forked from mystiq/dex
236 lines
7.6 KiB
JSON
236 lines
7.6 KiB
JSON
{
|
||
"kind": "discovery#restDescription",
|
||
"discoveryVersion": "v1",
|
||
"id": "dex:v1",
|
||
"name": "adminschema",
|
||
"version": "v1",
|
||
"title": "Dex Admin API",
|
||
"description": "The Dex Admin API.",
|
||
"documentationLink": "http://github.com/coreos/dex",
|
||
"protocol": "rest",
|
||
"icons": {
|
||
"x16": "",
|
||
"x32": ""
|
||
},
|
||
"labels": [],
|
||
"baseUrl": "$ENDPOINT/api/v1/",
|
||
"basePath": "/api/v1/",
|
||
"rootUrl": "$ENDPOINT/",
|
||
"servicePath": "api/v1/",
|
||
"batchPath": "batch",
|
||
"parameters": {},
|
||
"auth": {},
|
||
"schemas": {
|
||
"Admin": {
|
||
"id": "Admin",
|
||
"type": "object",
|
||
"properties": {
|
||
"id": {
|
||
"type": "string"
|
||
},
|
||
"email": {
|
||
"type": "string"
|
||
},
|
||
"password": {
|
||
"type": "string"
|
||
}
|
||
}
|
||
},
|
||
"State": {
|
||
"id": "State",
|
||
"type": "object",
|
||
"properties": {
|
||
"AdminUserCreated": {
|
||
"type": "boolean"
|
||
}
|
||
}
|
||
},
|
||
"Client": {
|
||
"id": "Client",
|
||
"type": "object",
|
||
"properties": {
|
||
"id": {
|
||
"type": "string",
|
||
"description": "The client ID. If specified in a client create request, it will be used as the ID. Otherwise, the server will choose the ID."
|
||
},
|
||
"secret": {
|
||
"type": "string",
|
||
"description": "The client secret. If specified in a client create request, it will be used as the secret. Otherwise, the server will choose the secret. Must be a base64 URLEncoded string."
|
||
},
|
||
"isAdmin": {
|
||
"type": "boolean"
|
||
},
|
||
"redirectURIs": {
|
||
"type": "array",
|
||
"items": {
|
||
"type": "string"
|
||
},
|
||
"description": "REQUIRED for normal clients. Array of Redirection URI values used by the Client. One of these registered Redirection URI values MUST exactly match the redirect_uri parameter value used in each Authorization Request, with the matching performed as described in Section 6.2.1 of [RFC3986] ( Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,â€<C3A2> January 2005. ) (Simple String Comparison). DISALLOWED for public clients."
|
||
},
|
||
"clientName": {
|
||
"type": "string",
|
||
"description": "OPTIONAL for normal cliens. Name of the Client to be presented to the End-User. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ). REQUIRED for public clients"
|
||
},
|
||
"logoURI": {
|
||
"type": "string",
|
||
"description": "OPTIONAL. URL that references a logo for the Client application. If present, the server SHOULD display this image to the End-User during approval. The value of this field MUST point to a valid image file. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ) ."
|
||
},
|
||
"clientURI": {
|
||
"type": "string",
|
||
"description": "OPTIONAL. URL of the home page of the Client. The value of this field MUST point to a valid Web page. If present, the server SHOULD display this URL to the End-User in a followable fashion. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ) ."
|
||
},
|
||
"trustedPeers": {
|
||
"type": "array",
|
||
"items": {
|
||
"type": "string"
|
||
},
|
||
"description": "Array of ClientIDs of clients that are allowed to mint ID tokens for the client being created."
|
||
},
|
||
"public": {
|
||
"type": "boolean",
|
||
"description": "OPTIONAL. Determines if the client is public. Public clients have certain restrictions: They cannot use their credentials to obtain a client JWT. Their redirects URLs cannot be specified: they are always http://localhost:$PORT or urn:ietf:wg:oauth:2.0:oob."
|
||
}
|
||
}
|
||
},
|
||
"ClientCreateRequest": {
|
||
"id": "ClientCreateRequest",
|
||
"type": "object",
|
||
"description": "A request to register a client with dex.",
|
||
"properties": {
|
||
"client": {
|
||
"$ref": "Client"
|
||
}
|
||
}
|
||
},
|
||
"ClientCreateResponse": {
|
||
"id": "ClientCreateResponse",
|
||
"type": "object",
|
||
"description": "Upon successful registration, an ID and secret is assigned to the client.",
|
||
"properties": {
|
||
"client": {
|
||
"$ref": "Client"
|
||
}
|
||
}
|
||
},
|
||
"Connector": {
|
||
"id": "Connector",
|
||
"type": "any",
|
||
"description": "An object which describes a federating identity strategy. For documentation see Documentation/connectors-configuration.md. Since different connectors expect different object fields the scheme is omitted here."
|
||
},
|
||
"ConnectorsSetRequest": {
|
||
"id": "ConnectorsSetRequest",
|
||
"type": "object",
|
||
"description": "A request to set all the connectors in the dex database.",
|
||
"properties": {
|
||
"connectors": {
|
||
"type": "array",
|
||
"items": {
|
||
"$ref": "Connector"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"ConnectorsGetResponse": {
|
||
"id": "ConnectorsGetResponse",
|
||
"type": "object",
|
||
"description": "A list of all connector responses.",
|
||
"properties": {
|
||
"connectors": {
|
||
"type": "array",
|
||
"items": {
|
||
"$ref": "Connector"
|
||
}
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"resources": {
|
||
"Admin": {
|
||
"methods": {
|
||
"Get": {
|
||
"id": "dex.admin.Admin.Get",
|
||
"description": "Retrieve information about an admin user.",
|
||
"httpMethod": "GET",
|
||
"path": "admin/{id}",
|
||
"parameters": {
|
||
"id": {
|
||
"type": "string",
|
||
"required": true,
|
||
"location": "path"
|
||
}
|
||
},
|
||
"parameterOrder": [
|
||
"id"
|
||
],
|
||
"response": {
|
||
"$ref": "Admin"
|
||
}
|
||
},
|
||
"Create": {
|
||
"id": "dex.admin.Admin.Create",
|
||
"description": "Create a new admin user.",
|
||
"httpMethod": "POST",
|
||
"path": "admin",
|
||
"request": {
|
||
"$ref": "Admin"
|
||
},
|
||
"response": {
|
||
"$ref": "Admin"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"State": {
|
||
"methods": {
|
||
"Get": {
|
||
"id": "dex.admin.State.Get",
|
||
"description": "Get the state of the Dex DB",
|
||
"httpMethod": "GET",
|
||
"path": "state",
|
||
"response": {
|
||
"$ref": "State"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"Client": {
|
||
"methods": {
|
||
"Create": {
|
||
"id": "dex.admin.Client.Create",
|
||
"description": "Register an OpenID Connect client.",
|
||
"httpMethod": "POST",
|
||
"path": "client",
|
||
"request": {
|
||
"$ref": "ClientCreateRequest"
|
||
},
|
||
"response": {
|
||
"$ref": "ClientCreateResponse"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"Connectors": {
|
||
"methods": {
|
||
"Set": {
|
||
"id": "dex.admin.Connector.Set",
|
||
"description": "Set the list of connectors for the dex system, overwriting all previous connectors. A 200 status code indicates the action was successful.",
|
||
"httpMethod": "PUT",
|
||
"path": "connectors",
|
||
"request": {
|
||
"$ref": "ConnectorsSetRequest"
|
||
}
|
||
},
|
||
"Get": {
|
||
"id": "dex.admin.Connector.Get",
|
||
"description": "Return a list of the connectors for the dex system.",
|
||
"httpMethod": "GET",
|
||
"path": "connectors",
|
||
"response": {
|
||
"$ref": "ConnectorsGetResponse"
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|