Gravitee Access Management

openapi: 3.0.1
info:
  title: Gravitee.io - Access Management API
  version: 4.12.0-alpha.3
servers:
- url: /management
security:
- gravitee-auth: []
tags:
- name: Authentication Device Notifier
- name: Authorization Engine
- name: Bot Detection
- name: Certificate
- name: Device Identifier
- name: Extension Grant
- name: Factor
- name: Identity Provider
- name: Newsletter
- name: Notifier
- name: Password Policy
- name: Plugin
- name: Policy
- name: Reporter
- name: Resource
- name: alerts
- name: application
- name: audit
- name: authorization engine
- name: bot detection
- name: certificate
- name: data-sources
- name: dataPlane
- name: device identifiers
- name: devices
- name: dictionary
- name: domain
- name: email
- name: entrypoints
- name: extension grant
- name: factor
- name: flow
- name: form
- name: group
- name: identity provider
- name: platform
- name: preview
- name: protected-resource
- name: reporter
- name: resource
- name: role
- name: scope
- name: sharding-tags
- name: theme
- name: user
- name: user notifications
paths:
  /organizations/{organizationId}/audits:
    get:
      tags:
      - audit
      summary: List audit logs for the organization
      description: "User must have the ORGANIZATION_AUDIT[LIST] permission on the\
        \ specified organization. Except if user has ORGANIZATION_AUDIT[READ] permission\
        \ on the organization, each returned audit is filtered and contains only basic\
        \ information such as id, date, event, actor, target and status."
      operationId: listOrganizationAudits
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: type
        in: query
        schema:
          type: string
      - name: status
        in: query
        schema:
          type: string
      - name: user
        in: query
        schema:
          type: string
      - name: from
        in: query
        schema:
          type: integer
          format: int64
      - name: to
        in: query
        schema:
          type: integer
          format: int64
      - name: size
        in: query
        schema:
          type: integer
          format: int32
          default: 10
      - name: page
        in: query
        schema:
          type: integer
          format: int32
          default: 0
      responses:
        "200":
          description: List audit logs for the platform
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/Audit"
        "500":
          description: Internal server error
  /organizations/{organizationId}/audits/{audit}:
    get:
      tags:
      - audit
      summary: Get an audit log
      description: "User must have the ORGANIZATION_AUDIT[READ] permission on the\
        \ specified organization"
      operationId: getOrganizationAudit
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: audit
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: Audit log successfully fetched
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Audit"
        "500":
          description: Internal server error
  /organizations/{organizationId}/entrypoints:
    get:
      tags:
      - entrypoints
      summary: List entrypoints
      description: "User must have the ORGANIZATION[LIST] permission on the specified\
        \ organization. Each returned entrypoint is filtered and contains only basic\
        \ information such as id and name."
      operationId: listEntrypoints
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: List all the entrypoints
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/Entrypoint"
        "500":
          description: Internal server error
    post:
      tags:
      - entrypoints
      summary: Create a entrypoint
      description: "User must have the ORGANIZATION_ENTRYPOINT[CREATE] permission\
        \ on the specified organization"
      operationId: createEntrypoint
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/NewEntrypoint"
        required: true
      responses:
        "201":
          description: Entrypoint successfully created
        "500":
          description: Internal server error
  /organizations/{organizationId}/entrypoints/{entrypointId}:
    get:
      tags:
      - entrypoints
      summary: Get a sharding entrypoint
      description: "User must have the ORGANIZATION_ENTRYPOINT[READ] permission on\
        \ the specified organization"
      operationId: getEntrypoint
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: entrypointId
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: Sharding entrypoint
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Entrypoint"
        "500":
          description: Internal server error
    put:
      tags:
      - entrypoints
      summary: Update the sharding entrypoint
      description: "User must have the ORGANIZATION_ENTRYPOINT[UPDATE] permission\
        \ on the specified organization"
      operationId: updateEntrypoint
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: entrypointId
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/UpdateEntrypoint"
        required: true
      responses:
        "200":
          description: Sharding entrypoint successfully updated
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Entrypoint"
        "500":
          description: Internal server error
    delete:
      tags:
      - entrypoints
      summary: Delete the sharding entrypoint
      description: "User must have the ORGANIZATION_ENTRYPOINT[DELETE] permission\
        \ on the specified organization"
      operationId: deleteEntrypoint
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: entrypointId
        in: path
        required: true
        schema:
          type: string
      responses:
        "204":
          description: Sharding entrypoint successfully deleted
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments:
    get:
      summary: List all the environments
      description: "User must have the ENVIRONMENT[LIST] permission on the specified\
        \ organization AND either ENVIRONMENT[READ] permission on each environment\
        \ or ENVIRONMENT[READ] permission on the specified organization.Each returned\
        \ environment is filtered and contains only basic information such as id and\
        \ name."
      operationId: listEnvironments
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: List all the environments of the organization
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/Environment"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/data-planes:
    get:
      tags:
      - dataPlane
      summary: List of data planes
      description: "List all the data planes accessible to the current user. User\
        \ must have DATA_PLANE[READ] permission on the specified environment or organization"
      operationId: listDataPlanes
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: List accessible data planes for current user
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/DataPlane"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/data-sources:
    get:
      tags:
      - data-sources
      summary: List all the data sources
      description: Returns all of the available data sources to be used in IDP creation
      operationId: listAllDataSources
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: List all the IDP data sources
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/DataSource"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains:
    get:
      tags:
      - domain
      summary: List security domains for an environment
      description: "List all the security domains accessible to the current user.\
        \ User must have DOMAIN[LIST] permission on the specified environment or organization\
        \ AND either DOMAIN[READ] permission on each security domain or DOMAIN[READ]\
        \ permission on the specified environment or DOMAIN[READ] permission on the\
        \ specified organization.Each returned domain is filtered and contains only\
        \ basic information such as id, name and description and isEnabled."
      operationId: listDomains
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: page
        in: query
        schema:
          type: integer
          format: int32
          default: 0
      - name: size
        in: query
        schema:
          type: integer
          format: int32
          default: 50
      - name: q
        in: query
        schema:
          type: string
      responses:
        "200":
          description: List accessible security domains for current user
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DomainPage"
        "500":
          description: Internal server error
    post:
      tags:
      - domain
      summary: Create a security domain.
      description: "Create a security domain. User must have DOMAIN[CREATE] permission\
        \ on the specified environment or DOMAIN[CREATE] permission on the specified\
        \ organization"
      operationId: createDomain
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/NewDomain"
        required: true
      responses:
        "201":
          description: Domain successfully created
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Domain"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/_hrid/{hrid}:
    get:
      tags:
      - domain
      summary: Get a security domain by hrid
      description: "User must have the DOMAIN[READ] permission on the specified domain,\
        \ environment or organization. Domain will be filtered according to permissions\
        \ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\
        \ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)"
      operationId: findDomainByHrid
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: hrid
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: Domain
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Domain"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/{domain}:
    get:
      tags:
      - domain
      summary: Get a security domain
      description: "User must have the DOMAIN[READ] permission on the specified domain,\
        \ environment or organization. Domain will be filtered according to permissions\
        \ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\
        \ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)"
      operationId: findDomain
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: Domain
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Domain"
        "500":
          description: Internal server error
    put:
      tags:
      - domain
      summary: Update the security domain
      description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
        \ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
        \ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization."
      operationId: updateDomain
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/PatchDomain"
        required: true
      responses:
        "200":
          description: Domain successfully updated
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Domain"
        "500":
          description: Internal server error
    delete:
      tags:
      - domain
      summary: Delete the security domain
      description: "User must have the DOMAIN[DELETE] permission on the specified\
        \ domain or DOMAIN[DELETE] permission on the specified environment or DOMAIN[DELETE]\
        \ permission on the specified organization."
      operationId: deleteDomain
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      responses:
        "204":
          description: Domain successfully deleted
        "500":
          description: Internal server error
    patch:
      tags:
      - domain
      summary: Patch the security domain
      description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\
        \ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\
        \ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization."
      operationId: patchDomain
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/PatchDomain"
        required: true
      responses:
        "200":
          description: Domain successfully patched
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Domain"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers:
    get:
      tags:
      - alerts
      - domain
      summary: List alert notifiers
      description: "List all the alert notifiers of the domain. User must have DOMAIN_ALERT_NOTIFIER[LIST]\
        \ permission on the specified domain, environment or organization."
      operationId: listAlertNotifiers
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: List alert notifiers for current user
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/AlertNotifier"
        "500":
          description: Internal server error
    post:
      tags:
      - alerts
      - domain
      summary: Create an alert notifier
      description: "Create a new alert notifierUser must have DOMAIN_ALERT_NOTIFIER[CREATE]\
        \ permission on the specified domain, environment or organization."
      operationId: createAlertNotifier
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/NewAlertNotifier"
        required: true
      responses:
        "200":
          description: Alert notifier successfully created
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/AlertNotifier"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers/{notifierId}:
    get:
      tags:
      - alerts
      - domain
      summary: Get an alert notifier
      description: "Get an alert notifier by its id. User must have DOMAIN_ALERT_NOTIFIER[LIST]\
        \ permission on the specified domain, environment or organization."
      operationId: getAlertNotifier
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      - name: notifierId
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: The alert notifier
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/AlertNotifier"
        "500":
          description: Internal server error
    delete:
      tags:
      - alerts
      - domain
      summary: Delete an alert notifier
      description: "Delete an alert notifier by its id. User must have DOMAIN_ALERT_NOTIFIER[DELETE]\
        \ permission on the specified domain, environment or organization."
      operationId: deleteAlertNotifier
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      - name: notifierId
        in: path
        required: true
        schema:
          type: string
      responses:
        "204":
          description: Alert notifier successfully deleted
        "500":
          description: Internal server error
    patch:
      tags:
      - alerts
      - domain
      summary: Update an alert notifier
      description: "Update an alert notifierUser must have DOMAIN_ALERT_NOTIFIER[UPDATE]\
        \ permission on the specified domain, environment or organization."
      operationId: patchAlertNotifier
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      - name: notifierId
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/PatchAlertNotifier"
        required: true
      responses:
        "200":
          description: Alert notifier successfully updated
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/AlertNotifier"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/triggers:
    get:
      tags:
      - alerts
      - domain
      summary: List alert triggers
      description: "List all the alert triggers of the domain accessible to the current\
        \ user. User must have DOMAIN_ALERT[LIST] permission on the specified domain,\
        \ environment or organization."
      operationId: listAlertTriggers
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: List alert triggers for current user
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/AlertTrigger"
        "500":
          description: Internal server error
    patch:
      tags:
      - alerts
      - domain
      summary: Update multiple alert triggers
      description: "Update multiple alert triggers in the same timeUser must have\
        \ DOMAIN_ALERT[UPDATE] permission on the specified domain, environment or\
        \ organization."
      operationId: updateAlertTriggers
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              type: array
              items:
                $ref: "#/components/schemas/PatchAlertTrigger"
        required: true
      responses:
        "200":
          description: Alert triggers successfully updated
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/AlertTrigger"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/analytics:
    get:
      tags:
      - domain
      summary: Find domain analytics
      description: "User must have DOMAIN_ANALYTICS[READ] permission on the specified\
        \ domain or DOMAIN_ANALYTICS[READ] permission on the specified environment\
        \ or DOMAIN_ANALYTICS[READ] permission on the specified organization"
      operationId: findDomainAnalytics
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      - name: from
        in: query
        description: Used to define the start date of the time window to query
        schema:
          type: integer
          format: int64
      - name: to
        in: query
        description: Used to define the end date of the time window to query
        schema:
          type: integer
          format: int64
      - name: interval
        in: query
        description: The time interval when getting histogram data
        schema:
          type: integer
          format: int64
      - name: size
        in: query
        description: The number of data to retrieve
        schema:
          type: integer
          format: int32
      - name: type
        in: query
        description: "The type of data to retrieve (group_by, date_histo, count)"
        required: true
        schema:
          $ref: "#/components/schemas/AnalyticsTypeParam"
      - name: field
        in: query
        schema:
          type: string
      responses:
        "200":
          description: Analytics successfully fetched
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications:
    get:
      tags:
      - application
      - domain
      summary: List registered applications for a security domain
      description: "User must have the APPLICATION[LIST] permission on the specified\
        \ domain, environment or organization AND either APPLICATION[READ] permission\
        \ on each domain's application or APPLICATION[READ] permission on the specified\
        \ domain or APPLICATION[READ] permission on the specified environment or APPLICATION[READ]\
        \ permission on the specified organization. Each returned application is filtered\
        \ and contains only basic information such as id, name, description and isEnabled."
      operationId: listApplications
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      - name: page
        in: query
        schema:
          type: integer
          format: int32
          default: 0
      - name: size
        in: query
        schema:
          type: integer
          format: int32
          default: 50
      - name: q
        in: query
        schema:
          type: string
      - name: expand
        in: query
        schema:
          type: array
          items:
            type: string
      responses:
        "200":
          description: List registered applications for a security domain
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/ApplicationPage"
        "500":
          description: Internal server error
    post:
      tags:
      - application
      - domain
      summary: Create an application
      description: "User must have APPLICATION[CREATE] permission on the specified\
        \ domain or APPLICATION[CREATE] permission on the specified environment or\
        \ APPLICATION[CREATE] permission on the specified organization"
      operationId: createApplication
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/NewApplication"
        required: true
      responses:
        "201":
          description: Application successfully created
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Application"
        "500":
          description: Internal server error
  /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}:
    get:
      tags:
      - application
      - domain
      summary: Get an application
      description: "User must have the APPLICATION[READ] permission on the specified\
        \ application or APPLICATION[READ] permission on the specified domain or APPLICATION[READ]\
        \ permission on the specified environment or APPLICATION[READ] permission\
        \ on the specified organization. Application will be filtered according to\
        \ permissions (READ on APPLICATION_IDENTITY_PROVIDER, APPLICATION_CERTIFICATE,\
        \ APPLICATION_METADATA, APPLICATION_USER_ACCOUNT, APPLICATION_SETTINGS)"
      operationId: findApplication
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      - name: application
        in: path
        required: true
        schema:
          type: string
      responses:
        "200":
          description: Application
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Application"
        "500":
          description: Internal server error
    put:
      tags:
      - application
      - domain
      summary: Update an application
      description: "User must have APPLICATION[UPDATE] permission on the specified\
        \ application or APPLICATION[UPDATE] permission on the specified domain or\
        \ APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE]\
        \ permission on the specified organization"
      operationId: updateApplication
      parameters:
      - name: organizationId
        in: path
        required: true
        schema:
          type: string
      - name: environmentId
        in: path
        required: true
        schema:
          type: string
      - name: domain
        in: path
        required: true
        schema:
          type: string
      - name: application
        in: path
        required: true
        schema:
          type: string
      reques

# --- truncated at 32 KB (480 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/gravitee/refs/heads/main/openapi/gravitee-am-openapi.yml