, + { + "description": "The Cache Instance object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstance" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Instance object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstanceResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Cache Instance object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "put": { + "description": "Replace a Cache Instance object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Cache Instance is a single Cache process that belongs to a single Cache Cluster. A Cache Instance object provisioned on the broker is used to disseminate configuration information to the Cache process. Cache Instances listen for and cache live data messages that match the topic subscriptions configured for their parent Cache Cluster.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ncacheName|x||x\nclusterName|x||x\ninstanceName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "replaceMsgVpnDistributedCacheClusterInstance", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Instance.", + "in": "path", + "name": "instanceName", + "required": true, + "type": "string" + }, + { + "description": "The Cache Instance object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstance" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Cache Instance object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterInstanceResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Cache Instance object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/topics": { + "get": { + "description": "Get a list of Topic objects.\n\nThe Cache Instances that belong to the containing Cache Cluster will cache any messages published to topics that match a Topic Subscription.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nmsgVpnName|x\ntopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterTopics", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Topic objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopicsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Topic objects.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "post": { + "description": "Create a Topic object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Cache Instances that belong to the containing Cache Cluster will cache any messages published to topics that match a Topic Subscription.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncacheName|x|||x\nclusterName|x|||x\nmsgVpnName|x|||x\ntopic|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnDistributedCacheClusterTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Topic object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/distributedCaches/{cacheName}/clusters/{clusterName}/topics/{topic}": { + "delete": { + "description": "Delete a Topic object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Cache Instances that belong to the containing Cache Cluster will cache any messages published to topics that match a Topic Subscription.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnDistributedCacheClusterTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The value of the Topic in the form a/b/c.", + "in": "path", + "name": "topic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Topic object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + }, + "get": { + "description": "Get a Topic object.\n\nThe Cache Instances that belong to the containing Cache Cluster will cache any messages published to topics that match a Topic Subscription.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nclusterName|x\nmsgVpnName|x\ntopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDistributedCacheClusterTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Distributed Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Cache Cluster.", + "in": "path", + "name": "clusterName", + "required": true, + "type": "string" + }, + { + "description": "The value of the Topic in the form a/b/c.", + "in": "path", + "name": "topic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDistributedCacheClusterTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Topic object.", + "tags": [ + "all", + "msgVpn", + "distributedCache" + ] + } + }, + "/msgVpns/{msgVpnName}/dmrBridges": { + "get": { + "description": "Get a list of DMR Bridge objects.\n\nA DMR Bridge is required to establish a data channel over a corresponding external link to the remote node for a given Message VPN. Each DMR Bridge identifies which external link the Message VPN should use, and what the name of the equivalent Message VPN at the remote node is.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nremoteNodeName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDmrBridges", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of DMR Bridge objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridgesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of DMR Bridge objects.", + "tags": [ + "all", + "msgVpn", + "dmrBridge" + ] + }, + "post": { + "description": "Create a DMR Bridge object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA DMR Bridge is required to establish a data channel over a corresponding external link to the remote node for a given Message VPN. Each DMR Bridge identifies which external link the Message VPN should use, and what the name of the equivalent Message VPN at the remote node is.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nremoteNodeName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnDmrBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The DMR Bridge object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridge" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The DMR Bridge object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a DMR Bridge object.", + "tags": [ + "all", + "msgVpn", + "dmrBridge" + ] + } + }, + "/msgVpns/{msgVpnName}/dmrBridges/{remoteNodeName}": { + "delete": { + "description": "Delete a DMR Bridge object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA DMR Bridge is required to establish a data channel over a corresponding external link to the remote node for a given Message VPN. Each DMR Bridge identifies which external link the Message VPN should use, and what the name of the equivalent Message VPN at the remote node is.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnDmrBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the DMR Bridge.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a DMR Bridge object.", + "tags": [ + "all", + "msgVpn", + "dmrBridge" + ] + }, + "get": { + "description": "Get a DMR Bridge object.\n\nA DMR Bridge is required to establish a data channel over a corresponding external link to the remote node for a given Message VPN. Each DMR Bridge identifies which external link the Message VPN should use, and what the name of the equivalent Message VPN at the remote node is.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nremoteNodeName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnDmrBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the DMR Bridge.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The DMR Bridge object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a DMR Bridge object.", + "tags": [ + "all", + "msgVpn", + "dmrBridge" + ] + }, + "patch": { + "description": "Update a DMR Bridge object. Any attribute missing from the request will be left unchanged.\n\nA DMR Bridge is required to establish a data channel over a corresponding external link to the remote node for a given Message VPN. Each DMR Bridge identifies which external link the Message VPN should use, and what the name of the equivalent Message VPN at the remote node is.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nremoteNodeName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "updateMsgVpnDmrBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the DMR Bridge.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The DMR Bridge object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridge" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The DMR Bridge object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a DMR Bridge object.", + "tags": [ + "all", + "msgVpn", + "dmrBridge" + ] + }, + "put": { + "description": "Replace a DMR Bridge object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA DMR Bridge is required to establish a data channel over a corresponding external link to the remote node for a given Message VPN. Each DMR Bridge identifies which external link the Message VPN should use, and what the name of the equivalent Message VPN at the remote node is.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nremoteNodeName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "replaceMsgVpnDmrBridge", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the node at the remote end of the DMR Bridge.", + "in": "path", + "name": "remoteNodeName", + "required": true, + "type": "string" + }, + { + "description": "The DMR Bridge object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridge" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The DMR Bridge object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnDmrBridgeResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a DMR Bridge object.", + "tags": [ + "all", + "msgVpn", + "dmrBridge" + ] + } + }, + "/msgVpns/{msgVpnName}/jndiConnectionFactories": { + "get": { + "description": "Get a list of JNDI Connection Factory objects.\n\nThe message broker provides an internal JNDI store for provisioned Connection Factory objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying\n:---|:---:\nconnectionFactoryName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.2.", + "operationId": "getMsgVpnJndiConnectionFactories", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of JNDI Connection Factory objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactoriesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of JNDI Connection Factory objects.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "post": { + "description": "Create a JNDI Connection Factory object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe message broker provides an internal JNDI store for provisioned Connection Factory objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nconnectionFactoryName|x|x|x|\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "createMsgVpnJndiConnectionFactory", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Connection Factory object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactory" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Connection Factory object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactoryResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a JNDI Connection Factory object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + } + }, + "/msgVpns/{msgVpnName}/jndiConnectionFactories/{connectionFactoryName}": { + "delete": { + "description": "Delete a JNDI Connection Factory object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe message broker provides an internal JNDI store for provisioned Connection Factory objects that clients can access through JNDI lookups.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "deleteMsgVpnJndiConnectionFactory", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the JMS Connection Factory.", + "in": "path", + "name": "connectionFactoryName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a JNDI Connection Factory object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "get": { + "description": "Get a JNDI Connection Factory object.\n\nThe message broker provides an internal JNDI store for provisioned Connection Factory objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying\n:---|:---:\nconnectionFactoryName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "getMsgVpnJndiConnectionFactory", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the JMS Connection Factory.", + "in": "path", + "name": "connectionFactoryName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Connection Factory object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactoryResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a JNDI Connection Factory object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "patch": { + "description": "Update a JNDI Connection Factory object. Any attribute missing from the request will be left unchanged.\n\nThe message broker provides an internal JNDI store for provisioned Connection Factory objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nconnectionFactoryName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "updateMsgVpnJndiConnectionFactory", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the JMS Connection Factory.", + "in": "path", + "name": "connectionFactoryName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Connection Factory object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactory" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Connection Factory object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactoryResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a JNDI Connection Factory object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "put": { + "description": "Replace a JNDI Connection Factory object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nThe message broker provides an internal JNDI store for provisioned Connection Factory objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nconnectionFactoryName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "replaceMsgVpnJndiConnectionFactory", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the JMS Connection Factory.", + "in": "path", + "name": "connectionFactoryName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Connection Factory object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactory" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Connection Factory object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiConnectionFactoryResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a JNDI Connection Factory object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + } + }, + "/msgVpns/{msgVpnName}/jndiQueues": { + "get": { + "description": "Get a list of JNDI Queue objects.\n\nThe message broker provides an internal JNDI store for provisioned Queue objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.2.", + "operationId": "getMsgVpnJndiQueues", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of JNDI Queue objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueuesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of JNDI Queue objects.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "post": { + "description": "Create a JNDI Queue object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe message broker provides an internal JNDI store for provisioned Queue objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nqueueName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "createMsgVpnJndiQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Queue object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueue" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Queue object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a JNDI Queue object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + } + }, + "/msgVpns/{msgVpnName}/jndiQueues/{queueName}": { + "delete": { + "description": "Delete a JNDI Queue object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe message broker provides an internal JNDI store for provisioned Queue objects that clients can access through JNDI lookups.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "deleteMsgVpnJndiQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a JNDI Queue object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "get": { + "description": "Get a JNDI Queue object.\n\nThe message broker provides an internal JNDI store for provisioned Queue objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "getMsgVpnJndiQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Queue object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a JNDI Queue object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "patch": { + "description": "Update a JNDI Queue object. Any attribute missing from the request will be left unchanged.\n\nThe message broker provides an internal JNDI store for provisioned Queue objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nqueueName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "updateMsgVpnJndiQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Queue object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueue" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Queue object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a JNDI Queue object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "put": { + "description": "Replace a JNDI Queue object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nThe message broker provides an internal JNDI store for provisioned Queue objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nqueueName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "replaceMsgVpnJndiQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Queue object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueue" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Queue object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a JNDI Queue object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + } + }, + "/msgVpns/{msgVpnName}/jndiTopics": { + "get": { + "description": "Get a list of JNDI Topic objects.\n\nThe message broker provides an internal JNDI store for provisioned Topic objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntopicName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.2.", + "operationId": "getMsgVpnJndiTopics", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of JNDI Topic objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopicsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of JNDI Topic objects.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "post": { + "description": "Create a JNDI Topic object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe message broker provides an internal JNDI store for provisioned Topic objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\ntopicName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "createMsgVpnJndiTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Topic object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a JNDI Topic object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + } + }, + "/msgVpns/{msgVpnName}/jndiTopics/{topicName}": { + "delete": { + "description": "Delete a JNDI Topic object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe message broker provides an internal JNDI store for provisioned Topic objects that clients can access through JNDI lookups.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "deleteMsgVpnJndiTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Topic.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a JNDI Topic object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "get": { + "description": "Get a JNDI Topic object.\n\nThe message broker provides an internal JNDI store for provisioned Topic objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntopicName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "getMsgVpnJndiTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Topic.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Topic object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a JNDI Topic object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "patch": { + "description": "Update a JNDI Topic object. Any attribute missing from the request will be left unchanged.\n\nThe message broker provides an internal JNDI store for provisioned Topic objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntopicName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "updateMsgVpnJndiTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Topic.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Topic object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a JNDI Topic object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + }, + "put": { + "description": "Replace a JNDI Topic object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nThe message broker provides an internal JNDI store for provisioned Topic objects that clients can access through JNDI lookups.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntopicName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.2.", + "operationId": "replaceMsgVpnJndiTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI name of the JMS Topic.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + }, + { + "description": "The JNDI Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The JNDI Topic object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnJndiTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a JNDI Topic object.", + "tags": [ + "all", + "msgVpn", + "jndi" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaReceivers": { + "get": { + "description": "Get a list of Kafka Receiver objects.\n\nA Kafka Receiver receives messages from a Kafka Cluster.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nauthenticationClientCertContent||x|x\nauthenticationClientCertPassword||x|\nauthenticationKerberosKeytabContent||x|\nauthenticationOauthClientSecret||x|x\nauthenticationScramPassword||x|x\nkafkaReceiverName|x||\nmsgVpnName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaReceivers", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Kafka Receiver objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiversResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Kafka Receiver objects.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "post": { + "description": "Create a Kafka Receiver object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Kafka Receiver receives messages from a Kafka Cluster.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword|||||x|x\nauthenticationClientCertContent|||||x|x\nauthenticationClientCertPassword|||||x|\nauthenticationKerberosKeytabContent|||||x|\nauthenticationOauthClientSecret|||||x|x\nauthenticationScramPassword|||||x|x\nkafkaReceiverName|x|x|x|||\nmsgVpnName|x|||x||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnKafkaReceiver|authenticationBasicPassword|authenticationBasicUsername\nMsgVpnKafkaReceiver|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnKafkaReceiver|authenticationKerberosKeytabContent|authenticationKerberosKeytabFileName, authenticationKerberosUserPrincipalName\nMsgVpnKafkaReceiver|authenticationKerberosKeytabFileName|authenticationKerberosKeytabContent, authenticationKerberosUserPrincipalName\nMsgVpnKafkaReceiver|authenticationKerberosUserPrincipalName|authenticationKerberosKeytabContent, authenticationKerberosKeytabFileName\nMsgVpnKafkaReceiver|authenticationScramPassword|authenticationScramUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "createMsgVpnKafkaReceiver", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Kafka Receiver object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiver" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Receiver object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Kafka Receiver object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaReceivers/{kafkaReceiverName}": { + "delete": { + "description": "Delete a Kafka Receiver object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Kafka Receiver receives messages from a Kafka Cluster.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "deleteMsgVpnKafkaReceiver", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Kafka Receiver object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "get": { + "description": "Get a Kafka Receiver object.\n\nA Kafka Receiver receives messages from a Kafka Cluster.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nauthenticationClientCertContent||x|x\nauthenticationClientCertPassword||x|\nauthenticationKerberosKeytabContent||x|\nauthenticationOauthClientSecret||x|x\nauthenticationScramPassword||x|x\nkafkaReceiverName|x||\nmsgVpnName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaReceiver", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Receiver object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Kafka Receiver object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "patch": { + "description": "Update a Kafka Receiver object. Any attribute missing from the request will be left unchanged.\n\nA Kafka Receiver receives messages from a Kafka Cluster.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x|x\nauthenticationBasicUsername|||||x|\nauthenticationClientCertContent||||x|x|x\nauthenticationClientCertPassword||||x|x|\nauthenticationKerberosKeytabContent||||x|x|\nauthenticationKerberosKeytabFileName|||||x|\nauthenticationKerberosServiceName|||||x|\nauthenticationKerberosUserPrincipalName|||||x|\nauthenticationOauthClientId|||||x|\nauthenticationOauthClientScope|||||x|\nauthenticationOauthClientSecret||||x|x|x\nauthenticationOauthClientTokenEndpoint|||||x|\nauthenticationScheme|||||x|\nauthenticationScramHash|||||x|\nauthenticationScramPassword||||x|x|x\nauthenticationScramUsername|||||x|\nbatchDelay|||||x|\nbatchMaxSize|||||x|\nbootstrapAddressList|||||x|\ngroupId|||||x|\ngroupKeepaliveInterval|||||x|\ngroupKeepaliveTimeout|||||x|\ngroupMembershipType|||||x|\ngroupPartitionSchemeList|||||x|\nkafkaReceiverName|x|x||||\nmetadataTopicExcludeList|||||x|\nmetadataTopicRefreshInterval|||||x|\nmsgVpnName|x||x|||\ntransportTlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnKafkaReceiver|authenticationBasicPassword|authenticationBasicUsername\nMsgVpnKafkaReceiver|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnKafkaReceiver|authenticationKerberosKeytabContent|authenticationKerberosKeytabFileName, authenticationKerberosUserPrincipalName\nMsgVpnKafkaReceiver|authenticationKerberosKeytabFileName|authenticationKerberosKeytabContent, authenticationKerberosUserPrincipalName\nMsgVpnKafkaReceiver|authenticationKerberosUserPrincipalName|authenticationKerberosKeytabContent, authenticationKerberosKeytabFileName\nMsgVpnKafkaReceiver|authenticationScramPassword|authenticationScramUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "updateMsgVpnKafkaReceiver", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "description": "The Kafka Receiver object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiver" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Receiver object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Kafka Receiver object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "put": { + "description": "Replace a Kafka Receiver object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Kafka Receiver receives messages from a Kafka Cluster.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x|x\nauthenticationBasicUsername|||||x|\nauthenticationClientCertContent||||x|x|x\nauthenticationClientCertPassword||||x|x|\nauthenticationKerberosKeytabContent||||x|x|\nauthenticationKerberosKeytabFileName|||||x|\nauthenticationKerberosServiceName|||||x|\nauthenticationKerberosUserPrincipalName|||||x|\nauthenticationOauthClientId|||||x|\nauthenticationOauthClientScope|||||x|\nauthenticationOauthClientSecret||||x|x|x\nauthenticationOauthClientTokenEndpoint|||||x|\nauthenticationScheme|||||x|\nauthenticationScramHash|||||x|\nauthenticationScramPassword||||x|x|x\nauthenticationScramUsername|||||x|\nbatchDelay|||||x|\nbatchMaxSize|||||x|\nbootstrapAddressList|||||x|\ngroupId|||||x|\ngroupKeepaliveInterval|||||x|\ngroupKeepaliveTimeout|||||x|\ngroupMembershipType|||||x|\ngroupPartitionSchemeList|||||x|\nkafkaReceiverName|x|x||||\nmetadataTopicExcludeList|||||x|\nmetadataTopicRefreshInterval|||||x|\nmsgVpnName|x||x|||\ntransportTlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnKafkaReceiver|authenticationBasicPassword|authenticationBasicUsername\nMsgVpnKafkaReceiver|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnKafkaReceiver|authenticationKerberosKeytabContent|authenticationKerberosKeytabFileName, authenticationKerberosUserPrincipalName\nMsgVpnKafkaReceiver|authenticationKerberosKeytabFileName|authenticationKerberosKeytabContent, authenticationKerberosUserPrincipalName\nMsgVpnKafkaReceiver|authenticationKerberosUserPrincipalName|authenticationKerberosKeytabContent, authenticationKerberosKeytabFileName\nMsgVpnKafkaReceiver|authenticationScramPassword|authenticationScramUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "replaceMsgVpnKafkaReceiver", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "description": "The Kafka Receiver object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiver" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Receiver object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Kafka Receiver object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaReceivers/{kafkaReceiverName}/topicBindings": { + "get": { + "description": "Get a list of Topic Binding objects.\n\nA Topic Binding receives messages from a remote Kafka Topic.\n\n\nAttribute|Identifying\n:---|:---:\nkafkaReceiverName|x\nmsgVpnName|x\ntopicName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaReceiverTopicBindings", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Topic Binding objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBindingsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Topic Binding objects.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "post": { + "description": "Create a Topic Binding object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Binding receives messages from a remote Kafka Topic.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nkafkaReceiverName|x|||x\nmsgVpnName|x|||x\ntopicName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "createMsgVpnKafkaReceiverTopicBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Binding object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Topic Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaReceivers/{kafkaReceiverName}/topicBindings/{topicName}": { + "delete": { + "description": "Delete a Topic Binding object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Binding receives messages from a remote Kafka Topic.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "deleteMsgVpnKafkaReceiverTopicBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic or a POSIX.2 regular expression starting with '^'.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Topic Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "get": { + "description": "Get a Topic Binding object.\n\nA Topic Binding receives messages from a remote Kafka Topic.\n\n\nAttribute|Identifying\n:---|:---:\nkafkaReceiverName|x\nmsgVpnName|x\ntopicName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaReceiverTopicBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic or a POSIX.2 regular expression starting with '^'.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Binding object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Topic Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "patch": { + "description": "Update a Topic Binding object. Any attribute missing from the request will be left unchanged.\n\nA Topic Binding receives messages from a remote Kafka Topic.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\ninitialOffset||||x\nkafkaReceiverName|x||x|\nlocalKey||||x\nlocalTopic||||x\nmsgVpnName|x||x|\ntopicName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "updateMsgVpnKafkaReceiverTopicBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic or a POSIX.2 regular expression starting with '^'.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Binding object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Topic Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + }, + "put": { + "description": "Replace a Topic Binding object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Topic Binding receives messages from a remote Kafka Topic.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\ninitialOffset||||x\nkafkaReceiverName|x||x|\nlocalKey||||x\nlocalTopic||||x\nmsgVpnName|x||x|\ntopicName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "replaceMsgVpnKafkaReceiverTopicBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Receiver.", + "in": "path", + "name": "kafkaReceiverName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic or a POSIX.2 regular expression starting with '^'.", + "in": "path", + "name": "topicName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Binding object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaReceiverTopicBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Topic Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaReceiver" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaSenders": { + "get": { + "description": "Get a list of Kafka Sender objects.\n\nA Kafka Sender sends messages to a Kafka Cluster.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nauthenticationClientCertContent||x|x\nauthenticationClientCertPassword||x|\nauthenticationKerberosKeytabContent||x|\nauthenticationOauthClientSecret||x|x\nauthenticationScramPassword||x|x\nkafkaSenderName|x||\nmsgVpnName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaSenders", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Kafka Sender objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSendersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Kafka Sender objects.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "post": { + "description": "Create a Kafka Sender object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Kafka Sender sends messages to a Kafka Cluster.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword|||||x|x\nauthenticationClientCertContent|||||x|x\nauthenticationClientCertPassword|||||x|\nauthenticationKerberosKeytabContent|||||x|\nauthenticationOauthClientSecret|||||x|x\nauthenticationScramPassword|||||x|x\nkafkaSenderName|x|x|x|||\nmsgVpnName|x|||x||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnKafkaSender|authenticationBasicPassword|authenticationBasicUsername\nMsgVpnKafkaSender|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnKafkaSender|authenticationKerberosKeytabContent|authenticationKerberosKeytabFileName, authenticationKerberosUserPrincipalName\nMsgVpnKafkaSender|authenticationKerberosKeytabFileName|authenticationKerberosKeytabContent, authenticationKerberosUserPrincipalName\nMsgVpnKafkaSender|authenticationKerberosUserPrincipalName|authenticationKerberosKeytabContent, authenticationKerberosKeytabFileName\nMsgVpnKafkaSender|authenticationScramPassword|authenticationScramUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "createMsgVpnKafkaSender", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Kafka Sender object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSender" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Sender object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Kafka Sender object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaSenders/{kafkaSenderName}": { + "delete": { + "description": "Delete a Kafka Sender object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Kafka Sender sends messages to a Kafka Cluster.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "deleteMsgVpnKafkaSender", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Kafka Sender object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "get": { + "description": "Get a Kafka Sender object.\n\nA Kafka Sender sends messages to a Kafka Cluster.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nauthenticationClientCertContent||x|x\nauthenticationClientCertPassword||x|\nauthenticationKerberosKeytabContent||x|\nauthenticationOauthClientSecret||x|x\nauthenticationScramPassword||x|x\nkafkaSenderName|x||\nmsgVpnName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaSender", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Sender object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Kafka Sender object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "patch": { + "description": "Update a Kafka Sender object. Any attribute missing from the request will be left unchanged.\n\nA Kafka Sender sends messages to a Kafka Cluster.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x|x\nauthenticationBasicUsername|||||x|\nauthenticationClientCertContent||||x|x|x\nauthenticationClientCertPassword||||x|x|\nauthenticationKerberosKeytabContent||||x|x|\nauthenticationKerberosKeytabFileName|||||x|\nauthenticationKerberosServiceName|||||x|\nauthenticationKerberosUserPrincipalName|||||x|\nauthenticationOauthClientId|||||x|\nauthenticationOauthClientScope|||||x|\nauthenticationOauthClientSecret||||x|x|x\nauthenticationOauthClientTokenEndpoint|||||x|\nauthenticationScheme|||||x|\nauthenticationScramHash|||||x|\nauthenticationScramPassword||||x|x|x\nauthenticationScramUsername|||||x|\nbatchDelay|||||x|\nbatchMaxMsgCount|||||x|\nbatchMaxSize|||||x|\nbootstrapAddressList|||||x|\nidempotenceEnabled|||||x|\nkafkaSenderName|x|x||||\nmsgVpnName|x||x|||\ntransportCompressionEnabled|||||x|\ntransportCompressionLevel|||||x|\ntransportCompressionType|||||x|\ntransportTlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnKafkaSender|authenticationBasicPassword|authenticationBasicUsername\nMsgVpnKafkaSender|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnKafkaSender|authenticationKerberosKeytabContent|authenticationKerberosKeytabFileName, authenticationKerberosUserPrincipalName\nMsgVpnKafkaSender|authenticationKerberosKeytabFileName|authenticationKerberosKeytabContent, authenticationKerberosUserPrincipalName\nMsgVpnKafkaSender|authenticationKerberosUserPrincipalName|authenticationKerberosKeytabContent, authenticationKerberosKeytabFileName\nMsgVpnKafkaSender|authenticationScramPassword|authenticationScramUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "updateMsgVpnKafkaSender", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "description": "The Kafka Sender object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSender" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Sender object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Kafka Sender object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "put": { + "description": "Replace a Kafka Sender object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Kafka Sender sends messages to a Kafka Cluster.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x|x\nauthenticationBasicUsername|||||x|\nauthenticationClientCertContent||||x|x|x\nauthenticationClientCertPassword||||x|x|\nauthenticationKerberosKeytabContent||||x|x|\nauthenticationKerberosKeytabFileName|||||x|\nauthenticationKerberosServiceName|||||x|\nauthenticationKerberosUserPrincipalName|||||x|\nauthenticationOauthClientId|||||x|\nauthenticationOauthClientScope|||||x|\nauthenticationOauthClientSecret||||x|x|x\nauthenticationOauthClientTokenEndpoint|||||x|\nauthenticationScheme|||||x|\nauthenticationScramHash|||||x|\nauthenticationScramPassword||||x|x|x\nauthenticationScramUsername|||||x|\nbatchDelay|||||x|\nbatchMaxMsgCount|||||x|\nbatchMaxSize|||||x|\nbootstrapAddressList|||||x|\nidempotenceEnabled|||||x|\nkafkaSenderName|x|x||||\nmsgVpnName|x||x|||\ntransportCompressionEnabled|||||x|\ntransportCompressionLevel|||||x|\ntransportCompressionType|||||x|\ntransportTlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnKafkaSender|authenticationBasicPassword|authenticationBasicUsername\nMsgVpnKafkaSender|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnKafkaSender|authenticationKerberosKeytabContent|authenticationKerberosKeytabFileName, authenticationKerberosUserPrincipalName\nMsgVpnKafkaSender|authenticationKerberosKeytabFileName|authenticationKerberosKeytabContent, authenticationKerberosUserPrincipalName\nMsgVpnKafkaSender|authenticationKerberosUserPrincipalName|authenticationKerberosKeytabContent, authenticationKerberosKeytabFileName\nMsgVpnKafkaSender|authenticationScramPassword|authenticationScramUsername\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "replaceMsgVpnKafkaSender", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "description": "The Kafka Sender object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSender" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Kafka Sender object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Kafka Sender object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaSenders/{kafkaSenderName}/queueBindings": { + "get": { + "description": "Get a list of Queue Binding objects.\n\nA Queue Binding sends messages from a local Solace Queue to a remote Kafka topic.\n\n\nAttribute|Identifying\n:---|:---:\nkafkaSenderName|x\nmsgVpnName|x\nqueueName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaSenderQueueBindings", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Queue Binding objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBindingsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Queue Binding objects.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "post": { + "description": "Create a Queue Binding object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue Binding sends messages from a local Solace Queue to a remote Kafka topic.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nkafkaSenderName|x|||x\nmsgVpnName|x|||x\nqueueName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "createMsgVpnKafkaSenderQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + } + }, + "/msgVpns/{msgVpnName}/kafkaSenders/{kafkaSenderName}/queueBindings/{queueName}": { + "delete": { + "description": "Delete a Queue Binding object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue Binding sends messages from a local Solace Queue to a remote Kafka topic.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "deleteMsgVpnKafkaSenderQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "get": { + "description": "Get a Queue Binding object.\n\nA Queue Binding sends messages from a local Solace Queue to a remote Kafka topic.\n\n\nAttribute|Identifying\n:---|:---:\nkafkaSenderName|x\nmsgVpnName|x\nqueueName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnKafkaSenderQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "patch": { + "description": "Update a Queue Binding object. Any attribute missing from the request will be left unchanged.\n\nA Queue Binding sends messages from a local Solace Queue to a remote Kafka topic.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nackMode||||x\nkafkaSenderName|x||x|\nmsgVpnName|x||x|\npartitionConsistentHash||||x\npartitionExplicitNumber||||x\npartitionRandomFallbackEnabled||||x\npartitionScheme||||x\nqueueName|x|x||\nremoteKey||||x\nremoteTopic||||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "updateMsgVpnKafkaSenderQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + }, + "put": { + "description": "Replace a Queue Binding object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Queue Binding sends messages from a local Solace Queue to a remote Kafka topic.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nackMode||||x\nkafkaSenderName|x||x|\nmsgVpnName|x||x|\npartitionConsistentHash||||x\npartitionExplicitNumber||||x\npartitionRandomFallbackEnabled||||x\npartitionScheme||||x\nqueueName|x|x||\nremoteKey||||x\nremoteTopic||||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "replaceMsgVpnKafkaSenderQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Kafka Sender.", + "in": "path", + "name": "kafkaSenderName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnKafkaSenderQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "kafkaSender" + ] + } + }, + "/msgVpns/{msgVpnName}/mqttRetainCaches": { + "get": { + "description": "Get a list of MQTT Retain Cache objects.\n\nUsing MQTT retained messages allows publishing MQTT clients to indicate that a message must be stored for later delivery to subscribing clients when those subscribing clients add subscriptions matching the retained message's topic. An MQTT Retain Cache processes all retained messages for a Message VPN.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnMqttRetainCaches", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of MQTT Retain Cache objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCachesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of MQTT Retain Cache objects.", + "tags": [ + "all", + "msgVpn", + "mqttRetainCache" + ] + }, + "post": { + "description": "Create an MQTT Retain Cache object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nUsing MQTT retained messages allows publishing MQTT clients to indicate that a message must be stored for later delivery to subscribing clients when those subscribing clients add subscriptions matching the retained message's topic. An MQTT Retain Cache processes all retained messages for a Message VPN.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ncacheName|x|x|x|\nmsgVpnName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "createMsgVpnMqttRetainCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The MQTT Retain Cache object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCache" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Retain Cache object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an MQTT Retain Cache object.", + "tags": [ + "all", + "msgVpn", + "mqttRetainCache" + ] + } + }, + "/msgVpns/{msgVpnName}/mqttRetainCaches/{cacheName}": { + "delete": { + "description": "Delete an MQTT Retain Cache object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nUsing MQTT retained messages allows publishing MQTT clients to indicate that a message must be stored for later delivery to subscribing clients when those subscribing clients add subscriptions matching the retained message's topic. An MQTT Retain Cache processes all retained messages for a Message VPN.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "deleteMsgVpnMqttRetainCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the MQTT Retain Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an MQTT Retain Cache object.", + "tags": [ + "all", + "msgVpn", + "mqttRetainCache" + ] + }, + "get": { + "description": "Get an MQTT Retain Cache object.\n\nUsing MQTT retained messages allows publishing MQTT clients to indicate that a message must be stored for later delivery to subscribing clients when those subscribing clients add subscriptions matching the retained message's topic. An MQTT Retain Cache processes all retained messages for a Message VPN.\n\n\nAttribute|Identifying\n:---|:---:\ncacheName|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "getMsgVpnMqttRetainCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the MQTT Retain Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Retain Cache object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an MQTT Retain Cache object.", + "tags": [ + "all", + "msgVpn", + "mqttRetainCache" + ] + }, + "patch": { + "description": "Update an MQTT Retain Cache object. Any attribute missing from the request will be left unchanged.\n\nUsing MQTT retained messages allows publishing MQTT clients to indicate that a message must be stored for later delivery to subscribing clients when those subscribing clients add subscriptions matching the retained message's topic. An MQTT Retain Cache processes all retained messages for a Message VPN.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ncacheName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "updateMsgVpnMqttRetainCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the MQTT Retain Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The MQTT Retain Cache object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCache" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Retain Cache object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an MQTT Retain Cache object.", + "tags": [ + "all", + "msgVpn", + "mqttRetainCache" + ] + }, + "put": { + "description": "Replace an MQTT Retain Cache object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nUsing MQTT retained messages allows publishing MQTT clients to indicate that a message must be stored for later delivery to subscribing clients when those subscribing clients add subscriptions matching the retained message's topic. An MQTT Retain Cache processes all retained messages for a Message VPN.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ncacheName|x|x|\nmsgVpnName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.11.", + "operationId": "replaceMsgVpnMqttRetainCache", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the MQTT Retain Cache.", + "in": "path", + "name": "cacheName", + "required": true, + "type": "string" + }, + { + "description": "The MQTT Retain Cache object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCache" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Retain Cache object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttRetainCacheResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an MQTT Retain Cache object.", + "tags": [ + "all", + "msgVpn", + "mqttRetainCache" + ] + } + }, + "/msgVpns/{msgVpnName}/mqttSessions": { + "get": { + "description": "Get a list of MQTT Session objects.\n\nAn MQTT Session object is a virtual representation of an MQTT client connection. An MQTT session holds the state of an MQTT client (that is, it is used to contain a client's QoS 0 and QoS 1 subscription sets and any undelivered QoS 1 messages).\n\n\nAttribute|Identifying\n:---|:---:\nmqttSessionClientId|x\nmqttSessionVirtualRouter|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnMqttSessions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of MQTT Session objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of MQTT Session objects.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "post": { + "description": "Create an MQTT Session object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAn MQTT Session object is a virtual representation of an MQTT client connection. An MQTT session holds the state of an MQTT client (that is, it is used to contain a client's QoS 0 and QoS 1 subscription sets and any undelivered QoS 1 messages).\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmqttSessionClientId|x|x|x|\nmqttSessionVirtualRouter|x|x|x|\nmsgVpnName|x|||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "createMsgVpnMqttSession", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The MQTT Session object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttSession" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Session object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an MQTT Session object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + } + }, + "/msgVpns/{msgVpnName}/mqttSessions/{mqttSessionClientId},{mqttSessionVirtualRouter}": { + "delete": { + "description": "Delete an MQTT Session object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAn MQTT Session object is a virtual representation of an MQTT client connection. An MQTT session holds the state of an MQTT client (that is, it is used to contain a client's QoS 0 and QoS 1 subscription sets and any undelivered QoS 1 messages).\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "deleteMsgVpnMqttSession", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an MQTT Session object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "get": { + "description": "Get an MQTT Session object.\n\nAn MQTT Session object is a virtual representation of an MQTT client connection. An MQTT session holds the state of an MQTT client (that is, it is used to contain a client's QoS 0 and QoS 1 subscription sets and any undelivered QoS 1 messages).\n\n\nAttribute|Identifying\n:---|:---:\nmqttSessionClientId|x\nmqttSessionVirtualRouter|x\nmsgVpnName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnMqttSession", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Session object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an MQTT Session object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "patch": { + "description": "Update an MQTT Session object. Any attribute missing from the request will be left unchanged.\n\nAn MQTT Session object is a virtual representation of an MQTT client connection. An MQTT session holds the state of an MQTT client (that is, it is used to contain a client's QoS 0 and QoS 1 subscription sets and any undelivered QoS 1 messages).\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nmqttSessionClientId|x|x||\nmqttSessionVirtualRouter|x|x||\nmsgVpnName|x||x|\nowner||||x\nqueueRejectMsgToSenderOnDiscardBehavior||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "updateMsgVpnMqttSession", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The MQTT Session object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttSession" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Session object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an MQTT Session object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "put": { + "description": "Replace an MQTT Session object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nAn MQTT Session object is a virtual representation of an MQTT client connection. An MQTT session holds the state of an MQTT client (that is, it is used to contain a client's QoS 0 and QoS 1 subscription sets and any undelivered QoS 1 messages).\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nmqttSessionClientId|x|x||\nmqttSessionVirtualRouter|x|x||\nmsgVpnName|x||x|\nowner||||x\nqueueRejectMsgToSenderOnDiscardBehavior||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "replaceMsgVpnMqttSession", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The MQTT Session object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttSession" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The MQTT Session object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an MQTT Session object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + } + }, + "/msgVpns/{msgVpnName}/mqttSessions/{mqttSessionClientId},{mqttSessionVirtualRouter}/subscriptions": { + "get": { + "description": "Get a list of Subscription objects.\n\nAn MQTT session contains a client's QoS 0 and QoS 1 subscription sets. On creation, a subscription defaults to QoS 0.\n\n\nAttribute|Identifying\n:---|:---:\nmqttSessionClientId|x\nmqttSessionVirtualRouter|x\nmsgVpnName|x\nsubscriptionTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnMqttSessionSubscriptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Subscription objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscriptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Subscription objects.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "post": { + "description": "Create a Subscription object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAn MQTT session contains a client's QoS 0 and QoS 1 subscription sets. On creation, a subscription defaults to QoS 0.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmqttSessionClientId|x|||x\nmqttSessionVirtualRouter|x|||x\nmsgVpnName|x|||x\nsubscriptionTopic|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "createMsgVpnMqttSessionSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The Subscription object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscription" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscription object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Subscription object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + } + }, + "/msgVpns/{msgVpnName}/mqttSessions/{mqttSessionClientId},{mqttSessionVirtualRouter}/subscriptions/{subscriptionTopic}": { + "delete": { + "description": "Delete a Subscription object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nAn MQTT session contains a client's QoS 0 and QoS 1 subscription sets. On creation, a subscription defaults to QoS 0.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "deleteMsgVpnMqttSessionSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The MQTT subscription topic.", + "in": "path", + "name": "subscriptionTopic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Subscription object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "get": { + "description": "Get a Subscription object.\n\nAn MQTT session contains a client's QoS 0 and QoS 1 subscription sets. On creation, a subscription defaults to QoS 0.\n\n\nAttribute|Identifying\n:---|:---:\nmqttSessionClientId|x\nmqttSessionVirtualRouter|x\nmsgVpnName|x\nsubscriptionTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnMqttSessionSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The MQTT subscription topic.", + "in": "path", + "name": "subscriptionTopic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscription object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Subscription object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "patch": { + "description": "Update a Subscription object. Any attribute missing from the request will be left unchanged.\n\nAn MQTT session contains a client's QoS 0 and QoS 1 subscription sets. On creation, a subscription defaults to QoS 0.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmqttSessionClientId|x||x\nmqttSessionVirtualRouter|x||x\nmsgVpnName|x||x\nsubscriptionTopic|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "updateMsgVpnMqttSessionSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The MQTT subscription topic.", + "in": "path", + "name": "subscriptionTopic", + "required": true, + "type": "string" + }, + { + "description": "The Subscription object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscription" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscription object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Subscription object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + }, + "put": { + "description": "Replace a Subscription object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nAn MQTT session contains a client's QoS 0 and QoS 1 subscription sets. On creation, a subscription defaults to QoS 0.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmqttSessionClientId|x||x\nmqttSessionVirtualRouter|x||x\nmsgVpnName|x||x\nsubscriptionTopic|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "replaceMsgVpnMqttSessionSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Client ID of the MQTT Session, which corresponds to the ClientId provided in the MQTT CONNECT packet.", + "in": "path", + "name": "mqttSessionClientId", + "required": true, + "type": "string" + }, + { + "description": "The virtual router of the MQTT Session.", + "in": "path", + "name": "mqttSessionVirtualRouter", + "required": true, + "type": "string" + }, + { + "description": "The MQTT subscription topic.", + "in": "path", + "name": "subscriptionTopic", + "required": true, + "type": "string" + }, + { + "description": "The Subscription object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscription" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Subscription object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnMqttSessionSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Subscription object.", + "tags": [ + "all", + "msgVpn", + "mqttSession" + ] + } + }, + "/msgVpns/{msgVpnName}/proxies": { + "get": { + "description": "Get a list of Proxy objects.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a REST Consumer, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nmsgVpnName|x||\nproxyName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnProxies", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Proxy objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnProxiesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Proxy objects.", + "tags": [ + "all", + "msgVpn", + "proxy" + ] + }, + "post": { + "description": "Create a Proxy object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a REST Consumer, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword|||||x|x\nmsgVpnName|x|||x||\nproxyName|x|x|x|||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "createMsgVpnProxy", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Proxy object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnProxy" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Proxy object.", + "tags": [ + "all", + "msgVpn", + "proxy" + ] + } + }, + "/msgVpns/{msgVpnName}/proxies/{proxyName}": { + "delete": { + "description": "Delete a Proxy object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a REST Consumer, select the proxy by name in the configuration for that object.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "deleteMsgVpnProxy", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Proxy object.", + "tags": [ + "all", + "msgVpn", + "proxy" + ] + }, + "get": { + "description": "Get a Proxy object.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a REST Consumer, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nmsgVpnName|x||\nproxyName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "getMsgVpnProxy", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Proxy object.", + "tags": [ + "all", + "msgVpn", + "proxy" + ] + }, + "patch": { + "description": "Update a Proxy object. Any attribute missing from the request will be left unchanged.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a REST Consumer, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x\nmsgVpnName|x||x||\nproxyName|x|x|||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "updateMsgVpnProxy", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + }, + { + "description": "The Proxy object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnProxy" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Proxy object.", + "tags": [ + "all", + "msgVpn", + "proxy" + ] + }, + "put": { + "description": "Replace a Proxy object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a REST Consumer, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x\nmsgVpnName|x||x||\nproxyName|x|x|||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.36.", + "operationId": "replaceMsgVpnProxy", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + }, + { + "description": "The Proxy object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnProxy" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Proxy object.", + "tags": [ + "all", + "msgVpn", + "proxy" + ] + } + }, + "/msgVpns/{msgVpnName}/queueTemplates": { + "get": { + "description": "Get a list of Queue Template objects.\n\nA Queue Template provides a mechanism for specifying the initial state for client created queues.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueTemplateName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnQueueTemplates", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Queue Template objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplatesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Queue Template objects.", + "tags": [ + "all", + "msgVpn", + "queueTemplate" + ] + }, + "post": { + "description": "Create a Queue Template object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue Template provides a mechanism for specifying the initial state for client created queues.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nqueueTemplateName|x|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "createMsgVpnQueueTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Template object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplate" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Template object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Queue Template object.", + "tags": [ + "all", + "msgVpn", + "queueTemplate" + ] + } + }, + "/msgVpns/{msgVpnName}/queueTemplates/{queueTemplateName}": { + "delete": { + "description": "Delete a Queue Template object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue Template provides a mechanism for specifying the initial state for client created queues.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "deleteMsgVpnQueueTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue Template.", + "in": "path", + "name": "queueTemplateName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Queue Template object.", + "tags": [ + "all", + "msgVpn", + "queueTemplate" + ] + }, + "get": { + "description": "Get a Queue Template object.\n\nA Queue Template provides a mechanism for specifying the initial state for client created queues.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueTemplateName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnQueueTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue Template.", + "in": "path", + "name": "queueTemplateName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Template object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Queue Template object.", + "tags": [ + "all", + "msgVpn", + "queueTemplate" + ] + }, + "patch": { + "description": "Update a Queue Template object. Any attribute missing from the request will be left unchanged.\n\nA Queue Template provides a mechanism for specifying the initial state for client created queues.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nqueueTemplateName|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "updateMsgVpnQueueTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue Template.", + "in": "path", + "name": "queueTemplateName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Template object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplate" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Template object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Queue Template object.", + "tags": [ + "all", + "msgVpn", + "queueTemplate" + ] + }, + "put": { + "description": "Replace a Queue Template object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Queue Template provides a mechanism for specifying the initial state for client created queues.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nqueueTemplateName|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "replaceMsgVpnQueueTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue Template.", + "in": "path", + "name": "queueTemplateName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Template object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplate" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Template object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Queue Template object.", + "tags": [ + "all", + "msgVpn", + "queueTemplate" + ] + } + }, + "/msgVpns/{msgVpnName}/queues": { + "get": { + "description": "Get a list of Queue objects.\n\nA Queue acts as both a destination that clients can publish messages to, and as an endpoint that clients can bind consumers to and consume messages from.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnQueues", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Queue objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueuesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Queue objects.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + }, + "post": { + "description": "Create a Queue object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue acts as both a destination that clients can publish messages to, and as an endpoint that clients can bind consumers to and consume messages from.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nqueueName|x|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Queue object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnQueue" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Queue object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + } + }, + "/msgVpns/{msgVpnName}/queues/{queueName}": { + "delete": { + "description": "Delete a Queue object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue acts as both a destination that clients can publish messages to, and as an endpoint that clients can bind consumers to and consume messages from.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Queue object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + }, + "get": { + "description": "Get a Queue object.\n\nA Queue acts as both a destination that clients can publish messages to, and as an endpoint that clients can bind consumers to and consume messages from.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Queue object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + }, + "patch": { + "description": "Update a Queue object. Any attribute missing from the request will be left unchanged.\n\nA Queue acts as both a destination that clients can publish messages to, and as an endpoint that clients can bind consumers to and consume messages from.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\naccessType||||x\nmsgVpnName|x||x|\nowner||||x\npermission||||x\nqueueName|x|x||\nredeliveryDelayEnabled||||x\nredeliveryDelayInitialInterval||||x\nredeliveryDelayMaxInterval||||x\nredeliveryDelayMultiplier||||x\nrejectMsgToSenderOnDiscardBehavior||||x\nrespectMsgPriorityEnabled||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The Queue object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnQueue" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Queue object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + }, + "put": { + "description": "Replace a Queue object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Queue acts as both a destination that clients can publish messages to, and as an endpoint that clients can bind consumers to and consume messages from.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\naccessType||||x\nmsgVpnName|x||x|\nowner||||x\npermission||||x\nqueueName|x|x||\nredeliveryDelayEnabled||||x\nredeliveryDelayInitialInterval||||x\nredeliveryDelayMaxInterval||||x\nredeliveryDelayMultiplier||||x\nrejectMsgToSenderOnDiscardBehavior||||x\nrespectMsgPriorityEnabled||||x\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnQueue", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The Queue object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnQueue" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Queue object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + } + }, + "/msgVpns/{msgVpnName}/queues/{queueName}/subscriptions": { + "get": { + "description": "Get a list of Queue Subscription objects.\n\nOne or more Queue Subscriptions can be added to a durable queue so that Guaranteed messages published to matching topics are also delivered to and spooled by the queue.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueName|x\nsubscriptionTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnQueueSubscriptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Queue Subscription objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueSubscriptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Queue Subscription objects.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + }, + "post": { + "description": "Create a Queue Subscription object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOne or more Queue Subscriptions can be added to a durable queue so that Guaranteed messages published to matching topics are also delivered to and spooled by the queue.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nqueueName|x|||x\nsubscriptionTopic|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnQueueSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Subscription object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnQueueSubscription" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Subscription object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Queue Subscription object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + } + }, + "/msgVpns/{msgVpnName}/queues/{queueName}/subscriptions/{subscriptionTopic}": { + "delete": { + "description": "Delete a Queue Subscription object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOne or more Queue Subscriptions can be added to a durable queue so that Guaranteed messages published to matching topics are also delivered to and spooled by the queue.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnQueueSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The topic of the Subscription.", + "in": "path", + "name": "subscriptionTopic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Queue Subscription object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + }, + "get": { + "description": "Get a Queue Subscription object.\n\nOne or more Queue Subscriptions can be added to a durable queue so that Guaranteed messages published to matching topics are also delivered to and spooled by the queue.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueName|x\nsubscriptionTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnQueueSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Queue.", + "in": "path", + "name": "queueName", + "required": true, + "type": "string" + }, + { + "description": "The topic of the Subscription.", + "in": "path", + "name": "subscriptionTopic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Subscription object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnQueueSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Queue Subscription object.", + "tags": [ + "all", + "msgVpn", + "queue" + ] + } + }, + "/msgVpns/{msgVpnName}/replayLogs": { + "get": { + "description": "Get a list of Replay Log objects.\n\nWhen the Message Replay feature is enabled, message brokers store persistent messages in a Replay Log. These messages are kept until the log is full, after which the oldest messages are removed to free up space for new messages.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreplayLogName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.10.", + "operationId": "getMsgVpnReplayLogs", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Replay Log objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Replay Log objects.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + }, + "post": { + "description": "Create a Replay Log object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nWhen the Message Replay feature is enabled, message brokers store persistent messages in a Replay Log. These messages are kept until the log is full, after which the oldest messages are removed to free up space for new messages.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nreplayLogName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.10.", + "operationId": "createMsgVpnReplayLog", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Replay Log object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnReplayLog" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replay Log object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Replay Log object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + } + }, + "/msgVpns/{msgVpnName}/replayLogs/{replayLogName}": { + "delete": { + "description": "Delete a Replay Log object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nWhen the Message Replay feature is enabled, message brokers store persistent messages in a Replay Log. These messages are kept until the log is full, after which the oldest messages are removed to free up space for new messages.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.10.", + "operationId": "deleteMsgVpnReplayLog", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Replay Log object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + }, + "get": { + "description": "Get a Replay Log object.\n\nWhen the Message Replay feature is enabled, message brokers store persistent messages in a Replay Log. These messages are kept until the log is full, after which the oldest messages are removed to free up space for new messages.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreplayLogName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.10.", + "operationId": "getMsgVpnReplayLog", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replay Log object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Replay Log object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + }, + "patch": { + "description": "Update a Replay Log object. Any attribute missing from the request will be left unchanged.\n\nWhen the Message Replay feature is enabled, message brokers store persistent messages in a Replay Log. These messages are kept until the log is full, after which the oldest messages are removed to free up space for new messages.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nreplayLogName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.10.", + "operationId": "updateMsgVpnReplayLog", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + }, + { + "description": "The Replay Log object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnReplayLog" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replay Log object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Replay Log object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + }, + "put": { + "description": "Replace a Replay Log object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nWhen the Message Replay feature is enabled, message brokers store persistent messages in a Replay Log. These messages are kept until the log is full, after which the oldest messages are removed to free up space for new messages.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nreplayLogName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.10.", + "operationId": "replaceMsgVpnReplayLog", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + }, + { + "description": "The Replay Log object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnReplayLog" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replay Log object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Replay Log object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + } + }, + "/msgVpns/{msgVpnName}/replayLogs/{replayLogName}/topicFilterSubscriptions": { + "get": { + "description": "Get a list of Topic Filter Subscription objects.\n\nOne or more Subscriptions can be added to a replay-log so that only guaranteed messages published to matching topics are stored in the Replay Log.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreplayLogName|x\ntopicFilterSubscription|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnReplayLogTopicFilterSubscriptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Topic Filter Subscription objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscriptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Topic Filter Subscription objects.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + }, + "post": { + "description": "Create a Topic Filter Subscription object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOne or more Subscriptions can be added to a replay-log so that only guaranteed messages published to matching topics are stored in the Replay Log.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nreplayLogName|x|||x\ntopicFilterSubscription|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "createMsgVpnReplayLogTopicFilterSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Filter Subscription object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscription" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Filter Subscription object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Topic Filter Subscription object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + } + }, + "/msgVpns/{msgVpnName}/replayLogs/{replayLogName}/topicFilterSubscriptions/{topicFilterSubscription}": { + "delete": { + "description": "Delete a Topic Filter Subscription object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nOne or more Subscriptions can be added to a replay-log so that only guaranteed messages published to matching topics are stored in the Replay Log.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "deleteMsgVpnReplayLogTopicFilterSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + }, + { + "description": "The topic of the Subscription.", + "in": "path", + "name": "topicFilterSubscription", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Topic Filter Subscription object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + }, + "get": { + "description": "Get a Topic Filter Subscription object.\n\nOne or more Subscriptions can be added to a replay-log so that only guaranteed messages published to matching topics are stored in the Replay Log.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreplayLogName|x\ntopicFilterSubscription|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.27.", + "operationId": "getMsgVpnReplayLogTopicFilterSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Replay Log.", + "in": "path", + "name": "replayLogName", + "required": true, + "type": "string" + }, + { + "description": "The topic of the Subscription.", + "in": "path", + "name": "topicFilterSubscription", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Filter Subscription object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplayLogTopicFilterSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Topic Filter Subscription object.", + "tags": [ + "all", + "msgVpn", + "replayLog" + ] + } + }, + "/msgVpns/{msgVpnName}/replicatedTopics": { + "get": { + "description": "Get a list of Replicated Topic objects.\n\nTo indicate which messages should be replicated between the active and standby site, a Replicated Topic subscription must be configured on a Message VPN. If a published message matches both a replicated topic and an endpoint on the active site, then the message is replicated to the standby site.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreplicatedTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnReplicatedTopics", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Replicated Topic objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopicsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Replicated Topic objects.", + "tags": [ + "all", + "msgVpn", + "replicatedTopic" + ] + }, + "post": { + "description": "Create a Replicated Topic object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nTo indicate which messages should be replicated between the active and standby site, a Replicated Topic subscription must be configured on a Message VPN. If a published message matches both a replicated topic and an endpoint on the active site, then the message is replicated to the standby site.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nreplicatedTopic|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "createMsgVpnReplicatedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Replicated Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replicated Topic object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Replicated Topic object.", + "tags": [ + "all", + "msgVpn", + "replicatedTopic" + ] + } + }, + "/msgVpns/{msgVpnName}/replicatedTopics/{replicatedTopic}": { + "delete": { + "description": "Delete a Replicated Topic object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nTo indicate which messages should be replicated between the active and standby site, a Replicated Topic subscription must be configured on a Message VPN. If a published message matches both a replicated topic and an endpoint on the active site, then the message is replicated to the standby site.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "deleteMsgVpnReplicatedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The topic for applying replication. Published messages matching this topic will be replicated to the standby site.", + "in": "path", + "name": "replicatedTopic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Replicated Topic object.", + "tags": [ + "all", + "msgVpn", + "replicatedTopic" + ] + }, + "get": { + "description": "Get a Replicated Topic object.\n\nTo indicate which messages should be replicated between the active and standby site, a Replicated Topic subscription must be configured on a Message VPN. If a published message matches both a replicated topic and an endpoint on the active site, then the message is replicated to the standby site.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreplicatedTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnReplicatedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The topic for applying replication. Published messages matching this topic will be replicated to the standby site.", + "in": "path", + "name": "replicatedTopic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replicated Topic object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Replicated Topic object.", + "tags": [ + "all", + "msgVpn", + "replicatedTopic" + ] + }, + "patch": { + "description": "Update a Replicated Topic object. Any attribute missing from the request will be left unchanged.\n\nTo indicate which messages should be replicated between the active and standby site, a Replicated Topic subscription must be configured on a Message VPN. If a published message matches both a replicated topic and an endpoint on the active site, then the message is replicated to the standby site.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nreplicatedTopic|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "updateMsgVpnReplicatedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The topic for applying replication. Published messages matching this topic will be replicated to the standby site.", + "in": "path", + "name": "replicatedTopic", + "required": true, + "type": "string" + }, + { + "description": "The Replicated Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replicated Topic object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Replicated Topic object.", + "tags": [ + "all", + "msgVpn", + "replicatedTopic" + ] + }, + "put": { + "description": "Replace a Replicated Topic object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nTo indicate which messages should be replicated between the active and standby site, a Replicated Topic subscription must be configured on a Message VPN. If a published message matches both a replicated topic and an endpoint on the active site, then the message is replicated to the standby site.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nreplicatedTopic|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "replaceMsgVpnReplicatedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The topic for applying replication. Published messages matching this topic will be replicated to the standby site.", + "in": "path", + "name": "replicatedTopic", + "required": true, + "type": "string" + }, + { + "description": "The Replicated Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Replicated Topic object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnReplicatedTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Replicated Topic object.", + "tags": [ + "all", + "msgVpn", + "replicatedTopic" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints": { + "get": { + "description": "Get a list of REST Delivery Point objects.\n\nA REST Delivery Point manages delivery of messages from queues to a named list of REST Consumers.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnRestDeliveryPoints", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of REST Delivery Point objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of REST Delivery Point objects.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "post": { + "description": "Create a REST Delivery Point object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA REST Delivery Point manages delivery of messages from queues to a named list of REST Consumers.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nrestDeliveryPointName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnRestDeliveryPoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The REST Delivery Point object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPoint" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Delivery Point object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a REST Delivery Point object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}": { + "delete": { + "description": "Delete a REST Delivery Point object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA REST Delivery Point manages delivery of messages from queues to a named list of REST Consumers.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnRestDeliveryPoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a REST Delivery Point object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "get": { + "description": "Get a REST Delivery Point object.\n\nA REST Delivery Point manages delivery of messages from queues to a named list of REST Consumers.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnRestDeliveryPoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Delivery Point object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a REST Delivery Point object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "patch": { + "description": "Update a REST Delivery Point object. Any attribute missing from the request will be left unchanged.\n\nA REST Delivery Point manages delivery of messages from queues to a named list of REST Consumers.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nclientProfileName||||x\nmsgVpnName|x||x|\nrestDeliveryPointName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnRestDeliveryPoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The REST Delivery Point object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPoint" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Delivery Point object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a REST Delivery Point object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "put": { + "description": "Replace a REST Delivery Point object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA REST Delivery Point manages delivery of messages from queues to a named list of REST Consumers.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\nclientProfileName||||x\nmsgVpnName|x||x|\nrestDeliveryPointName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnRestDeliveryPoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The REST Delivery Point object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPoint" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Delivery Point object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a REST Delivery Point object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/queueBindings": { + "get": { + "description": "Get a list of Queue Binding objects.\n\nA Queue Binding for a REST Delivery Point attracts messages to be delivered to REST consumers. If the queue does not exist it can be created subsequently, and once the queue is operational the broker performs the queue binding. Removing the queue binding does not delete the queue itself. Similarly, removing the queue does not remove the queue binding, which fails until the queue is recreated or the queue binding is deleted.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueBindingName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnRestDeliveryPointQueueBindings", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Queue Binding objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Queue Binding objects.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "post": { + "description": "Create a Queue Binding object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue Binding for a REST Delivery Point attracts messages to be delivered to REST consumers. If the queue does not exist it can be created subsequently, and once the queue is operational the broker performs the queue binding. Removing the queue binding does not delete the queue itself. Similarly, removing the queue does not remove the queue binding, which fails until the queue is recreated or the queue binding is deleted.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nqueueBindingName|x|x|x|\nrestDeliveryPointName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnRestDeliveryPointQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/queueBindings/{queueBindingName}": { + "delete": { + "description": "Delete a Queue Binding object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Queue Binding for a REST Delivery Point attracts messages to be delivered to REST consumers. If the queue does not exist it can be created subsequently, and once the queue is operational the broker performs the queue binding. Removing the queue binding does not delete the queue itself. Similarly, removing the queue does not remove the queue binding, which fails until the queue is recreated or the queue binding is deleted.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnRestDeliveryPointQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "get": { + "description": "Get a Queue Binding object.\n\nA Queue Binding for a REST Delivery Point attracts messages to be delivered to REST consumers. If the queue does not exist it can be created subsequently, and once the queue is operational the broker performs the queue binding. Removing the queue binding does not delete the queue itself. Similarly, removing the queue does not remove the queue binding, which fails until the queue is recreated or the queue binding is deleted.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nqueueBindingName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnRestDeliveryPointQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "patch": { + "description": "Update a Queue Binding object. Any attribute missing from the request will be left unchanged.\n\nA Queue Binding for a REST Delivery Point attracts messages to be delivered to REST consumers. If the queue does not exist it can be created subsequently, and once the queue is operational the broker performs the queue binding. Removing the queue binding does not delete the queue itself. Similarly, removing the queue does not remove the queue binding, which fails until the queue is recreated or the queue binding is deleted.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nqueueBindingName|x|x|\nrestDeliveryPointName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnRestDeliveryPointQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "put": { + "description": "Replace a Queue Binding object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Queue Binding for a REST Delivery Point attracts messages to be delivered to REST consumers. If the queue does not exist it can be created subsequently, and once the queue is operational the broker performs the queue binding. Removing the queue binding does not delete the queue itself. Similarly, removing the queue does not remove the queue binding, which fails until the queue is recreated or the queue binding is deleted.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\nqueueBindingName|x|x|\nrestDeliveryPointName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnRestDeliveryPointQueueBinding", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The Queue Binding object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBinding" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Queue Binding object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Queue Binding object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/queueBindings/{queueBindingName}/protectedRequestHeaders": { + "get": { + "description": "Get a list of Protected Request Header objects.\n\nA protected request header to be added to the HTTP request. Unlike a non-protected request header, the header value cannot be displayed after it is set.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nheaderName|x||\nheaderValue||x|x\nmsgVpnName|x||\nqueueBindingName|x||\nrestDeliveryPointName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.30.", + "operationId": "getMsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaders", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Protected Request Header objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeadersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Protected Request Header objects.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "post": { + "description": "Create a Protected Request Header object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA protected request header to be added to the HTTP request. Unlike a non-protected request header, the header value cannot be displayed after it is set.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nheaderName|x|x|x|||\nheaderValue|||||x|x\nmsgVpnName|x|||x||\nqueueBindingName|x|||x||\nrestDeliveryPointName|x|||x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.30.", + "operationId": "createMsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The Protected Request Header object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Protected Request Header object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Protected Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/queueBindings/{queueBindingName}/protectedRequestHeaders/{headerName}": { + "delete": { + "description": "Delete a Protected Request Header object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA protected request header to be added to the HTTP request. Unlike a non-protected request header, the header value cannot be displayed after it is set.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.30.", + "operationId": "deleteMsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the protected HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Protected Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "get": { + "description": "Get a Protected Request Header object.\n\nA protected request header to be added to the HTTP request. Unlike a non-protected request header, the header value cannot be displayed after it is set.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nheaderName|x||\nheaderValue||x|x\nmsgVpnName|x||\nqueueBindingName|x||\nrestDeliveryPointName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.30.", + "operationId": "getMsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the protected HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Protected Request Header object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Protected Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "patch": { + "description": "Update a Protected Request Header object. Any attribute missing from the request will be left unchanged.\n\nA protected request header to be added to the HTTP request. Unlike a non-protected request header, the header value cannot be displayed after it is set.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nheaderName|x|x|||\nheaderValue||||x|x\nmsgVpnName|x||x||\nqueueBindingName|x||x||\nrestDeliveryPointName|x||x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.30.", + "operationId": "updateMsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the protected HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + }, + { + "description": "The Protected Request Header object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Protected Request Header object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Protected Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "put": { + "description": "Replace a Protected Request Header object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA protected request header to be added to the HTTP request. Unlike a non-protected request header, the header value cannot be displayed after it is set.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nheaderName|x|x|||\nheaderValue||||x|x\nmsgVpnName|x||x||\nqueueBindingName|x||x||\nrestDeliveryPointName|x||x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.30.", + "operationId": "replaceMsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the protected HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + }, + { + "description": "The Protected Request Header object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeader" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Protected Request Header object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingProtectedRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Protected Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/queueBindings/{queueBindingName}/requestHeaders": { + "get": { + "description": "Get a list of Request Header objects.\n\nA request header to be added to the HTTP request.\n\n\nAttribute|Identifying\n:---|:---:\nheaderName|x\nmsgVpnName|x\nqueueBindingName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.23.", + "operationId": "getMsgVpnRestDeliveryPointQueueBindingRequestHeaders", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Request Header objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeadersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Request Header objects.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "post": { + "description": "Create a Request Header object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA request header to be added to the HTTP request.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nheaderName|x|x|x|\nmsgVpnName|x|||x\nqueueBindingName|x|||x\nrestDeliveryPointName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.23.", + "operationId": "createMsgVpnRestDeliveryPointQueueBindingRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The Request Header object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeader" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Request Header object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/queueBindings/{queueBindingName}/requestHeaders/{headerName}": { + "delete": { + "description": "Delete a Request Header object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA request header to be added to the HTTP request.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.23.", + "operationId": "deleteMsgVpnRestDeliveryPointQueueBindingRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "get": { + "description": "Get a Request Header object.\n\nA request header to be added to the HTTP request.\n\n\nAttribute|Identifying\n:---|:---:\nheaderName|x\nmsgVpnName|x\nqueueBindingName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.23.", + "operationId": "getMsgVpnRestDeliveryPointQueueBindingRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Request Header object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "patch": { + "description": "Update a Request Header object. Any attribute missing from the request will be left unchanged.\n\nA request header to be added to the HTTP request.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nheaderName|x|x|\nmsgVpnName|x||x\nqueueBindingName|x||x\nrestDeliveryPointName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.23.", + "operationId": "updateMsgVpnRestDeliveryPointQueueBindingRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + }, + { + "description": "The Request Header object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeader" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Request Header object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "put": { + "description": "Replace a Request Header object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA request header to be added to the HTTP request.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nheaderName|x|x|\nmsgVpnName|x||x\nqueueBindingName|x||x\nrestDeliveryPointName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.23.", + "operationId": "replaceMsgVpnRestDeliveryPointQueueBindingRequestHeader", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of a queue in the Message VPN.", + "in": "path", + "name": "queueBindingName", + "required": true, + "type": "string" + }, + { + "description": "The name of the HTTP request header.", + "in": "path", + "name": "headerName", + "required": true, + "type": "string" + }, + { + "description": "The Request Header object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeader" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Request Header object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointQueueBindingRequestHeaderResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Request Header object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/restConsumers": { + "get": { + "description": "Get a list of REST Consumer objects.\n\nREST Consumer objects establish HTTP connectivity to REST consumer applications who wish to receive messages from a broker.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationAwsSecretAccessKey||x|x\nauthenticationClientCertContent||x|x\nauthenticationClientCertPassword||x|\nauthenticationHttpBasicPassword||x|x\nauthenticationHttpHeaderValue||x|x\nauthenticationOauthClientSecret||x|x\nauthenticationOauthJwtSecretKey||x|x\nmsgVpnName|x||\nrestConsumerName|x||\nrestDeliveryPointName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnRestDeliveryPointRestConsumers", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of REST Consumer objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of REST Consumer objects.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "post": { + "description": "Create a REST Consumer object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nREST Consumer objects establish HTTP connectivity to REST consumer applications who wish to receive messages from a broker.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationAwsSecretAccessKey|||||x|x\nauthenticationClientCertContent|||||x|x\nauthenticationClientCertPassword|||||x|\nauthenticationHttpBasicPassword|||||x|x\nauthenticationHttpHeaderValue|||||x|x\nauthenticationOauthClientSecret|||||x|x\nauthenticationOauthJwtSecretKey|||||x|x\nmsgVpnName|x|||x||\nrestConsumerName|x|x|x|||\nrestDeliveryPointName|x|||x||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnRestDeliveryPointRestConsumer|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnRestDeliveryPointRestConsumer|authenticationHttpBasicPassword|authenticationHttpBasicUsername\nMsgVpnRestDeliveryPointRestConsumer|authenticationHttpBasicUsername|authenticationHttpBasicPassword\nMsgVpnRestDeliveryPointRestConsumer|remotePort|tlsEnabled\nMsgVpnRestDeliveryPointRestConsumer|tlsEnabled|remotePort\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnRestDeliveryPointRestConsumer", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The REST Consumer object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumer" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Consumer object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a REST Consumer object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/restConsumers/{restConsumerName}": { + "delete": { + "description": "Delete a REST Consumer object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nREST Consumer objects establish HTTP connectivity to REST consumer applications who wish to receive messages from a broker.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnRestDeliveryPointRestConsumer", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a REST Consumer object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "get": { + "description": "Get a REST Consumer object.\n\nREST Consumer objects establish HTTP connectivity to REST consumer applications who wish to receive messages from a broker.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationAwsSecretAccessKey||x|x\nauthenticationClientCertContent||x|x\nauthenticationClientCertPassword||x|\nauthenticationHttpBasicPassword||x|x\nauthenticationHttpHeaderValue||x|x\nauthenticationOauthClientSecret||x|x\nauthenticationOauthJwtSecretKey||x|x\nmsgVpnName|x||\nrestConsumerName|x||\nrestDeliveryPointName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnRestDeliveryPointRestConsumer", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Consumer object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a REST Consumer object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "patch": { + "description": "Update a REST Consumer object. Any attribute missing from the request will be left unchanged.\n\nREST Consumer objects establish HTTP connectivity to REST consumer applications who wish to receive messages from a broker.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationAwsSecretAccessKey||||x||x\nauthenticationClientCertContent||||x|x|x\nauthenticationClientCertPassword||||x|x|\nauthenticationHttpBasicPassword||||x|x|x\nauthenticationHttpBasicUsername|||||x|\nauthenticationHttpHeaderValue||||x||x\nauthenticationOauthClientId|||||x|\nauthenticationOauthClientScope|||||x|\nauthenticationOauthClientSecret||||x|x|x\nauthenticationOauthClientTokenEndpoint|||||x|\nauthenticationOauthClientTokenExpiryDefault|||||x|\nauthenticationOauthJwtSecretKey||||x|x|x\nauthenticationOauthJwtTokenEndpoint|||||x|\nauthenticationOauthJwtTokenExpiryDefault|||||x|\nauthenticationScheme|||||x|\nmsgVpnName|x||x|||\noutgoingConnectionCount|||||x|\nremoteHost|||||x|\nremotePort|||||x|\nrestConsumerName|x|x||||\nrestDeliveryPointName|x||x|||\ntlsCipherSuiteList|||||x|\ntlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnRestDeliveryPointRestConsumer|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnRestDeliveryPointRestConsumer|authenticationHttpBasicPassword|authenticationHttpBasicUsername\nMsgVpnRestDeliveryPointRestConsumer|authenticationHttpBasicUsername|authenticationHttpBasicPassword\nMsgVpnRestDeliveryPointRestConsumer|remotePort|tlsEnabled\nMsgVpnRestDeliveryPointRestConsumer|tlsEnabled|remotePort\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "updateMsgVpnRestDeliveryPointRestConsumer", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The REST Consumer object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumer" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Consumer object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a REST Consumer object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "put": { + "description": "Replace a REST Consumer object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nREST Consumer objects establish HTTP connectivity to REST consumer applications who wish to receive messages from a broker.\n\n\nAttribute|Identifying|Const|Read-Only|Write-Only|Auto-Disable|Opaque\n:---|:---:|:---:|:---:|:---:|:---:|:---:\nauthenticationAwsSecretAccessKey||||x||x\nauthenticationClientCertContent||||x|x|x\nauthenticationClientCertPassword||||x|x|\nauthenticationHttpBasicPassword||||x|x|x\nauthenticationHttpBasicUsername|||||x|\nauthenticationHttpHeaderValue||||x||x\nauthenticationOauthClientId|||||x|\nauthenticationOauthClientScope|||||x|\nauthenticationOauthClientSecret||||x|x|x\nauthenticationOauthClientTokenEndpoint|||||x|\nauthenticationOauthClientTokenExpiryDefault|||||x|\nauthenticationOauthJwtSecretKey||||x|x|x\nauthenticationOauthJwtTokenEndpoint|||||x|\nauthenticationOauthJwtTokenExpiryDefault|||||x|\nauthenticationScheme|||||x|\nmsgVpnName|x||x|||\noutgoingConnectionCount|||||x|\nremoteHost|||||x|\nremotePort|||||x|\nrestConsumerName|x|x||||\nrestDeliveryPointName|x||x|||\ntlsCipherSuiteList|||||x|\ntlsEnabled|||||x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires\n:---|:---|:---\nMsgVpnRestDeliveryPointRestConsumer|authenticationClientCertPassword|authenticationClientCertContent\nMsgVpnRestDeliveryPointRestConsumer|authenticationHttpBasicPassword|authenticationHttpBasicUsername\nMsgVpnRestDeliveryPointRestConsumer|authenticationHttpBasicUsername|authenticationHttpBasicPassword\nMsgVpnRestDeliveryPointRestConsumer|remotePort|tlsEnabled\nMsgVpnRestDeliveryPointRestConsumer|tlsEnabled|remotePort\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "replaceMsgVpnRestDeliveryPointRestConsumer", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The REST Consumer object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumer" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The REST Consumer object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a REST Consumer object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/restConsumers/{restConsumerName}/oauthJwtClaims": { + "get": { + "description": "Get a list of Claim objects.\n\nA Claim is added to the JWT sent to the OAuth token request endpoint.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\noauthJwtClaimName|x\nrestConsumerName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.21.", + "operationId": "getMsgVpnRestDeliveryPointRestConsumerOauthJwtClaims", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Claim objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Claim objects.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "post": { + "description": "Create a Claim object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Claim is added to the JWT sent to the OAuth token request endpoint.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\noauthJwtClaimName|x|x|x|\noauthJwtClaimValue||x|x|\nrestConsumerName|x|||x\nrestDeliveryPointName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.21.", + "operationId": "createMsgVpnRestDeliveryPointRestConsumerOauthJwtClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The Claim object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaim" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Claim object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Claim object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/restConsumers/{restConsumerName}/oauthJwtClaims/{oauthJwtClaimName}": { + "delete": { + "description": "Delete a Claim object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Claim is added to the JWT sent to the OAuth token request endpoint.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.21.", + "operationId": "deleteMsgVpnRestDeliveryPointRestConsumerOauthJwtClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The name of the additional claim. Cannot be \"exp\", \"iat\", or \"jti\".", + "in": "path", + "name": "oauthJwtClaimName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Claim object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "get": { + "description": "Get a Claim object.\n\nA Claim is added to the JWT sent to the OAuth token request endpoint.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\noauthJwtClaimName|x\nrestConsumerName|x\nrestDeliveryPointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.21.", + "operationId": "getMsgVpnRestDeliveryPointRestConsumerOauthJwtClaim", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The name of the additional claim. Cannot be \"exp\", \"iat\", or \"jti\".", + "in": "path", + "name": "oauthJwtClaimName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Claim object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerOauthJwtClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Claim object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/restConsumers/{restConsumerName}/tlsTrustedCommonNames": { + "get": { + "deprecated": true, + "description": "Get a list of Trusted Common Name objects.\n\nThe Trusted Common Names for the REST Consumer are used by encrypted transports to verify the name in the certificate presented by the remote REST consumer. They must include the common name of the remote REST consumer's server certificate.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\nmsgVpnName|x|x\nrestConsumerName|x|x\nrestDeliveryPointName|x|x\ntlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "getMsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNames", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Trusted Common Name objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNamesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Trusted Common Name objects.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "post": { + "deprecated": true, + "description": "Create a Trusted Common Name object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Trusted Common Names for the REST Consumer are used by encrypted transports to verify the name in the certificate presented by the remote REST consumer. They must include the common name of the remote REST consumer's server certificate.\n\n\nAttribute|Identifying|Const|Required|Read-Only|Deprecated\n:---|:---:|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x|x\nrestConsumerName|x|||x|x\nrestDeliveryPointName|x|||x|x\ntlsTrustedCommonName|x|x|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "createMsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The Trusted Common Name object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonName" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trusted Common Name object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Trusted Common Name object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/restDeliveryPoints/{restDeliveryPointName}/restConsumers/{restConsumerName}/tlsTrustedCommonNames/{tlsTrustedCommonName}": { + "delete": { + "deprecated": true, + "description": "Delete a Trusted Common Name object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nThe Trusted Common Names for the REST Consumer are used by encrypted transports to verify the name in the certificate presented by the remote REST consumer. They must include the common name of the remote REST consumer's server certificate.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "deleteMsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The expected trusted common name of the remote certificate.", + "in": "path", + "name": "tlsTrustedCommonName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Trusted Common Name object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + }, + "get": { + "deprecated": true, + "description": "Get a Trusted Common Name object.\n\nThe Trusted Common Names for the REST Consumer are used by encrypted transports to verify the name in the certificate presented by the remote REST consumer. They must include the common name of the remote REST consumer's server certificate.\n\n\nAttribute|Identifying|Deprecated\n:---|:---:|:---:\nmsgVpnName|x|x\nrestConsumerName|x|x\nrestDeliveryPointName|x|x\ntlsTrustedCommonName|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been deprecated since 2.17. Common Name validation has been replaced by Server Certificate Name validation.", + "operationId": "getMsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonName", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Delivery Point.", + "in": "path", + "name": "restDeliveryPointName", + "required": true, + "type": "string" + }, + { + "description": "The name of the REST Consumer.", + "in": "path", + "name": "restConsumerName", + "required": true, + "type": "string" + }, + { + "description": "The expected trusted common name of the remote certificate.", + "in": "path", + "name": "tlsTrustedCommonName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trusted Common Name object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnRestDeliveryPointRestConsumerTlsTrustedCommonNameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Trusted Common Name object.", + "tags": [ + "all", + "msgVpn", + "restDeliveryPoint" + ] + } + }, + "/msgVpns/{msgVpnName}/sequencedTopics": { + "get": { + "description": "Get a list of Sequenced Topic objects.\n\nA Sequenced Topic is a topic subscription for which any matching messages received on the Message VPN are assigned a sequence number that is monotonically increased by a value of one per message.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nsequencedTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnSequencedTopics", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Sequenced Topic objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnSequencedTopicsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Sequenced Topic objects.", + "tags": [ + "all", + "msgVpn" + ] + }, + "post": { + "description": "Create a Sequenced Topic object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Sequenced Topic is a topic subscription for which any matching messages received on the Message VPN are assigned a sequence number that is monotonically increased by a value of one per message.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nsequencedTopic|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "createMsgVpnSequencedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Sequenced Topic object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnSequencedTopic" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Sequenced Topic object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnSequencedTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Sequenced Topic object.", + "tags": [ + "all", + "msgVpn" + ] + } + }, + "/msgVpns/{msgVpnName}/sequencedTopics/{sequencedTopic}": { + "delete": { + "description": "Delete a Sequenced Topic object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Sequenced Topic is a topic subscription for which any matching messages received on the Message VPN are assigned a sequence number that is monotonically increased by a value of one per message.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "deleteMsgVpnSequencedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "Topic for applying sequence numbers.", + "in": "path", + "name": "sequencedTopic", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Sequenced Topic object.", + "tags": [ + "all", + "msgVpn" + ] + }, + "get": { + "description": "Get a Sequenced Topic object.\n\nA Sequenced Topic is a topic subscription for which any matching messages received on the Message VPN are assigned a sequence number that is monotonically increased by a value of one per message.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nsequencedTopic|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.0.", + "operationId": "getMsgVpnSequencedTopic", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "Topic for applying sequence numbers.", + "in": "path", + "name": "sequencedTopic", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Sequenced Topic object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnSequencedTopicResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Sequenced Topic object.", + "tags": [ + "all", + "msgVpn" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles": { + "get": { + "description": "Get a list of Telemetry Profile objects.\n\nUsing the Telemetry Profile allows trace spans to be generated as messages are processed by the broker. The generated spans are stored persistently on the broker and may be consumed by the Solace receiver component of an OpenTelemetry Collector.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntelemetryProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfiles", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Telemetry Profile objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfilesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Telemetry Profile objects.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "post": { + "description": "Create a Telemetry Profile object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nUsing the Telemetry Profile allows trace spans to be generated as messages are processed by the broker. The generated spans are stored persistently on the broker and may be consumed by the Solace receiver component of an OpenTelemetry Collector.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\ntelemetryProfileName|x|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "createMsgVpnTelemetryProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Telemetry Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Telemetry Profile object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Telemetry Profile object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles/{telemetryProfileName}": { + "delete": { + "description": "Delete a Telemetry Profile object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nUsing the Telemetry Profile allows trace spans to be generated as messages are processed by the broker. The generated spans are stored persistently on the broker and may be consumed by the Solace receiver component of an OpenTelemetry Collector.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "deleteMsgVpnTelemetryProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Telemetry Profile object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "get": { + "description": "Get a Telemetry Profile object.\n\nUsing the Telemetry Profile allows trace spans to be generated as messages are processed by the broker. The generated spans are stored persistently on the broker and may be consumed by the Solace receiver component of an OpenTelemetry Collector.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntelemetryProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Telemetry Profile object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Telemetry Profile object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "patch": { + "description": "Update a Telemetry Profile object. Any attribute missing from the request will be left unchanged.\n\nUsing the Telemetry Profile allows trace spans to be generated as messages are processed by the broker. The generated spans are stored persistently on the broker and may be consumed by the Solace receiver component of an OpenTelemetry Collector.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntelemetryProfileName|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "updateMsgVpnTelemetryProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Telemetry Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Telemetry Profile object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Telemetry Profile object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "put": { + "description": "Replace a Telemetry Profile object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nUsing the Telemetry Profile allows trace spans to be generated as messages are processed by the broker. The generated spans are stored persistently on the broker and may be consumed by the Solace receiver component of an OpenTelemetry Collector.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntelemetryProfileName|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "replaceMsgVpnTelemetryProfile", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Telemetry Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Telemetry Profile object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Telemetry Profile object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles/{telemetryProfileName}/receiverAclConnectExceptions": { + "get": { + "description": "Get a list of Receiver ACL Connect Exception objects.\n\nA Receiver ACL Connect Exception is an exception to the default action to take when a receiver connects to the broker. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreceiverAclConnectExceptionAddress|x\ntelemetryProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfileReceiverAclConnectExceptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Receiver ACL Connect Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Receiver ACL Connect Exception objects.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "post": { + "description": "Create a Receiver ACL Connect Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Receiver ACL Connect Exception is an exception to the default action to take when a receiver connects to the broker. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nreceiverAclConnectExceptionAddress|x|x|x|\ntelemetryProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "createMsgVpnTelemetryProfileReceiverAclConnectException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Receiver ACL Connect Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Receiver ACL Connect Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Receiver ACL Connect Exception object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles/{telemetryProfileName}/receiverAclConnectExceptions/{receiverAclConnectExceptionAddress}": { + "delete": { + "description": "Delete a Receiver ACL Connect Exception object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Receiver ACL Connect Exception is an exception to the default action to take when a receiver connects to the broker. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "deleteMsgVpnTelemetryProfileReceiverAclConnectException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "The IP address/netmask of the receiver connect exception in CIDR form.", + "in": "path", + "name": "receiverAclConnectExceptionAddress", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Receiver ACL Connect Exception object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "get": { + "description": "Get a Receiver ACL Connect Exception object.\n\nA Receiver ACL Connect Exception is an exception to the default action to take when a receiver connects to the broker. Exceptions must be expressed as an IP address/netmask in CIDR form.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nreceiverAclConnectExceptionAddress|x\ntelemetryProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfileReceiverAclConnectException", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "The IP address/netmask of the receiver connect exception in CIDR form.", + "in": "path", + "name": "receiverAclConnectExceptionAddress", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Receiver ACL Connect Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileReceiverAclConnectExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Receiver ACL Connect Exception object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles/{telemetryProfileName}/traceFilters": { + "get": { + "description": "Get a list of Trace Filter objects.\n\nA Trace Filter controls which messages received by the broker will be traced. If an incoming message matches an enabled tracing filter's subscription, the message will be traced as it passes through the broker.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntelemetryProfileName|x\ntraceFilterName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfileTraceFilters", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Trace Filter objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFiltersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Trace Filter objects.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "post": { + "description": "Create a Trace Filter object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Trace Filter controls which messages received by the broker will be traced. If an incoming message matches an enabled tracing filter's subscription, the message will be traced as it passes through the broker.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\ntelemetryProfileName|x|||x\ntraceFilterName|x|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "createMsgVpnTelemetryProfileTraceFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Trace Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trace Filter object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Trace Filter object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles/{telemetryProfileName}/traceFilters/{traceFilterName}": { + "delete": { + "description": "Delete a Trace Filter object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Trace Filter controls which messages received by the broker will be traced. If an incoming message matches an enabled tracing filter's subscription, the message will be traced as it passes through the broker.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "deleteMsgVpnTelemetryProfileTraceFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Trace Filter object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "get": { + "description": "Get a Trace Filter object.\n\nA Trace Filter controls which messages received by the broker will be traced. If an incoming message matches an enabled tracing filter's subscription, the message will be traced as it passes through the broker.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntelemetryProfileName|x\ntraceFilterName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfileTraceFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trace Filter object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Trace Filter object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "patch": { + "description": "Update a Trace Filter object. Any attribute missing from the request will be left unchanged.\n\nA Trace Filter controls which messages received by the broker will be traced. If an incoming message matches an enabled tracing filter's subscription, the message will be traced as it passes through the broker.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntelemetryProfileName|x||x\ntraceFilterName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "updateMsgVpnTelemetryProfileTraceFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + }, + { + "description": "The Trace Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trace Filter object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Trace Filter object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "put": { + "description": "Replace a Trace Filter object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Trace Filter controls which messages received by the broker will be traced. If an incoming message matches an enabled tracing filter's subscription, the message will be traced as it passes through the broker.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntelemetryProfileName|x||x\ntraceFilterName|x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "replaceMsgVpnTelemetryProfileTraceFilter", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + }, + { + "description": "The Trace Filter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Trace Filter object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Trace Filter object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles/{telemetryProfileName}/traceFilters/{traceFilterName}/subscriptions": { + "get": { + "description": "Get a list of Telemetry Trace Filter Subscription objects.\n\nTrace filter subscriptions control which messages will be attracted by the tracing filter.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nsubscription|x\nsubscriptionSyntax|x\ntelemetryProfileName|x\ntraceFilterName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfileTraceFilterSubscriptions", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Telemetry Trace Filter Subscription objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscriptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Telemetry Trace Filter Subscription objects.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "post": { + "description": "Create a Telemetry Trace Filter Subscription object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nTrace filter subscriptions control which messages will be attracted by the tracing filter.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\nsubscription|x|x|x|\nsubscriptionSyntax|x|x|x|\ntelemetryProfileName|x|||x\ntraceFilterName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "createMsgVpnTelemetryProfileTraceFilterSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + }, + { + "description": "The Telemetry Trace Filter Subscription object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscription" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Telemetry Trace Filter Subscription object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Telemetry Trace Filter Subscription object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/telemetryProfiles/{telemetryProfileName}/traceFilters/{traceFilterName}/subscriptions/{subscription},{subscriptionSyntax}": { + "delete": { + "description": "Delete a Telemetry Trace Filter Subscription object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nTrace filter subscriptions control which messages will be attracted by the tracing filter.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "deleteMsgVpnTelemetryProfileTraceFilterSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + }, + { + "description": "Messages matching this subscription will follow this filter's configuration.", + "in": "path", + "name": "subscription", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the trace filter subscription.", + "in": "path", + "name": "subscriptionSyntax", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Telemetry Trace Filter Subscription object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + }, + "get": { + "description": "Get a Telemetry Trace Filter Subscription object.\n\nTrace filter subscriptions control which messages will be attracted by the tracing filter.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\nsubscription|x\nsubscriptionSyntax|x\ntelemetryProfileName|x\ntraceFilterName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.31.", + "operationId": "getMsgVpnTelemetryProfileTraceFilterSubscription", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Telemetry Profile.", + "in": "path", + "name": "telemetryProfileName", + "required": true, + "type": "string" + }, + { + "description": "A name used to identify the trace filter. Consider a name that describes the subscriptions contained within the filter, such as the name of the application and/or the scenario in which the trace filter might be enabled, such as \"appNameDebug\".", + "in": "path", + "name": "traceFilterName", + "required": true, + "type": "string" + }, + { + "description": "Messages matching this subscription will follow this filter's configuration.", + "in": "path", + "name": "subscription", + "required": true, + "type": "string" + }, + { + "description": "The syntax of the trace filter subscription.", + "in": "path", + "name": "subscriptionSyntax", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Telemetry Trace Filter Subscription object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTelemetryProfileTraceFilterSubscriptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Telemetry Trace Filter Subscription object.", + "tags": [ + "all", + "msgVpn", + "telemetryProfile" + ] + } + }, + "/msgVpns/{msgVpnName}/topicEndpointTemplates": { + "get": { + "description": "Get a list of Topic Endpoint Template objects.\n\nA Topic Endpoint Template provides a mechanism for specifying the initial state for client created topic endpoints.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntopicEndpointTemplateName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnTopicEndpointTemplates", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Topic Endpoint Template objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplatesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Topic Endpoint Template objects.", + "tags": [ + "all", + "msgVpn", + "topicEndpointTemplate" + ] + }, + "post": { + "description": "Create a Topic Endpoint Template object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Endpoint Template provides a mechanism for specifying the initial state for client created topic endpoints.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\ntopicEndpointTemplateName|x|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "createMsgVpnTopicEndpointTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Endpoint Template object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplate" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint Template object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Topic Endpoint Template object.", + "tags": [ + "all", + "msgVpn", + "topicEndpointTemplate" + ] + } + }, + "/msgVpns/{msgVpnName}/topicEndpointTemplates/{topicEndpointTemplateName}": { + "delete": { + "description": "Delete a Topic Endpoint Template object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Endpoint Template provides a mechanism for specifying the initial state for client created topic endpoints.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "deleteMsgVpnTopicEndpointTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint Template.", + "in": "path", + "name": "topicEndpointTemplateName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Topic Endpoint Template object.", + "tags": [ + "all", + "msgVpn", + "topicEndpointTemplate" + ] + }, + "get": { + "description": "Get a Topic Endpoint Template object.\n\nA Topic Endpoint Template provides a mechanism for specifying the initial state for client created topic endpoints.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntopicEndpointTemplateName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "getMsgVpnTopicEndpointTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint Template.", + "in": "path", + "name": "topicEndpointTemplateName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint Template object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Topic Endpoint Template object.", + "tags": [ + "all", + "msgVpn", + "topicEndpointTemplate" + ] + }, + "patch": { + "description": "Update a Topic Endpoint Template object. Any attribute missing from the request will be left unchanged.\n\nA Topic Endpoint Template provides a mechanism for specifying the initial state for client created topic endpoints.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntopicEndpointTemplateName|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "updateMsgVpnTopicEndpointTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint Template.", + "in": "path", + "name": "topicEndpointTemplateName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Endpoint Template object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplate" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint Template object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Topic Endpoint Template object.", + "tags": [ + "all", + "msgVpn", + "topicEndpointTemplate" + ] + }, + "put": { + "description": "Replace a Topic Endpoint Template object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Topic Endpoint Template provides a mechanism for specifying the initial state for client created topic endpoints.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x||x\ntopicEndpointTemplateName|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.14.", + "operationId": "replaceMsgVpnTopicEndpointTemplate", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint Template.", + "in": "path", + "name": "topicEndpointTemplateName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Endpoint Template object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplate" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint Template object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointTemplateResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Topic Endpoint Template object.", + "tags": [ + "all", + "msgVpn", + "topicEndpointTemplate" + ] + } + }, + "/msgVpns/{msgVpnName}/topicEndpoints": { + "get": { + "description": "Get a list of Topic Endpoint objects.\n\nA Topic Endpoint attracts messages published to a topic for which the Topic Endpoint has a matching topic subscription. The topic subscription for the Topic Endpoint is specified in the client request to bind a Flow to that Topic Endpoint. Queues are significantly more flexible than Topic Endpoints and are the recommended approach for most applications. The use of Topic Endpoints should be restricted to JMS applications.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntopicEndpointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnTopicEndpoints", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Topic Endpoint objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Topic Endpoint objects.", + "tags": [ + "all", + "msgVpn", + "topicEndpoint" + ] + }, + "post": { + "description": "Create a Topic Endpoint object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Endpoint attracts messages published to a topic for which the Topic Endpoint has a matching topic subscription. The topic subscription for the Topic Endpoint is specified in the client request to bind a Flow to that Topic Endpoint. Queues are significantly more flexible than Topic Endpoints and are the recommended approach for most applications. The use of Topic Endpoints should be restricted to JMS applications.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|||x\ntopicEndpointName|x|x|x|\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "createMsgVpnTopicEndpoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Endpoint object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpoint" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Topic Endpoint object.", + "tags": [ + "all", + "msgVpn", + "topicEndpoint" + ] + } + }, + "/msgVpns/{msgVpnName}/topicEndpoints/{topicEndpointName}": { + "delete": { + "description": "Delete a Topic Endpoint object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.\n\nA Topic Endpoint attracts messages published to a topic for which the Topic Endpoint has a matching topic subscription. The topic subscription for the Topic Endpoint is specified in the client request to bind a Flow to that Topic Endpoint. Queues are significantly more flexible than Topic Endpoints and are the recommended approach for most applications. The use of Topic Endpoints should be restricted to JMS applications.\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "deleteMsgVpnTopicEndpoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint.", + "in": "path", + "name": "topicEndpointName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Topic Endpoint object.", + "tags": [ + "all", + "msgVpn", + "topicEndpoint" + ] + }, + "get": { + "description": "Get a Topic Endpoint object.\n\nA Topic Endpoint attracts messages published to a topic for which the Topic Endpoint has a matching topic subscription. The topic subscription for the Topic Endpoint is specified in the client request to bind a Flow to that Topic Endpoint. Queues are significantly more flexible than Topic Endpoints and are the recommended approach for most applications. The use of Topic Endpoints should be restricted to JMS applications.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\ntopicEndpointName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-only\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "getMsgVpnTopicEndpoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint.", + "in": "path", + "name": "topicEndpointName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Topic Endpoint object.", + "tags": [ + "all", + "msgVpn", + "topicEndpoint" + ] + }, + "patch": { + "description": "Update a Topic Endpoint object. Any attribute missing from the request will be left unchanged.\n\nA Topic Endpoint attracts messages published to a topic for which the Topic Endpoint has a matching topic subscription. The topic subscription for the Topic Endpoint is specified in the client request to bind a Flow to that Topic Endpoint. Queues are significantly more flexible than Topic Endpoints and are the recommended approach for most applications. The use of Topic Endpoints should be restricted to JMS applications.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\naccessType||||x\nmsgVpnName|x||x|\nowner||||x\npermission||||x\nredeliveryDelayEnabled||||x\nredeliveryDelayInitialInterval||||x\nredeliveryDelayMaxInterval||||x\nredeliveryDelayMultiplier||||x\nrejectMsgToSenderOnDiscardBehavior||||x\nrespectMsgPriorityEnabled||||x\ntopicEndpointName|x|x||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "updateMsgVpnTopicEndpoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint.", + "in": "path", + "name": "topicEndpointName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Endpoint object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpoint" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Topic Endpoint object.", + "tags": [ + "all", + "msgVpn", + "topicEndpoint" + ] + }, + "put": { + "description": "Replace a Topic Endpoint object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Topic Endpoint attracts messages published to a topic for which the Topic Endpoint has a matching topic subscription. The topic subscription for the Topic Endpoint is specified in the client request to bind a Flow to that Topic Endpoint. Queues are significantly more flexible than Topic Endpoints and are the recommended approach for most applications. The use of Topic Endpoints should be restricted to JMS applications.\n\n\nAttribute|Identifying|Const|Read-Only|Auto-Disable\n:---|:---:|:---:|:---:|:---:\naccessType||||x\nmsgVpnName|x||x|\nowner||||x\npermission||||x\nredeliveryDelayEnabled||||x\nredeliveryDelayInitialInterval||||x\nredeliveryDelayMaxInterval||||x\nredeliveryDelayMultiplier||||x\nrejectMsgToSenderOnDiscardBehavior||||x\nrespectMsgPriorityEnabled||||x\ntopicEndpointName|x|x||\n\n\n\nThe following attributes in the request may only be provided in certain combinations with other attributes:\n\n\nClass|Attribute|Requires|Conflicts\n:---|:---|:---|:---\nEventThreshold|clearPercent|setPercent|clearValue, setValue\nEventThreshold|clearValue|setValue|clearPercent, setPercent\nEventThreshold|setPercent|clearPercent|clearValue, setValue\nEventThreshold|setValue|clearValue|clearPercent, setPercent\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"vpn/read-write\" is required to perform this operation.\n\nThis has been available since 2.1.", + "operationId": "replaceMsgVpnTopicEndpoint", + "parameters": [ + { + "description": "The name of the Message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The name of the Topic Endpoint.", + "in": "path", + "name": "topicEndpointName", + "required": true, + "type": "string" + }, + { + "description": "The Topic Endpoint object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpoint" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Topic Endpoint object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/MsgVpnTopicEndpointResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Topic Endpoint object.", + "tags": [ + "all", + "msgVpn", + "topicEndpoint" + ] + } + }, + "/oauthProfiles": { + "get": { + "description": "Get a list of OAuth Profile objects.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nclientSecret||x|x\noauthProfileName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfiles", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of OAuth Profile objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfilesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of OAuth Profile objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create an OAuth Profile object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Const|Required|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nclientSecret||||x|x\noauthProfileName|x|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "createOauthProfile", + "parameters": [ + { + "description": "The OAuth Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an OAuth Profile object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}": { + "delete": { + "description": "Delete an OAuth Profile object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfile", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an OAuth Profile object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get an OAuth Profile object.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nclientSecret||x|x\noauthProfileName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfile", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an OAuth Profile object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "patch": { + "description": "Update an OAuth Profile object. Any attribute missing from the request will be left unchanged.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Const|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:\nclientSecret|||x|x\noauthProfileName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"global/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\naccessLevelGroupsClaimName|global/admin\naccessLevelGroupsClaimStringFormat|global/admin\nclientId|global/admin\nclientRedirectUri|global/admin\nclientRequiredType|global/admin\nclientScope|global/admin\nclientSecret|global/admin\nclientValidateTypeEnabled|global/admin\ndefaultGlobalAccessLevel|global/admin\ndisplayName|global/admin\nenabled|global/admin\nendpointAuthorization|global/admin\nendpointDiscovery|global/admin\nendpointDiscoveryRefreshInterval|global/admin\nendpointIntrospection|global/admin\nendpointIntrospectionTimeout|global/admin\nendpointJwks|global/admin\nendpointJwksRefreshInterval|global/admin\nendpointToken|global/admin\nendpointTokenTimeout|global/admin\nendpointUserinfo|global/admin\nendpointUserinfoTimeout|global/admin\ninteractiveEnabled|global/admin\ninteractivePromptForExpiredSession|global/admin\ninteractivePromptForNewSession|global/admin\nissuer|global/admin\noauthRole|global/admin\nproxyName|global/admin\nresourceServerParseAccessTokenEnabled|global/admin\nresourceServerRequiredAudience|global/admin\nresourceServerRequiredIssuer|global/admin\nresourceServerRequiredScope|global/admin\nresourceServerRequiredType|global/admin\nresourceServerValidateAudienceEnabled|global/admin\nresourceServerValidateIssuerEnabled|global/admin\nresourceServerValidateScopeEnabled|global/admin\nresourceServerValidateTypeEnabled|global/admin\nsempEnabled|global/admin\nusernameClaimName|global/admin\n\n\n\nThis has been available since 2.24.", + "operationId": "updateOauthProfile", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an OAuth Profile object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "put": { + "description": "Replace an OAuth Profile object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nOAuth profiles specify how to securely authenticate to an OAuth provider.\n\n\nAttribute|Identifying|Const|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:\nclientSecret|||x|x\noauthProfileName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"global/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\naccessLevelGroupsClaimName|global/admin\naccessLevelGroupsClaimStringFormat|global/admin\nclientId|global/admin\nclientRedirectUri|global/admin\nclientRequiredType|global/admin\nclientScope|global/admin\nclientSecret|global/admin\nclientValidateTypeEnabled|global/admin\ndefaultGlobalAccessLevel|global/admin\ndisplayName|global/admin\nenabled|global/admin\nendpointAuthorization|global/admin\nendpointDiscovery|global/admin\nendpointDiscoveryRefreshInterval|global/admin\nendpointIntrospection|global/admin\nendpointIntrospectionTimeout|global/admin\nendpointJwks|global/admin\nendpointJwksRefreshInterval|global/admin\nendpointToken|global/admin\nendpointTokenTimeout|global/admin\nendpointUserinfo|global/admin\nendpointUserinfoTimeout|global/admin\ninteractiveEnabled|global/admin\ninteractivePromptForExpiredSession|global/admin\ninteractivePromptForNewSession|global/admin\nissuer|global/admin\noauthRole|global/admin\nproxyName|global/admin\nresourceServerParseAccessTokenEnabled|global/admin\nresourceServerRequiredAudience|global/admin\nresourceServerRequiredIssuer|global/admin\nresourceServerRequiredScope|global/admin\nresourceServerRequiredType|global/admin\nresourceServerValidateAudienceEnabled|global/admin\nresourceServerValidateIssuerEnabled|global/admin\nresourceServerValidateScopeEnabled|global/admin\nresourceServerValidateTypeEnabled|global/admin\nsempEnabled|global/admin\nusernameClaimName|global/admin\n\n\n\nThis has been available since 2.24.", + "operationId": "replaceOauthProfile", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The OAuth Profile object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfile" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The OAuth Profile object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an OAuth Profile object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/accessLevelGroups": { + "get": { + "description": "Get a list of Group Access Level objects.\n\nThe name of a group as it exists on the OAuth server being used to authenticate SEMP users.\n\n\nAttribute|Identifying\n:---|:---:\ngroupName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileAccessLevelGroups", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Group Access Level objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Group Access Level objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create a Group Access Level object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nThe name of a group as it exists on the OAuth server being used to authenticate SEMP users.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ngroupName|x|x|x|\noauthProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation. An access scope/level of \"global/admin\" is required to create access level groups with a global access level greater than \"none\". Requests which include the following attributes may require greater access scope/level than \"global/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\nglobalAccessLevel|global/admin\n\n\n\nThis has been available since 2.24.", + "operationId": "createOauthProfileAccessLevelGroup", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Group Access Level object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroup" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Group Access Level object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Group Access Level object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/accessLevelGroups/{groupName}": { + "delete": { + "description": "Delete a Group Access Level object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nThe name of a group as it exists on the OAuth server being used to authenticate SEMP users.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation. An access scope/level of \"global/admin\" is required to delete access level groups with a global access level greater than \"none\".\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfileAccessLevelGroup", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Group Access Level object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get a Group Access Level object.\n\nThe name of a group as it exists on the OAuth server being used to authenticate SEMP users.\n\n\nAttribute|Identifying\n:---|:---:\ngroupName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileAccessLevelGroup", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Group Access Level object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Group Access Level object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "patch": { + "description": "Update a Group Access Level object. Any attribute missing from the request will be left unchanged.\n\nThe name of a group as it exists on the OAuth server being used to authenticate SEMP users.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ngroupName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"global/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\nglobalAccessLevel|global/admin\n\n\n\nThis has been available since 2.24.", + "operationId": "updateOauthProfileAccessLevelGroup", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "description": "The Group Access Level object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroup" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Group Access Level object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Group Access Level object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "put": { + "description": "Replace a Group Access Level object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nThe name of a group as it exists on the OAuth server being used to authenticate SEMP users.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ngroupName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation. Requests which include the following attributes may require greater access scope/level than \"global/read-write\":\n\n\nAttribute|Access Scope/Level\n:---|:---:\nglobalAccessLevel|global/admin\n\n\n\nThis has been available since 2.24.", + "operationId": "replaceOauthProfileAccessLevelGroup", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "description": "The Group Access Level object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroup" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Group Access Level object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Group Access Level object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/accessLevelGroups/{groupName}/msgVpnAccessLevelExceptions": { + "get": { + "description": "Get a list of Message VPN Access-Level Exception objects.\n\nMessage VPN access-level exceptions for members of this group.\n\n\nAttribute|Identifying\n:---|:---:\ngroupName|x\nmsgVpnName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileAccessLevelGroupMsgVpnAccessLevelExceptions", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Message VPN Access-Level Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Message VPN Access-Level Exception objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create a Message VPN Access-Level Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nMessage VPN access-level exceptions for members of this group.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\ngroupName|x|||x\nmsgVpnName|x|x|x|\noauthProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "createOauthProfileAccessLevelGroupMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN Access-Level Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/accessLevelGroups/{groupName}/msgVpnAccessLevelExceptions/{msgVpnName}": { + "delete": { + "description": "Delete a Message VPN Access-Level Exception object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nMessage VPN access-level exceptions for members of this group.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfileAccessLevelGroupMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get a Message VPN Access-Level Exception object.\n\nMessage VPN access-level exceptions for members of this group.\n\n\nAttribute|Identifying\n:---|:---:\ngroupName|x\nmsgVpnName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileAccessLevelGroupMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "patch": { + "description": "Update a Message VPN Access-Level Exception object. Any attribute missing from the request will be left unchanged.\n\nMessage VPN access-level exceptions for members of this group.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ngroupName|x||x\nmsgVpnName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "updateOauthProfileAccessLevelGroupMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN Access-Level Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "put": { + "description": "Replace a Message VPN Access-Level Exception object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nMessage VPN access-level exceptions for members of this group.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\ngroupName|x||x\nmsgVpnName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "replaceOauthProfileAccessLevelGroupMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the group.", + "in": "path", + "name": "groupName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN Access-Level Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileAccessLevelGroupMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/clientAllowedHosts": { + "get": { + "description": "Get a list of Allowed Host Value objects.\n\nA valid hostname for this broker in OAuth redirects.\n\n\nAttribute|Identifying\n:---|:---:\nallowedHost|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileClientAllowedHosts", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Allowed Host Value objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAllowedHostsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Allowed Host Value objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create an Allowed Host Value object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA valid hostname for this broker in OAuth redirects.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nallowedHost|x|x|x|\noauthProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "createOauthProfileClientAllowedHost", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Allowed Host Value object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileClientAllowedHost" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Allowed Host Value object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAllowedHostResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an Allowed Host Value object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/clientAllowedHosts/{allowedHost}": { + "delete": { + "description": "Delete an Allowed Host Value object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA valid hostname for this broker in OAuth redirects.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfileClientAllowedHost", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "An allowed value for the Host header.", + "in": "path", + "name": "allowedHost", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an Allowed Host Value object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get an Allowed Host Value object.\n\nA valid hostname for this broker in OAuth redirects.\n\n\nAttribute|Identifying\n:---|:---:\nallowedHost|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileClientAllowedHost", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "An allowed value for the Host header.", + "in": "path", + "name": "allowedHost", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Allowed Host Value object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAllowedHostResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an Allowed Host Value object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/clientAuthorizationParameters": { + "get": { + "description": "Get a list of Authorization Parameter objects.\n\nAdditional parameters to be passed to the OAuth authorization endpoint.\n\n\nAttribute|Identifying\n:---|:---:\nauthorizationParameterName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileClientAuthorizationParameters", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Authorization Parameter objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParametersResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Authorization Parameter objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create an Authorization Parameter object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nAdditional parameters to be passed to the OAuth authorization endpoint.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nauthorizationParameterName|x|x|x|\noauthProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "createOauthProfileClientAuthorizationParameter", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Authorization Parameter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Parameter object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create an Authorization Parameter object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/clientAuthorizationParameters/{authorizationParameterName}": { + "delete": { + "description": "Delete an Authorization Parameter object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nAdditional parameters to be passed to the OAuth authorization endpoint.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfileClientAuthorizationParameter", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the authorization parameter.", + "in": "path", + "name": "authorizationParameterName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete an Authorization Parameter object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get an Authorization Parameter object.\n\nAdditional parameters to be passed to the OAuth authorization endpoint.\n\n\nAttribute|Identifying\n:---|:---:\nauthorizationParameterName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileClientAuthorizationParameter", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the authorization parameter.", + "in": "path", + "name": "authorizationParameterName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Parameter object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get an Authorization Parameter object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "patch": { + "description": "Update an Authorization Parameter object. Any attribute missing from the request will be left unchanged.\n\nAdditional parameters to be passed to the OAuth authorization endpoint.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nauthorizationParameterName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "updateOauthProfileClientAuthorizationParameter", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the authorization parameter.", + "in": "path", + "name": "authorizationParameterName", + "required": true, + "type": "string" + }, + { + "description": "The Authorization Parameter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Parameter object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update an Authorization Parameter object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "put": { + "description": "Replace an Authorization Parameter object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nAdditional parameters to be passed to the OAuth authorization endpoint.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nauthorizationParameterName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "replaceOauthProfileClientAuthorizationParameter", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the authorization parameter.", + "in": "path", + "name": "authorizationParameterName", + "required": true, + "type": "string" + }, + { + "description": "The Authorization Parameter object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameter" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Authorization Parameter object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientAuthorizationParameterResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace an Authorization Parameter object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/clientRequiredClaims": { + "get": { + "description": "Get a list of Required Claim objects.\n\nAdditional claims to be verified in the ID token.\n\n\nAttribute|Identifying\n:---|:---:\nclientRequiredClaimName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileClientRequiredClaims", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Required Claim objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientRequiredClaimsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Required Claim objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create a Required Claim object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nAdditional claims to be verified in the ID token.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nclientRequiredClaimName|x|x|x|\nclientRequiredClaimValue||x|x|\noauthProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "createOauthProfileClientRequiredClaim", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Required Claim object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileClientRequiredClaim" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Required Claim object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/clientRequiredClaims/{clientRequiredClaimName}": { + "delete": { + "description": "Delete a Required Claim object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nAdditional claims to be verified in the ID token.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfileClientRequiredClaim", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ID token claim to verify.", + "in": "path", + "name": "clientRequiredClaimName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Required Claim object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get a Required Claim object.\n\nAdditional claims to be verified in the ID token.\n\n\nAttribute|Identifying\n:---|:---:\nclientRequiredClaimName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileClientRequiredClaim", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the ID token claim to verify.", + "in": "path", + "name": "clientRequiredClaimName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileClientRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Required Claim object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/defaultMsgVpnAccessLevelExceptions": { + "get": { + "description": "Get a list of Message VPN Access-Level Exception objects.\n\nDefault message VPN access-level exceptions.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileDefaultMsgVpnAccessLevelExceptions", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Message VPN Access-Level Exception objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelExceptionsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Message VPN Access-Level Exception objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create a Message VPN Access-Level Exception object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nDefault message VPN access-level exceptions.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\nmsgVpnName|x|x|x|\noauthProfileName|x|||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "createOauthProfileDefaultMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN Access-Level Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/defaultMsgVpnAccessLevelExceptions/{msgVpnName}": { + "delete": { + "description": "Delete a Message VPN Access-Level Exception object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nDefault message VPN access-level exceptions.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfileDefaultMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get a Message VPN Access-Level Exception object.\n\nDefault message VPN access-level exceptions.\n\n\nAttribute|Identifying\n:---|:---:\nmsgVpnName|x\noauthProfileName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileDefaultMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "patch": { + "description": "Update a Message VPN Access-Level Exception object. Any attribute missing from the request will be left unchanged.\n\nDefault message VPN access-level exceptions.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "updateOauthProfileDefaultMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN Access-Level Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "put": { + "description": "Replace a Message VPN Access-Level Exception object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nDefault message VPN access-level exceptions.\n\n\nAttribute|Identifying|Const|Read-Only\n:---|:---:|:---:|:---:\nmsgVpnName|x|x|\noauthProfileName|x||x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "replaceOauthProfileDefaultMsgVpnAccessLevelException", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the message VPN.", + "in": "path", + "name": "msgVpnName", + "required": true, + "type": "string" + }, + { + "description": "The Message VPN Access-Level Exception object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelException" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Message VPN Access-Level Exception object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileDefaultMsgVpnAccessLevelExceptionResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Message VPN Access-Level Exception object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/resourceServerRequiredClaims": { + "get": { + "description": "Get a list of Required Claim objects.\n\nAdditional claims to be verified in the access token.\n\n\nAttribute|Identifying\n:---|:---:\noauthProfileName|x\nresourceServerRequiredClaimName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 100.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileResourceServerRequiredClaims", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Required Claim objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaimsResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Required Claim objects.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "post": { + "description": "Create a Required Claim object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nAdditional claims to be verified in the access token.\n\n\nAttribute|Identifying|Const|Required|Read-Only\n:---|:---:|:---:|:---:|:---:\noauthProfileName|x|||x\nresourceServerRequiredClaimName|x|x|x|\nresourceServerRequiredClaimValue||x|x|\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "createOauthProfileResourceServerRequiredClaim", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The Required Claim object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaim" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Required Claim object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/oauthProfiles/{oauthProfileName}/resourceServerRequiredClaims/{resourceServerRequiredClaimName}": { + "delete": { + "description": "Delete a Required Claim object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nAdditional claims to be verified in the access token.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "deleteOauthProfileResourceServerRequiredClaim", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the access token claim to verify.", + "in": "path", + "name": "resourceServerRequiredClaimName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Required Claim object.", + "tags": [ + "all", + "oauthProfile" + ] + }, + "get": { + "description": "Get a Required Claim object.\n\nAdditional claims to be verified in the access token.\n\n\nAttribute|Identifying\n:---|:---:\noauthProfileName|x\nresourceServerRequiredClaimName|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.24.", + "operationId": "getOauthProfileResourceServerRequiredClaim", + "parameters": [ + { + "description": "The name of the OAuth profile.", + "in": "path", + "name": "oauthProfileName", + "required": true, + "type": "string" + }, + { + "description": "The name of the access token claim to verify.", + "in": "path", + "name": "resourceServerRequiredClaimName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Required Claim object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/OauthProfileResourceServerRequiredClaimResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Required Claim object.", + "tags": [ + "all", + "oauthProfile" + ] + } + }, + "/proxies": { + "get": { + "description": "Get a list of Proxy objects.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a OAuth Provider, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nproxyName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.41.", + "operationId": "getProxies", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Proxy objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/ProxiesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Proxy objects.", + "tags": [ + "all", + "proxy" + ] + }, + "post": { + "description": "Create a Proxy object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a OAuth Provider, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Const|Required|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:|:---:\nauthenticationBasicPassword||||x|x\nproxyName|x|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.41.", + "operationId": "createProxy", + "parameters": [ + { + "description": "The Proxy object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Proxy" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/ProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Proxy object.", + "tags": [ + "all", + "proxy" + ] + } + }, + "/proxies/{proxyName}": { + "delete": { + "description": "Delete a Proxy object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a OAuth Provider, select the proxy by name in the configuration for that object.\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.41.", + "operationId": "deleteProxy", + "parameters": [ + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Proxy object.", + "tags": [ + "all", + "proxy" + ] + }, + "get": { + "description": "Get a Proxy object.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a OAuth Provider, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Write-Only|Opaque\n:---|:---:|:---:|:---:\nauthenticationBasicPassword||x|x\nproxyName|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.41.", + "operationId": "getProxy", + "parameters": [ + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/ProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Proxy object.", + "tags": [ + "all", + "proxy" + ] + }, + "patch": { + "description": "Update a Proxy object. Any attribute missing from the request will be left unchanged.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a OAuth Provider, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Const|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:\nauthenticationBasicPassword|||x|x\nproxyName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.41.", + "operationId": "updateProxy", + "parameters": [ + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + }, + { + "description": "The Proxy object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Proxy" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/ProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Proxy object.", + "tags": [ + "all", + "proxy" + ] + }, + "put": { + "description": "Replace a Proxy object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nProxy objects define the connection parameters for a proxy server. To use a proxy for a particular connection such as a OAuth Provider, select the proxy by name in the configuration for that object.\n\n\nAttribute|Identifying|Const|Write-Only|Opaque\n:---|:---:|:---:|:---:|:---:\nauthenticationBasicPassword|||x|x\nproxyName|x|x||\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/admin\" is required to perform this operation.\n\nThis has been available since 2.41.", + "operationId": "replaceProxy", + "parameters": [ + { + "description": "The name of the proxy.", + "in": "path", + "name": "proxyName", + "required": true, + "type": "string" + }, + { + "description": "The Proxy object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Proxy" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Proxy object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/ProxyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Proxy object.", + "tags": [ + "all", + "proxy" + ] + } + }, + "/systemInformation": { + "get": { + "deprecated": true, + "description": "Get a System Information object.\n\nThe System Information object provides metadata about the SEMP API.\n\n\nAttribute|Deprecated\n:---|:---:\nplatform|x\nsempVersion|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/none\" is required to perform this operation.\n\nThis has been deprecated since 2.2. /systemInformation was replaced by /about/api.", + "operationId": "getSystemInformation", + "parameters": [ + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The System Information object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/SystemInformationResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a System Information object.", + "tags": [ + "all", + "systemInformation" + ] + } + }, + "/virtualHostnames": { + "get": { + "description": "Get a list of Virtual Hostname objects.\n\nA Virtual Hostname is a provisioned object on a message broker that contains a Virtual Hostname to Message VPN mapping.\n\nClients which connect to a global (as opposed to per Message VPN) port and provides this hostname will be directed to its corresponding Message VPN. A case-insentive match is performed on the full client-provided hostname against the configured virtual-hostname.\n\nThis mechanism is only supported for hostnames provided through the Server Name Indication (SNI) extension of TLS.\n\n\nAttribute|Identifying\n:---|:---:\nvirtualHostname|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThe maximum number of objects that can be returned in a single page is 500.\n\nThis has been available since 2.17.", + "operationId": "getVirtualHostnames", + "parameters": [ + { + "$ref": "#/parameters/countQuery" + }, + { + "$ref": "#/parameters/cursorQuery" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/whereQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The list of Virtual Hostname objects' attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/VirtualHostnamesResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a list of Virtual Hostname objects.", + "tags": [ + "all", + "virtualHostname" + ] + }, + "post": { + "description": "Create a Virtual Hostname object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.\n\nA Virtual Hostname is a provisioned object on a message broker that contains a Virtual Hostname to Message VPN mapping.\n\nClients which connect to a global (as opposed to per Message VPN) port and provides this hostname will be directed to its corresponding Message VPN. A case-insentive match is performed on the full client-provided hostname against the configured virtual-hostname.\n\nThis mechanism is only supported for hostnames provided through the Server Name Indication (SNI) extension of TLS.\n\n\nAttribute|Identifying|Const|Required\n:---|:---:|:---:|:---:\nvirtualHostname|x|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.17.", + "operationId": "createVirtualHostname", + "parameters": [ + { + "description": "The Virtual Hostname object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/VirtualHostname" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Virtual Hostname object's attributes after being created, and the request metadata.", + "schema": { + "$ref": "#/definitions/VirtualHostnameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Create a Virtual Hostname object.", + "tags": [ + "all", + "virtualHostname" + ] + } + }, + "/virtualHostnames/{virtualHostname}": { + "delete": { + "description": "Delete a Virtual Hostname object. The deletion of instances of this object are synchronized to HA mates via config-sync.\n\nA Virtual Hostname is a provisioned object on a message broker that contains a Virtual Hostname to Message VPN mapping.\n\nClients which connect to a global (as opposed to per Message VPN) port and provides this hostname will be directed to its corresponding Message VPN. A case-insentive match is performed on the full client-provided hostname against the configured virtual-hostname.\n\nThis mechanism is only supported for hostnames provided through the Server Name Indication (SNI) extension of TLS.\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.17.", + "operationId": "deleteVirtualHostname", + "parameters": [ + { + "description": "The virtual hostname.", + "in": "path", + "name": "virtualHostname", + "required": true, + "type": "string" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The request metadata.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Delete a Virtual Hostname object.", + "tags": [ + "all", + "virtualHostname" + ] + }, + "get": { + "description": "Get a Virtual Hostname object.\n\nA Virtual Hostname is a provisioned object on a message broker that contains a Virtual Hostname to Message VPN mapping.\n\nClients which connect to a global (as opposed to per Message VPN) port and provides this hostname will be directed to its corresponding Message VPN. A case-insentive match is performed on the full client-provided hostname against the configured virtual-hostname.\n\nThis mechanism is only supported for hostnames provided through the Server Name Indication (SNI) extension of TLS.\n\n\nAttribute|Identifying\n:---|:---:\nvirtualHostname|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-only\" is required to perform this operation.\n\nThis has been available since 2.17.", + "operationId": "getVirtualHostname", + "parameters": [ + { + "description": "The virtual hostname.", + "in": "path", + "name": "virtualHostname", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Virtual Hostname object's attributes, and the request metadata.", + "schema": { + "$ref": "#/definitions/VirtualHostnameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Get a Virtual Hostname object.", + "tags": [ + "all", + "virtualHostname" + ] + }, + "patch": { + "description": "Update a Virtual Hostname object. Any attribute missing from the request will be left unchanged.\n\nA Virtual Hostname is a provisioned object on a message broker that contains a Virtual Hostname to Message VPN mapping.\n\nClients which connect to a global (as opposed to per Message VPN) port and provides this hostname will be directed to its corresponding Message VPN. A case-insentive match is performed on the full client-provided hostname against the configured virtual-hostname.\n\nThis mechanism is only supported for hostnames provided through the Server Name Indication (SNI) extension of TLS.\n\n\nAttribute|Identifying|Const\n:---|:---:|:---:\nvirtualHostname|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.17.", + "operationId": "updateVirtualHostname", + "parameters": [ + { + "description": "The virtual hostname.", + "in": "path", + "name": "virtualHostname", + "required": true, + "type": "string" + }, + { + "description": "The Virtual Hostname object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/VirtualHostname" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Virtual Hostname object's attributes after being updated, and the request metadata.", + "schema": { + "$ref": "#/definitions/VirtualHostnameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Update a Virtual Hostname object.", + "tags": [ + "all", + "virtualHostname" + ] + }, + "put": { + "description": "Replace a Virtual Hostname object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.\n\nA Virtual Hostname is a provisioned object on a message broker that contains a Virtual Hostname to Message VPN mapping.\n\nClients which connect to a global (as opposed to per Message VPN) port and provides this hostname will be directed to its corresponding Message VPN. A case-insentive match is performed on the full client-provided hostname against the configured virtual-hostname.\n\nThis mechanism is only supported for hostnames provided through the Server Name Indication (SNI) extension of TLS.\n\n\nAttribute|Identifying|Const\n:---|:---:|:---:\nvirtualHostname|x|x\n\n\n\nA SEMP client authorized with a minimum access scope/level of \"global/read-write\" is required to perform this operation.\n\nThis has been available since 2.17.", + "operationId": "replaceVirtualHostname", + "parameters": [ + { + "description": "The virtual hostname.", + "in": "path", + "name": "virtualHostname", + "required": true, + "type": "string" + }, + { + "description": "The Virtual Hostname object's attributes.", + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/VirtualHostname" + } + }, + { + "$ref": "#/parameters/opaquePasswordQuery" + }, + { + "$ref": "#/parameters/selectQuery" + } + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "The Virtual Hostname object's attributes after being replaced, and the request metadata.", + "schema": { + "$ref": "#/definitions/VirtualHostnameResponse" + } + }, + "default": { + "description": "The error response.", + "schema": { + "$ref": "#/definitions/SempMetaOnlyResponse" + } + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "summary": "Replace a Virtual Hostname object.", + "tags": [ + "all", + "virtualHostname" + ] + } + } + }, + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "securityDefinitions": { + "basicAuth": { + "description": "basic authentication", + "type": "basic" + } + }, + "swagger": "2.0", + "tags": [] +} \ No newline at end of file diff --git a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/TestConfig.java b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/TestConfig.java index 55d7d51f7..2f570fb11 100644 --- a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/TestConfig.java +++ b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/TestConfig.java @@ -1,6 +1,7 @@ package com.solace.maas.ep.event.management.agent; import com.solace.maas.ep.event.management.agent.command.CommandManager; +import com.solace.maas.ep.event.management.agent.command.SempDeleteCommandManager; import com.solace.maas.ep.event.management.agent.command.mapper.CommandMapper; import com.solace.maas.ep.event.management.agent.config.SolaceConfiguration; import com.solace.maas.ep.event.management.agent.config.eventPortal.EventPortalProperties; @@ -14,6 +15,7 @@ import com.solace.maas.ep.event.management.agent.plugin.manager.client.kafkaClient.KafkaClientReconnectionConfig; import com.solace.maas.ep.event.management.agent.plugin.messagingService.RtoMessageBuilder; import com.solace.maas.ep.event.management.agent.plugin.service.MessagingServiceDelegateService; +import com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformLogProcessingService; import com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformManager; import com.solace.maas.ep.event.management.agent.plugin.vmr.VmrProcessor; import com.solace.maas.ep.event.management.agent.processor.CommandLogStreamingProcessor; @@ -169,7 +171,9 @@ public CommandManager getCommandManager(TerraformManager terraformManager, MessagingServiceDelegateService messagingServiceDelegateService, EventPortalProperties eventPortalProperties, Optional commandLogStreamingProcessor, - MeterRegistry meterRegistry) { + MeterRegistry meterRegistry, + SempDeleteCommandManager sempDeleteCommandManager, + TerraformLogProcessingService terraformLogProcessingService) { return new CommandManager( terraformManager, commandMapper, @@ -177,7 +181,9 @@ public CommandManager getCommandManager(TerraformManager terraformManager, messagingServiceDelegateService, eventPortalProperties, commandLogStreamingProcessor, - meterRegistry + meterRegistry, + sempDeleteCommandManager, + terraformLogProcessingService ); } diff --git a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/CommandManagerTests.java b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/CommandManagerTests.java index 2639f4677..da7c50c91 100644 --- a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/CommandManagerTests.java +++ b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/CommandManagerTests.java @@ -3,6 +3,7 @@ import com.solace.maas.ep.common.messages.CommandMessage; import com.solace.maas.ep.event.management.agent.TestConfig; import com.solace.maas.ep.event.management.agent.command.CommandManager; +import com.solace.maas.ep.event.management.agent.command.SempDeleteCommandManager; import com.solace.maas.ep.event.management.agent.command.mapper.CommandMapper; import com.solace.maas.ep.event.management.agent.config.eventPortal.EventPortalProperties; import com.solace.maas.ep.event.management.agent.plugin.command.model.Command; @@ -42,7 +43,6 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.concurrent.CompletableFuture; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicBoolean; import java.util.stream.IntStream; @@ -76,9 +76,13 @@ class CommandManagerTests { @Autowired private CommandMapper commandMapper; - @Autowired + @SpyBean + private SempDeleteCommandManager sempDeleteCommandManager; + + @SpyBean private TerraformManager terraformManager; + @Autowired private CommandPublisher commandPublisher; @@ -97,8 +101,10 @@ class CommandManagerTests { @BeforeEach public void cleanup() { reset(terraformManager); + doNothing().when(terraformManager).deleteTerraformState(any()); reset(commandPublisher); reset(commandManager); + reset(sempDeleteCommandManager); reset(messagingServiceDelegateService); reset(commandLogStreamingProcessor); } @@ -107,14 +113,12 @@ public void cleanup() { void testMultiThreadedCommandManager() throws InterruptedException { // Set up the thread pool - int commandThreadPoolQueueSize = eventPortalProperties.getCommandThreadPoolQueueSize(); - testThreadPool.setCorePoolSize(commandThreadPoolQueueSize); - testThreadPool.initialize(); + int commandAmount = 10; // Build enough requests to fill the command thread pool queue List messageList = new ArrayList<>(); - for (int i = 0; i < commandThreadPoolQueueSize; i++) { + for (int i = 0; i < commandAmount; i++) { messageList.add(getCommandMessage(Integer.toString(i))); } @@ -134,19 +138,14 @@ void testMultiThreadedCommandManager() throws InterruptedException { .connectionUrl("myConnectionUrl") .build())); - // Execute all the commands in parallel to fill the command thread pool queue - IntStream.rangeClosed(1, commandThreadPoolQueueSize).parallel().forEach(i -> - CompletableFuture.runAsync(() -> commandManager.execute(messageList.get(i - 1)), testThreadPool)); + messageList.stream().forEach(message -> { + commandManager.execute(message); + }); - // Wait for all the threads to complete (add a timeout just in case) - await().atMost(10, TimeUnit.SECONDS).until(() -> CommandManagerTestHelper.verifyCommandPublisherIsInvoked( - commandPublisher, - commandThreadPoolQueueSize - )); // Verify terraform manager is called ArgumentCaptor> envArgCaptor = ArgumentCaptor.forClass(Map.class); - verify(terraformManager, times(commandThreadPoolQueueSize)).execute(any(), any(), envArgCaptor.capture()); + verify(terraformManager, times(commandAmount)).execute(any(), any(), envArgCaptor.capture()); // Verify the env vars are set with the terraform manager is called Map envVars = envArgCaptor.getValue(); @@ -155,7 +154,7 @@ void testMultiThreadedCommandManager() throws InterruptedException { assert envVars.get("TF_VAR_url").equals("myConnectionUrl"); ArgumentCaptor messageArgCaptor = ArgumentCaptor.forClass(CommandMessage.class); - verify(commandPublisher, times(commandThreadPoolQueueSize)).sendCommandResponse(messageArgCaptor.capture(), topicArgCaptor.capture()); + verify(commandPublisher, times(commandAmount)).sendCommandResponse(messageArgCaptor.capture(), topicArgCaptor.capture()); Map topicVars = topicArgCaptor.getValue(); assert topicVars.get("orgId").equals(eventPortalProperties.getOrganizationId()); @@ -163,7 +162,7 @@ void testMultiThreadedCommandManager() throws InterruptedException { // Make sure we get all 10 correlation ids in the response messages List receivedCorrelationIds = messageArgCaptor.getAllValues().stream().map(CommandMessage::getCommandCorrelationId).toList(); - List expectedCorrelationIds = IntStream.range(0, commandThreadPoolQueueSize).mapToObj(i -> "myCorrelationId" + i).toList(); + List expectedCorrelationIds = IntStream.range(0, commandAmount).mapToObj(i -> "myCorrelationId" + i).toList(); assertTrue(receivedCorrelationIds.size() == expectedCorrelationIds.size() && receivedCorrelationIds.containsAll(expectedCorrelationIds) && expectedCorrelationIds.containsAll(receivedCorrelationIds)); } @@ -172,25 +171,27 @@ void testMultiThreadedCommandManager() throws InterruptedException { void failSendingResponseBackToEp() { // Create a command request message CommandMessage message = getCommandMessage("1"); - doReturn(Path.of("/some/path/on/disk")).when(terraformManager).execute(any(), any(), any()); doThrow(new RuntimeException("Error sending response back to EP")).when(commandPublisher).sendCommandResponse(any(), any()); - commandManager.execute(message); + when(messagingServiceDelegateService.getMessagingServiceClient(any())).thenReturn( + new SolaceHttpSemp(SempClient.builder() + .username("myUsername") + .password("myPassword") + .connectionUrl("myConnectionUrl") + .build())); + doNothing().when(commandLogStreamingProcessor).streamLogsToEP(any(), any(), any()); - // Wait for the command thread to complete - await().atMost(10, TimeUnit.SECONDS).until(() -> CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 2)); + commandManager.execute(message); ArgumentCaptor messageArgCaptor = ArgumentCaptor.forClass(CommandMessage.class); - verify(commandPublisher, times(2)).sendCommandResponse(messageArgCaptor.capture(), any()); + // 1 attempt to send the response back to EP + verify(commandPublisher, times(1)).sendCommandResponse(messageArgCaptor.capture(), any()); // Check that we attempted to set Error in the response message messageArgCaptor.getAllValues().forEach(commandMessage -> { assert commandMessage.getCommandCorrelationId().equals(message.getCommandCorrelationId()); assert commandMessage.getCommandBundles().get(0).getCommands().get(0).getResult().getStatus().equals(JobStatus.error); }); - - // Overall status of the request is set to error - assertEquals(JobStatus.error, messageArgCaptor.getAllValues().get(1).getStatus()); } @Test @@ -204,7 +205,7 @@ void failSettingBrokerSpecificEnvironmentVariables() { .when(messagingServiceDelegateService).getMessagingServiceClient(MESSAGING_SERVICE_ID); commandManager.execute(message); - await().atMost(10, TimeUnit.SECONDS).until(() -> CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1)); + CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1); ArgumentCaptor messageArgCaptor = ArgumentCaptor.forClass(CommandMessage.class); verify(commandPublisher, times(1)).sendCommandResponse(messageArgCaptor.capture(), any()); @@ -212,22 +213,23 @@ void failSettingBrokerSpecificEnvironmentVariables() { assertEquals(JobStatus.error, messageArgCaptor.getValue().getStatus()); } - @Test - void failConfigPushCommand() { - // Create a command request message - CommandMessage message = getCommandMessage("1"); - - doNothing().when(commandPublisher).sendCommandResponse(any(), any()); - doThrow(new RuntimeException("Error running command.")).when(commandManager).configPush(any()); - - commandManager.execute(message); - await().atMost(10, TimeUnit.SECONDS).until(() -> CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1)); - - ArgumentCaptor messageArgCaptor = ArgumentCaptor.forClass(CommandMessage.class); - verify(commandPublisher, times(1)).sendCommandResponse(messageArgCaptor.capture(), any()); - - assertEquals(JobStatus.error, messageArgCaptor.getValue().getStatus()); - } + /** + * @Test void failConfigPushCommand() { + * // Create a command request message + * CommandMessage message = getCommandMessage("1"); + *

+ * doNothing().when(commandPublisher).sendCommandResponse(any(), any()); + * doThrow(new RuntimeException("Error running command.")).when(commandManager).configPush(any()); + *

+ * commandManager.execute(message); + * CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1); + *

+ * ArgumentCaptor messageArgCaptor = ArgumentCaptor.forClass(CommandMessage.class); + * verify(commandPublisher, times(1)).sendCommandResponse(messageArgCaptor.capture(), any()); + *

+ * assertEquals(JobStatus.error, messageArgCaptor.getValue().getStatus()); + * } + */ @Test void testCommandManager() { @@ -247,8 +249,7 @@ void testCommandManager() { commandManager.execute(message); - // Wait for the command thread to complete - await().atMost(10, TimeUnit.SECONDS).until(() -> CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1)); + CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1); // Verify terraform manager is called ArgumentCaptor> envArgCaptor = ArgumentCaptor.forClass(Map.class); @@ -271,9 +272,53 @@ void testCommandManager() { assertEquals(JobStatus.success, responseCaptor.getValue().getStatus()); } + // configPush tries to delete tf-state directory for the given context before executing the commands. + // If the directory does not exist, it should not throw an exception. + // This test verifies that unexpected exceptions are caught and the error is reported back to EP + // The caught exception is attached to the result of the first command in the bundle and the status is set to error + @Test + void failCommandManagerConfigPushDeleteTfState() { + CommandMessage message = getCommandMessage("1"); + when(messagingServiceDelegateService.getMessagingServiceClient(any())).thenReturn( + new SolaceHttpSemp(SempClient.builder() + .username("myUsername") + .password("myPassword") + .connectionUrl("myConnectionUrl") + .build())); + doThrow(new IllegalStateException("Failed removing Terraform state directory")).when(terraformManager).deleteTerraformState(any()); + doNothing().when(commandPublisher).sendCommandResponse(any(), any()); + commandManager.execute(message); + ArgumentCaptor> topicVarsCaptor = ArgumentCaptor.forClass(Map.class); + ArgumentCaptor responseCaptor = ArgumentCaptor.forClass(CommandMessage.class); + verify(commandPublisher, times(1)).sendCommandResponse(responseCaptor.capture(), topicVarsCaptor.capture()); + assertEquals(JobStatus.error, responseCaptor.getValue().getStatus()); + assertEquals("Failed removing Terraform state directory", + responseCaptor.getValue().getCommandBundles().get(0).getCommands().get(0).getResult().getLogs().get(0).get("message")); + } + + @Test + void testCommandManagerConfigPushDeleteTfState() { + CommandMessage message = getCommandMessage("1"); + when(messagingServiceDelegateService.getMessagingServiceClient(any())).thenReturn( + new SolaceHttpSemp(SempClient.builder() + .username("myUsername") + .password("myPassword") + .connectionUrl("myConnectionUrl") + .build())); + doReturn(Path.of("/some/path/on/disk")).when(terraformManager).execute(any(), any(), any()); + doNothing().when(terraformManager).deleteTerraformState(any()); + + commandManager.execute(message); + ArgumentCaptor> topicVarsCaptor = ArgumentCaptor.forClass(Map.class); + ArgumentCaptor responseCaptor = ArgumentCaptor.forClass(CommandMessage.class); + verify(commandPublisher, times(1)).sendCommandResponse(responseCaptor.capture(), topicVarsCaptor.capture()); + assertEquals(JobStatus.success, responseCaptor.getValue().getStatus()); + + } + @Test void verifyExitOnFailureIsRespectedWhenTrueAndIgnoreResultIsFalse() { - CommandMessage message = getCommandMessage("1", 4, true, false); + CommandMessage message = getCommandMessage("1", 2, 4, true, false); doThrow(new RuntimeException("Error executing command")).when(terraformManager).execute(any(), any(), any()); @@ -290,11 +335,13 @@ void verifyExitOnFailureIsRespectedWhenTrueAndIgnoreResultIsFalse() { assertNull(commandBundle.getCommands().get(1).getResult()); assertNull(commandBundle.getCommands().get(2).getResult()); assertNull(commandBundle.getCommands().get(3).getResult()); + assertNull(commandBundle.getCommands().get(4).getResult()); + assertNull(commandBundle.getCommands().get(5).getResult()); } @Test void verifyExitOnFailureIsRespectedWhenTrueAndIgnoreResultIsTrue() { - CommandMessage message = getCommandMessage("1", 4, true, true); + CommandMessage message = getCommandMessage("1", 2, 4, true, true); doThrow(new RuntimeException("Error executing command")).when(terraformManager).execute(any(), any(), any()); @@ -316,7 +363,7 @@ private static void verifyAllCommandsHaveErrorState(CommandMessage commandMessag @Test void verifyExitOnFailureIsRespectedWhenFalseAndIgnoreResultIsSetToFalse() { - CommandMessage message = getCommandMessage("1", 4, false, false); + CommandMessage message = getCommandMessage("1", 2, 4, false, false); doThrow(new RuntimeException("Error executing command")).when(terraformManager).execute(any(), any(), any()); @@ -359,7 +406,8 @@ void verifyMDCIsSetInCommandManagerThread() { commandManager.execute(message); // Wait for the command thread to complete - await().atMost(10, TimeUnit.SECONDS).until(() -> CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1)); + await().atMost(10, TimeUnit.SECONDS).until(() -> + CommandManagerTestHelper.verifyCommandPublisherIsInvoked(commandPublisher, 1)); assertTrue(mdcIsSet.get()); } @@ -368,7 +416,12 @@ private CommandMessage getCommandMessage(String correlationIdSuffix) { return getCommandMessage(correlationIdSuffix, 1, false, false); } - private CommandMessage getCommandMessage(String correlationIdSuffix, int numberOfCommands, + private CommandMessage getCommandMessage(String correlationIdSuffix, int numberOfTfCommands, + boolean exitOnFailure, boolean ignoreResult) { + return getCommandMessage(correlationIdSuffix, 0, numberOfTfCommands, exitOnFailure, ignoreResult); + } + + private CommandMessage getCommandMessage(String correlationIdSuffix, int numberOfSempDeleteCommands, int numberOfTfCommands, boolean exitOnFailure, boolean ignoreResult) { CommandMessage message = new CommandMessage(); message.setOrigType(MOPSvcType.maasEventMgmt); @@ -383,12 +436,32 @@ private CommandMessage getCommandMessage(String correlationIdSuffix, int numberO CommandBundle.builder() .executionType(ExecutionType.serial) .exitOnFailure(exitOnFailure) - .commands(IntStream.range(0, numberOfCommands).mapToObj(i -> buildCommand(ignoreResult)).toList()) + .commands(Stream.concat( + buildTfCommands(numberOfTfCommands, ignoreResult).stream(), + buildSempDeleteCommands(numberOfSempDeleteCommands, ignoreResult).stream() + ).toList()) .build())); return message; } - private static Command buildCommand(boolean ignoreResult) { + private static List buildSempDeleteCommands(int numberOfCommands, boolean ignoreResult) { + return IntStream.range(0, numberOfCommands).mapToObj(i -> buildSempDeleteCommand(ignoreResult)).toList(); + } + + private static List buildTfCommands(int numberOfCommands, boolean ignoreResult) { + return IntStream.range(0, numberOfCommands).mapToObj(i -> buildTfCommand(ignoreResult)).toList(); + } + + private static Command buildSempDeleteCommand(boolean ignoreResult) { + return Command.builder() + .commandType(CommandType.semp) + .ignoreResult(ignoreResult) + .body("someSempCommandPayload") + .command("delete") + .build(); + } + + private static Command buildTfCommand(boolean ignoreResult) { return Command.builder() .commandType(CommandType.terraform) .ignoreResult(ignoreResult) diff --git a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/SempDeleteCommandManagerTest.java b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/SempDeleteCommandManagerTest.java new file mode 100644 index 000000000..879a2acf9 --- /dev/null +++ b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/commandManager/SempDeleteCommandManagerTest.java @@ -0,0 +1,611 @@ +package com.solace.maas.ep.event.management.agent.commandManager; + +import com.solace.client.sempv2.ApiException; +import com.solace.client.sempv2.api.AclProfileApi; +import com.solace.client.sempv2.api.AuthorizationGroupApi; +import com.solace.client.sempv2.api.ClientUsernameApi; +import com.solace.client.sempv2.api.QueueApi; +import com.solace.client.sempv2.model.SempMetaOnlyResponse; +import com.solace.maas.ep.event.management.agent.TestConfig; +import com.solace.maas.ep.event.management.agent.command.SempDeleteCommandManager; +import com.solace.maas.ep.event.management.agent.command.semp.SempApiProvider; +import com.solace.maas.ep.event.management.agent.plugin.command.model.Command; +import com.solace.maas.ep.event.management.agent.plugin.command.model.CommandType; +import com.solace.maas.ep.event.management.agent.plugin.command.model.JobStatus; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.mockito.Mockito; +import org.springframework.boot.autoconfigure.EnableAutoConfiguration; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.test.mock.mockito.SpyBean; +import org.springframework.test.context.ActiveProfiles; + +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; +import java.nio.file.Path; +import java.util.HashMap; +import java.util.Map; + +import static com.solace.maas.ep.common.model.SempEntityType.solaceAclProfile; +import static com.solace.maas.ep.common.model.SempEntityType.solaceAclPublishTopicException; +import static com.solace.maas.ep.common.model.SempEntityType.solaceAclSubscribeTopicException; +import static com.solace.maas.ep.common.model.SempEntityType.solaceAuthorizationGroup; +import static com.solace.maas.ep.common.model.SempEntityType.solaceClientUsername; +import static com.solace.maas.ep.common.model.SempEntityType.solaceQueue; +import static com.solace.maas.ep.common.model.SempEntityType.solaceQueueSubscriptionTopic; +import static com.solace.maas.ep.event.management.agent.plugin.command.model.SempDeleteCommandConstants.SEMP_DELETE_DATA; +import static com.solace.maas.ep.event.management.agent.plugin.command.model.SempDeleteCommandConstants.SEMP_DELETE_ENTITY_TYPE; +import static com.solace.maas.ep.event.management.agent.plugin.command.model.SempDeleteCommandConstants.SEMP_DELETE_OPERATION; +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.verifyNoInteractions; +import static org.mockito.Mockito.when; + +@ActiveProfiles("TEST") +@EnableAutoConfiguration +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = TestConfig.class) +public class SempDeleteCommandManagerTest { + + private final static String DIR_SEMP_RESOURCES = "src/test/resources/sempResponses/"; + private final static String SEMP_RESPONSE_MISSING_RESOURCE = "sempResponseMissingResource.json"; + + @SpyBean + private SempDeleteCommandManager sempDeleteCommandManager; + + private SempApiProvider sempApiProvider; + + + @BeforeEach + void reset() throws ApiException { + sempApiProvider = Mockito.mock(SempApiProvider.class); + } + + + // test deleteMsgVpnAclProfile + @Test + void testDeleteAclProfileHappyPath() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfile(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclParametersParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfile("default", "aclProfileName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteAclProfileWithValidationException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfile(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclParametersParameters(false)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verifyNoInteractions(aclProfileApi); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testNotFoundDeleteAclProfile() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfile(any(), any())).thenThrow(createaNotFoundApiException(SEMP_RESPONSE_MISSING_RESOURCE)); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclParametersParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfile("default", "aclProfileName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteAclProfileWithException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfile(any(), any())).thenThrow(createaServerErrorApiException()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclParametersParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfile("default", "aclProfileName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + // test DeleteAclPublishTopicException + @Test + void testDeleteAclPublishTopicExceptionHappyPath() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfilePublishTopicException(any(), any(), any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclPublishTopicExceptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfilePublishTopicException("default", "aclProfileName", "smf", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteAclPublishTopicExceptionWithValidationException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfilePublishTopicException(any(), any(), any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclPublishTopicExceptionParameters(false)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verifyNoInteractions(aclProfileApi); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testNotFoundDeleteAclProfilePublishTopicException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfilePublishTopicException(any(), any(), any(), any())) + .thenThrow(createaNotFoundApiException(SEMP_RESPONSE_MISSING_RESOURCE)); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclPublishTopicExceptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfilePublishTopicException("default", "aclProfileName", "smf", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteAclProfilePublishTopicExceptionWithException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfilePublishTopicException(any(), any(), any(), any())).thenThrow(createaServerErrorApiException()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclPublishTopicExceptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfilePublishTopicException("default", "aclProfileName", "smf", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + // test DeleteAclSubscribeTopicException + @Test + void testDeleteAclProfileSubscribeTopicExceptionHappyPath() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfileSubscribeTopicException(any(), any(), any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclSubscribeTopicExceptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfileSubscribeTopicException("default", "aclProfileName", "smf", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteAclProfileSubscribeTopicExceptionWithValidationException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfileSubscribeTopicException(any(), any(), any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclSubscribeTopicExceptionParameters(false)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verifyNoInteractions(aclProfileApi); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testNotFoundDeleteAclProfileSubscribeTopicException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfileSubscribeTopicException(any(), any(), any(), any())) + .thenThrow(createaNotFoundApiException(SEMP_RESPONSE_MISSING_RESOURCE)); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclSubscribeTopicExceptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfileSubscribeTopicException("default", "aclProfileName", "smf", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteAclProfileSubscribeTopicExceptionWithException() throws ApiException { + AclProfileApi aclProfileApi = Mockito.mock(AclProfileApi.class); + when(sempApiProvider.getAclProfileApi()).thenReturn(aclProfileApi); + when((aclProfileApi).deleteMsgVpnAclProfileSubscribeTopicException("default", "aclProfileName", "smf", "a/b/c")) + .thenThrow(createaServerErrorApiException()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAclSubscribeTopicExceptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(aclProfileApi).deleteMsgVpnAclProfileSubscribeTopicException("default", "aclProfileName", "smf", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + // test DeleteSolaceClientUsername + + @Test + void testDeleteClientUsernameHappyPath() throws ApiException { + ClientUsernameApi clientUsernameApi = Mockito.mock(ClientUsernameApi.class); + when(sempApiProvider.getClientUsernameApi()).thenReturn(clientUsernameApi); + when((clientUsernameApi).deleteMsgVpnClientUsername(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteClientUsernameParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(clientUsernameApi).deleteMsgVpnClientUsername("default", "clientUsername"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteClientUsernameWithValidationException() throws ApiException { + ClientUsernameApi clientUsernameApi = Mockito.mock(ClientUsernameApi.class); + when(sempApiProvider.getClientUsernameApi()).thenReturn(clientUsernameApi); + when((clientUsernameApi).deleteMsgVpnClientUsername(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteClientUsernameParameters(false)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verifyNoInteractions(clientUsernameApi); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testDeleteClientUsernameWithException() throws ApiException { + ClientUsernameApi clientUsernameApi = Mockito.mock(ClientUsernameApi.class); + when(sempApiProvider.getClientUsernameApi()).thenReturn(clientUsernameApi); + when((clientUsernameApi).deleteMsgVpnClientUsername(any(), any())).thenThrow(createaServerErrorApiException()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteClientUsernameParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(clientUsernameApi).deleteMsgVpnClientUsername("default", "clientUsername"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testNotFoundDeleteClientUsername() throws ApiException { + ClientUsernameApi clientUsernameApi = Mockito.mock(ClientUsernameApi.class); + when(sempApiProvider.getClientUsernameApi()).thenReturn(clientUsernameApi); + when((clientUsernameApi).deleteMsgVpnClientUsername(any(), any())).thenThrow(createaNotFoundApiException(SEMP_RESPONSE_MISSING_RESOURCE)); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteClientUsernameParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(clientUsernameApi).deleteMsgVpnClientUsername("default", "clientUsername"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + // test DeleteAuthorizationGroup + + @Test + void testDeleteAuthorizationGroupHappyPath() throws ApiException { + AuthorizationGroupApi authorizationGroupApi = Mockito.mock(AuthorizationGroupApi.class); + when(sempApiProvider.getAuthorizationGroupApi()).thenReturn(authorizationGroupApi); + when((authorizationGroupApi).deleteMsgVpnAuthorizationGroup(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAuthorizationGroupParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(authorizationGroupApi).deleteMsgVpnAuthorizationGroup("default", "authorizationGroupName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteAuthorizationGroupWithValidationException() throws ApiException { + AuthorizationGroupApi authorizationGroupApi = Mockito.mock(AuthorizationGroupApi.class); + when(sempApiProvider.getAuthorizationGroupApi()).thenReturn(authorizationGroupApi); + when((authorizationGroupApi).deleteMsgVpnAuthorizationGroup(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAuthorizationGroupParameters(false)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verifyNoInteractions(authorizationGroupApi); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testDeleteAuthorizationGroupWithException() throws ApiException { + AuthorizationGroupApi authorizationGroupApi = Mockito.mock(AuthorizationGroupApi.class); + when(sempApiProvider.getAuthorizationGroupApi()).thenReturn(authorizationGroupApi); + when((authorizationGroupApi).deleteMsgVpnAuthorizationGroup(any(), any())).thenThrow(createaServerErrorApiException()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAuthorizationGroupParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(authorizationGroupApi).deleteMsgVpnAuthorizationGroup("default", "authorizationGroupName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testNotFoundDeleteAuthorizationGroup() throws ApiException { + AuthorizationGroupApi authorizationGroupApi = Mockito.mock(AuthorizationGroupApi.class); + when(sempApiProvider.getAuthorizationGroupApi()).thenReturn(authorizationGroupApi); + when((authorizationGroupApi).deleteMsgVpnAuthorizationGroup(any(), any())).thenThrow(createaNotFoundApiException(SEMP_RESPONSE_MISSING_RESOURCE)); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteAuthorizationGroupParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(authorizationGroupApi).deleteMsgVpnAuthorizationGroup("default", "authorizationGroupName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + + // test DeleteSolaceQueue + @Test + void testDeleteQueueHappyPath() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueue(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(queueApi).deleteMsgVpnQueue("default", "someQueueName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteQueueWithValidationException() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueue(any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueParameters(false)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verifyNoInteractions(queueApi); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testDeleteQueueWithException() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueue(any(), any())).thenThrow(createaServerErrorApiException()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(queueApi).deleteMsgVpnQueue("default", "someQueueName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testNotFoundDeleteQueue() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueue(any(), any())).thenThrow(createaNotFoundApiException(SEMP_RESPONSE_MISSING_RESOURCE)); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(queueApi).deleteMsgVpnQueue("default", "someQueueName"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + // test DeleteSolaceQueueTopicSubscription + @Test + void testDeleteQueueTopicSubscriptionHappyPath() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueueSubscription(any(), any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueSubscriptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(queueApi).deleteMsgVpnQueueSubscription("default", "someQueueName", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + @Test + void testDeleteQueueTopicSubscriptionWithException() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueueSubscription(any(), any(), any())).thenThrow(createaServerErrorApiException()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueSubscriptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(queueApi).deleteMsgVpnQueueSubscription("default", "someQueueName", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testDeleteQueueTopicSubscriptionWithValidationException() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueueSubscription(any(), any(), any())).thenReturn(new SempMetaOnlyResponse()); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueSubscriptionParameters(false)) + .build(); + + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verifyNoInteractions(queueApi); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.error); + } + + @Test + void testNotFoundDeleteQueueTopicSubscriptionWithException() throws ApiException { + QueueApi queueApi = Mockito.mock(QueueApi.class); + when(sempApiProvider.getQueueApi()).thenReturn(queueApi); + when((queueApi).deleteMsgVpnQueueSubscription(any(), any(), any())).thenThrow(createaNotFoundApiException(SEMP_RESPONSE_MISSING_RESOURCE)); + Command cmd = Command.builder() + .commandType(CommandType.semp) + .command(SEMP_DELETE_OPERATION) + .parameters(createDeleteQueueSubscriptionParameters(true)) + .build(); + sempDeleteCommandManager.execute(cmd, sempApiProvider); + verify(queueApi).deleteMsgVpnQueueSubscription("default", "someQueueName", "a/b/c"); + assertThat(cmd.getResult().getStatus()).isEqualTo(JobStatus.success); + } + + // helpers + + private Map createDeleteQueueSubscriptionParameters(boolean valid) { + Map parameters = new HashMap<>(); + parameters.put(SEMP_DELETE_ENTITY_TYPE, solaceQueueSubscriptionTopic.name()); + + Map data = new HashMap<>(); + data.put("msgVpn", "default"); + if (valid) { + data.put("queueName", "someQueueName"); + } + data.put("topicName", "a/b/c"); + parameters.put(SEMP_DELETE_DATA, data); + return parameters; + } + + private Map createDeleteQueueParameters(boolean valid) { + Map parameters = new HashMap<>(); + parameters.put(SEMP_DELETE_ENTITY_TYPE, solaceQueue.name()); + + Map data = new HashMap<>(); + data.put("msgVpn", "default"); + if (valid) { + data.put("queueName", "someQueueName"); + } + parameters.put(SEMP_DELETE_DATA, data); + return parameters; + } + + private Map createDeleteAclSubscribeTopicExceptionParameters(boolean valid) { + Map parameters = new HashMap<>(); + parameters.put(SEMP_DELETE_ENTITY_TYPE, solaceAclSubscribeTopicException.name()); + + Map data = new HashMap<>(); + data.put("msgVpn", "default"); + if (valid) { + data.put("aclProfileName", "aclProfileName"); + } + data.put("subscribeTopic", "a/b/c"); + parameters.put(SEMP_DELETE_DATA, data); + return parameters; + } + + private Map createDeleteAclPublishTopicExceptionParameters(boolean valid) { + Map parameters = new HashMap<>(); + parameters.put(SEMP_DELETE_ENTITY_TYPE, solaceAclPublishTopicException.name()); + + Map data = new HashMap<>(); + data.put("msgVpn", "default"); + if (valid) { + data.put("aclProfileName", "aclProfileName"); + } + data.put("publishTopic", "a/b/c"); + parameters.put(SEMP_DELETE_DATA, data); + return parameters; + } + + private Map createDeleteAclParametersParameters(boolean valid) { + Map parameters = new HashMap<>(); + parameters.put(SEMP_DELETE_ENTITY_TYPE, solaceAclProfile.name()); + + Map data = new HashMap<>(); + data.put("msgVpn", "default"); + if (valid) { + data.put("aclProfileName", "aclProfileName"); + } + parameters.put(SEMP_DELETE_DATA, data); + return parameters; + } + + private Map createDeleteClientUsernameParameters(boolean valid) { + Map parameters = new HashMap<>(); + parameters.put(SEMP_DELETE_ENTITY_TYPE, solaceClientUsername.name()); + + Map data = new HashMap<>(); + data.put("msgVpn", "default"); + if (valid) { + data.put("clientUsername", "clientUsername"); + } + parameters.put(SEMP_DELETE_DATA, data); + return parameters; + } + + private Map createDeleteAuthorizationGroupParameters(boolean valid) { + Map parameters = new HashMap<>(); + parameters.put(SEMP_DELETE_ENTITY_TYPE, solaceAuthorizationGroup.name()); + + Map data = new HashMap<>(); + data.put("msgVpn", "default"); + if (valid) { + data.put("authorizationGroupName", "authorizationGroupName"); + } + parameters.put(SEMP_DELETE_DATA, data); + return parameters; + } + + private ApiException createaServerErrorApiException() { + return new ApiException(500, "", new HashMap<>(), "{\"some\":\"error_message\"}"); + } + + private ApiException createaNotFoundApiException(String resourceName) { + return new ApiException(400, "", new HashMap<>(), readSempResponseResource(resourceName)); + } + + private String readSempResponseResource(String resourceName) { + try { + return Files.readString(Path.of(DIR_SEMP_RESOURCES + resourceName), StandardCharsets.UTF_8); + } catch (IOException e) { + throw new RuntimeException(e); + } + } +} diff --git a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/EmRestartSimulatingPersistentMessageHandlerObserverTest.java b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/EmRestartSimulatingPersistentMessageHandlerObserverTest.java new file mode 100644 index 000000000..1a8cfd3c6 --- /dev/null +++ b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/EmRestartSimulatingPersistentMessageHandlerObserverTest.java @@ -0,0 +1,51 @@ +package com.solace.maas.ep.event.management.agent.subscriber; + +import org.junit.jupiter.api.Test; + +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + + +public class EmRestartSimulatingPersistentMessageHandlerObserverTest { + + @Test + void testOnPhaseChangeRestartSimulated() { + EmaRestartSimulatingPersistentMessageHandlerObserver emaRestartSimulatingPersistentMessageHandlerObserver = + new EmaRestartSimulatingPersistentMessageHandlerObserver(); + emaRestartSimulatingPersistentMessageHandlerObserver.setRestartSimulated(true); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PRE_PROCESSOR_EXECUTION)).isFalse(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PRE_ACKNOWLEDGED)).isFalse(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.ACKNOWLEDGED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.FAILED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PROCESSOR_COMPLETED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PROCESSING_INITIATED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.RECEIVED)).isTrue(); + } + + @Test + void testOnPhaseChangeRestartNotSimulated() { + EmaRestartSimulatingPersistentMessageHandlerObserver emaRestartSimulatingPersistentMessageHandlerObserver = + new EmaRestartSimulatingPersistentMessageHandlerObserver(); + emaRestartSimulatingPersistentMessageHandlerObserver.setRestartSimulated(false); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PRE_PROCESSOR_EXECUTION)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PRE_ACKNOWLEDGED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.ACKNOWLEDGED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.FAILED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PROCESSOR_COMPLETED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.PROCESSING_INITIATED)).isTrue(); + assertThat(emaRestartSimulatingPersistentMessageHandlerObserver + .onPhaseChange(null, PersistentMessageHandlerObserverPhase.RECEIVED)).isTrue(); + } +} diff --git a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerTests.java b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerTests.java index 0d39e0887..38185f78b 100644 --- a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerTests.java +++ b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/PersistentMessageHandlerTests.java @@ -38,6 +38,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.awaitility.Awaitility.await; import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.doNothing; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; @@ -67,7 +68,7 @@ public class PersistentMessageHandlerTests { private PersistentMessageReceiver persistentMessageReceiver; @Autowired - private MessagingService messagingService; + private MessagingService messagingServicex; @SpyBean private ScanCommandMessageProcessor scanCommandMessageProcessor; @@ -107,7 +108,7 @@ void testCommandMessageHandler() { message.setOrigType(MOPSvcType.maasEventMgmt); message.withMessageType(generic); message.setContext("abc"); - message.setServiceId("someSvcId"); + message.setServiceId("messagingServiceId"); message.setActorId("myActorId"); message.setOrgId(eventPortalProperties.getOrganizationId()); message.setTraceId("myTraceId"); @@ -122,6 +123,7 @@ void testCommandMessageHandler() { when(inboundMessage.getProperty(MOPConstants.MOP_MSG_META_DECODER)).thenReturn( CommandMessage.class.getCanonicalName() ); + doNothing().when(commandMessageProcessor).processMessage(any()); solacePersistentMessageHandler.onMessage(inboundMessage); // Wait for the executor to process the message diff --git a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/TestingSupportSolacePersistentMessageHandlerObserver.java b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/TestingSupportSolacePersistentMessageHandlerObserver.java index 85b5b6c53..4cfb03125 100644 --- a/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/TestingSupportSolacePersistentMessageHandlerObserver.java +++ b/service/application/src/test/java/com/solace/maas/ep/event/management/agent/subscriber/TestingSupportSolacePersistentMessageHandlerObserver.java @@ -16,15 +16,15 @@ public class TestingSupportSolacePersistentMessageHandlerObserver implements Sol private final Set failedMessages =Collections.synchronizedSet(new HashSet<>()); @Override - public void onPhaseChange(InboundMessage message, PersistentMessageHandlerObserverPhase phase) { + public boolean onPhaseChange(InboundMessage message, PersistentMessageHandlerObserverPhase phase) { switch (phase) { case RECEIVED: receivedMessages.add(message); break; - case INITIATED: + case PROCESSING_INITIATED: initiatedMessages.add(message); break; - case COMPLETED: + case PROCESSOR_COMPLETED: completedMessages.add(message); break; case ACKNOWLEDGED: @@ -36,6 +36,7 @@ public void onPhaseChange(InboundMessage message, PersistentMessageHandlerObserv default: break; } + return true; } public boolean hasReceivedMessage(InboundMessage message) { diff --git a/service/application/src/test/resources/sempResponses/sempResponseMissingResource.json b/service/application/src/test/resources/sempResponses/sempResponseMissingResource.json new file mode 100644 index 000000000..45ac6964d --- /dev/null +++ b/service/application/src/test/resources/sempResponses/sempResponseMissingResource.json @@ -0,0 +1,14 @@ +{ + "meta": { + "error": { + "code": 6, + "description": "Could not find match for xxx doesnotexist", + "status": "NOT_FOUND" + }, + "request": { + "method": "DELETE", + "uri": "https://some.url.pointing.to.solace.broker" + }, + "responseCode": 400 + } +} \ No newline at end of file diff --git a/service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/CommandType.java b/service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/CommandType.java index e8a2549f0..a34790a4d 100644 --- a/service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/CommandType.java +++ b/service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/CommandType.java @@ -1,7 +1,8 @@ package com.solace.maas.ep.event.management.agent.plugin.command.model; public enum CommandType { - terraform("terraform"); + terraform("terraform"), + semp("semp"); private final String type; diff --git a/service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/SempDeleteCommandConstants.java b/service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/SempDeleteCommandConstants.java new file mode 100644 index 000000000..102a1938b --- /dev/null +++ b/service/plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/command/model/SempDeleteCommandConstants.java @@ -0,0 +1,12 @@ +package com.solace.maas.ep.event.management.agent.plugin.command.model; + +public final class SempDeleteCommandConstants { + + public static final String SEMP_DELETE_ENTITY_TYPE = "entityType"; + public static final String SEMP_DELETE_DATA = "data"; + public static final String SEMP_DELETE_OPERATION = "delete"; + + private SempDeleteCommandConstants() { + throw new UnsupportedOperationException("Utility class"); + } +} diff --git a/service/pom.xml b/service/pom.xml index c4fcc5eed..e5a5fcf7d 100644 --- a/service/pom.xml +++ b/service/pom.xml @@ -112,6 +112,7 @@ 0.8.10 + **/com/solace/client/sempv2/** **/config/* **/*.jar diff --git a/service/solace-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/solace/processor/SolaceQueueConfigurationProcessor.java b/service/solace-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/solace/processor/SolaceQueueConfigurationProcessor.java index 526a58f11..6e0372fbb 100644 --- a/service/solace-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/solace/processor/SolaceQueueConfigurationProcessor.java +++ b/service/solace-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/solace/processor/SolaceQueueConfigurationProcessor.java @@ -33,4 +33,5 @@ public List> handleEvent(Map properties, Obj return queueResponse; } + } diff --git a/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformLogProcessingService.java b/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformLogProcessingService.java index 98b3d5b79..dd4ce0551 100644 --- a/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformLogProcessingService.java +++ b/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformLogProcessingService.java @@ -9,6 +9,7 @@ import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; +import java.time.OffsetDateTime; import java.util.List; import java.util.Map; @@ -31,7 +32,24 @@ public TerraformLogProcessingService(ObjectMapper objectMapper) { this.objectMapper = objectMapper; } + public CommandResult buildTfStateFileDeletionFailureResult(RuntimeException rootCause) { + + Map errorLog = Map.of( + "address", "N/A", + "message", "Failed removing Terraform state: " + rootCause.getMessage(), + "level", "ERROR", + "timestamp", OffsetDateTime.now()); + + List> logs = List.of(errorLog); + + return CommandResult.builder() + .logs(logs) + .status(JobStatus.error) + .build(); + } + public CommandResult buildTfCommandResult(List jsonLogs) { + if (CollectionUtils.isEmpty(jsonLogs)) { throw new IllegalArgumentException("No terraform logs were collected. Unable to process response."); } @@ -48,11 +66,11 @@ public CommandResult buildTfCommandResult(List jsonLogs) { .map(this::simplifyApplyErroredLog) .toList(); JobStatus status = CollectionUtils.isEmpty(errorLogs) ? JobStatus.success : JobStatus.error; + return CommandResult.builder() .logs(ListUtils.union(successLogs, errorLogs)) .status(status) .build(); - } diff --git a/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformManager.java b/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformManager.java index 73a789225..69b478634 100644 --- a/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformManager.java +++ b/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformManager.java @@ -12,6 +12,7 @@ import com.solace.maas.ep.event.management.agent.plugin.terraform.configuration.TerraformProperties; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang.Validate; import org.slf4j.MDC; import org.springframework.stereotype.Service; @@ -45,6 +46,20 @@ public TerraformManager(TerraformLogProcessingService terraformLogProcessingServ this.terraformClientFactory = terraformClientFactory; } + /** + * Delete the terraform state for the given request - this will delete the terraform directory for the given request.
+ * If the terraform state directory does not exist, this method will not throw an exception. + * + * @param request + * @throws IllegalStateException if the terraform state cannot be deleted due to permissions or other issues + */ + public void deleteTerraformState(CommandRequest request) throws IllegalStateException { + Validate.notNull(request, "request must be provided"); + Validate.notEmpty(request.getContext(), "context of request must be provided"); + Validate.notEmpty(request.getServiceId(), "serviceId of request must be provided"); + TerraformUtils.deleteConfigPath(request, terraformProperties.getWorkingDirectoryRoot()); + } + public Path execute(CommandRequest request, Command command, Map envVars) { MDC.put(RouteConstants.COMMAND_CORRELATION_ID, request.getCommandCorrelationId()); MDC.put(RouteConstants.MESSAGING_SERVICE_ID, request.getServiceId()); diff --git a/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformUtils.java b/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformUtils.java index 0d34e195b..7b21f1117 100644 --- a/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformUtils.java +++ b/service/terraform-plugin/src/main/java/com/solace/maas/ep/event/management/agent/plugin/terraform/manager/TerraformUtils.java @@ -1,6 +1,5 @@ package com.solace.maas.ep.event.management.agent.plugin.terraform.manager; -import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import com.solace.maas.ep.event.management.agent.plugin.command.model.Command; import com.solace.maas.ep.event.management.agent.plugin.command.model.CommandRequest; @@ -8,15 +7,17 @@ import com.solace.maas.ep.event.management.agent.plugin.command.model.JobStatus; import com.solace.maas.ep.event.management.agent.plugin.terraform.client.TerraformClient; import org.apache.commons.lang.StringUtils; -import org.springframework.boot.logging.LogLevel; +import org.apache.commons.lang.Validate; import java.io.File; import java.io.IOException; import java.io.PrintWriter; -import java.io.Serializable; +import java.nio.file.FileVisitResult; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; +import java.nio.file.SimpleFileVisitor; +import java.nio.file.attribute.BasicFileAttributes; import java.time.Instant; import java.time.OffsetDateTime; import java.util.ArrayList; @@ -24,9 +25,10 @@ import java.util.List; import java.util.Map; import java.util.function.Consumer; -import java.util.logging.Level; public class TerraformUtils { + private static final Object lock = new Object(); // A lock object for synchronization + public static final String LOG_LEVEL_ERROR = "ERROR"; private static final String DEFAULT_TF_CONFIG_FILENAME = "config.tf"; public static final String CONTENT_ENCODING = "Content-Encoding"; @@ -62,6 +64,53 @@ public static void setCommandError(Command command, Exception e) { .build()); } + /** + * Delete the Terraform state directory for the given request under the given directory.
+ * The directory name is constructed as follows: {context}-{serviceId} + * + * @param request + * @param directory + */ + public static void deleteConfigPath(CommandRequest request, String directory) { + Validate.notNull(request, "request must be provided"); + Validate.notEmpty(request.getContext(), "context of request must be provided"); + Validate.notEmpty(request.getServiceId(), "serviceId of request must be provided"); + Validate.notEmpty(directory, "directory must be provided"); + // just in case the delete operation is called concurrently + synchronized (lock) { + Path configPath = Paths.get(directory + File.separator + + request.getContext() + + "-" + + request.getServiceId() + + File.separator + ); + + if (Files.exists(configPath)) { + try { + deleteDirectory(configPath); + } catch (IOException e) { + throw new IllegalStateException("Failed removing Terraform state directory: " + directory, e); + } + } + } + } + + private static void deleteDirectory(Path path) throws IOException { + Files.walkFileTree(path, new SimpleFileVisitor<>() { + @Override + public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException { + Files.delete(file); + return FileVisitResult.CONTINUE; + } + + @Override + public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException { + Files.delete(dir); + return FileVisitResult.CONTINUE; + } + }); + } + public static Path createConfigPath(CommandRequest request, String directory) { Path configPath = Paths.get(directory + File.separator + request.getContext() diff --git a/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformCommandIT.java b/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformCommandIT.java index 8335b8624..d37ab8271 100644 --- a/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformCommandIT.java +++ b/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformCommandIT.java @@ -43,7 +43,6 @@ import java.util.concurrent.CompletableFuture; import java.util.function.Consumer; import java.util.stream.Collectors; -import java.util.stream.Stream; import static java.nio.charset.StandardCharsets.UTF_8; import static org.junit.jupiter.api.Assertions.assertEquals; diff --git a/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformLogProcessingServiceTest.java b/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformLogProcessingServiceTest.java new file mode 100644 index 000000000..7a6133d82 --- /dev/null +++ b/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformLogProcessingServiceTest.java @@ -0,0 +1,29 @@ +package com.solace.maas.ep.event.management.agent.plugin.terraform; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.solace.maas.ep.event.management.agent.plugin.command.model.CommandResult; +import com.solace.maas.ep.event.management.agent.plugin.command.model.JobStatus; +import com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformLogProcessingService; +import org.junit.jupiter.api.Test; + +import java.util.Map; + +import static org.assertj.core.api.AssertionsForInterfaceTypes.assertThat; + + +public class TerraformLogProcessingServiceTest { + + @Test + void testBuildTfStateFileDeletionFailureResult() { + RuntimeException rootCause = new RuntimeException("rootCause"); + ObjectMapper objectMapper = new ObjectMapper(); + TerraformLogProcessingService terraformLogProcessingService = new TerraformLogProcessingService(objectMapper); + CommandResult result = terraformLogProcessingService.buildTfStateFileDeletionFailureResult(rootCause); + assertThat(result.getStatus()).isEqualTo(JobStatus.error); + assertThat(result.getLogs().size()).isEqualTo(1); + Map log = result.getLogs().get(0); + assertThat(log.get("message")).isEqualTo("Failed removing Terraform state: rootCause"); + assertThat(log.get("level")).isEqualTo("ERROR"); + assertThat(log.get("timestamp")).isNotNull(); + } +} diff --git a/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformUtilsTest.java b/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformUtilsTest.java new file mode 100644 index 000000000..8605be075 --- /dev/null +++ b/service/terraform-plugin/src/test/java/com/solace/maas/ep/event/management/agent/plugin/terraform/TerraformUtilsTest.java @@ -0,0 +1,34 @@ +package com.solace.maas.ep.event.management.agent.plugin.terraform; + +import com.solace.maas.ep.event.management.agent.plugin.command.model.CommandRequest; +import com.solace.maas.ep.event.management.agent.plugin.terraform.manager.TerraformUtils; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.io.TempDir; +import org.springframework.test.context.ActiveProfiles; + +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; + +import static org.junit.jupiter.api.Assertions.assertTrue; + +@ActiveProfiles("TEST") +class TerraformUtilsTest { + + @Test + void testDeleteConfigPath(@TempDir Path tempDirectory) throws IOException { + CommandRequest commandRequest = CommandRequest + .builder() + .context("someContext") + .serviceId("serviceId") + .build(); + // by convention, the directory name is someContext-serviceId + Path subDirectory = tempDirectory.resolve("someContext-serviceId"); + // create sample directories in tempDirectory + Files.createDirectory(subDirectory); + assertTrue(Files.exists(subDirectory)); + TerraformUtils.deleteConfigPath(commandRequest, tempDirectory.toString()); + assertTrue(Files.notExists(subDirectory)); + assertTrue(Files.exists(tempDirectory)); + } +}