The Symphony Pod API provides core platform services including user management, stream (room) management, content export, connection management, security certificates, and presence. Used to build tools that manage and administer Symphony for an organization.
swagger: '2.0'
info:
version: 20.17.1
title: Symphony Pod API
description: >-
The Symphony Pod API is used to build tools in order to manage and
administer Symphony for your organization.
servers:
- url: /
host: yourpodURL.symphony.com
basePath: /pod
paths:
/v1/companycert/list:
get:
summary: List All Trusted Certs
consumes:
- application/json
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: skip
description: Pagination start
in: query
required: false
type: integer
- name: limit
description: Row limit
in: query
required: false
type: integer
tags: []
responses:
'200':
description: Success
schema:
$ref: '#/definitions/CompanyCertInfoList'
examples:
application/json:
- companyCertAttributes:
name: agentservice
type:
type: USER
status:
type: TRUSTED
companyCertInfo:
fingerPrint: 300a...
lastSeen: 0
updatedAt: 0
updatedBy: 0
commonName: agentservice
expiryDate: 1781886755000
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v2/companycert/create:
post:
summary: >-
Create a company trusted or untrusted certificate. Different from V1 in
that we reject expired certificates.
consumes:
- application/json
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: cert
in: body
required: true
schema:
$ref: '#/definitions/CompanyCert'
tags: []
responses:
'200':
description: Success
schema:
$ref: '#/definitions/CompanyCertDetail'
examples:
application/json:
- companyCertAttributes:
name: jira
type:
type: USER
status:
type: KNOWN
companyCertInfo:
fingerPrint: 450369...
issuerFingerPrint: c35680...
lastSeen: 1529994790226
updatedAt: 1529598066602
updatedBy: 9208409884327
commonName: jiraWebHookIntegration
expiryDate: 1768510565000
certInfo:
- name: General
attributes:
- name: Issuer
value: >-
C=US O=Symphony Communications LLC
CN=bot_user_provisioning
- name: Subject
value: >-
C=US OU=NOT FOR PRODUCTION USE O=Symphony
Communications LLC CN=jiraWebHookIntegration
- name: Signature Algorithm
value: SHA256withRSA
- name: Validity
attributes:
- name: Not Before
value: Mon Jan 15 20:56:05 UTC 2018
- name: Not After
value: Thu Jan 15 20:56:05 UTC 2026
- name: Public Key
attributes:
- name: Algorithm
value: RSA
- name: Format
value: X.509
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/companycert/delete:
post:
summary: Delete a Company Certificate
consumes:
- application/json
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: fingerPrint
in: body
required: true
schema:
$ref: '#/definitions/StringId'
tags: []
responses:
'200':
description: Success
schema:
$ref: '#/definitions/SuccessResponse'
examples:
application/json:
format: TEXT
message: OK
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/companycert/{fingerPrint}/get:
get:
summary: Get the Details of a Company Certificate
consumes:
- application/json
produces:
- application/json
parameters:
- name: fingerPrint
description: Certificate fingerPrint (ID)
in: path
required: true
type: string
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
tags:
- Finger
responses:
'200':
description: Success
schema:
$ref: '#/definitions/CompanyCertDetail'
examples:
application/json:
- companyCertAttributes:
name: jira
type:
type: USER
status:
type: KNOWN
companyCertInfo:
fingerPrint: 450369...
issuerFingerPrint: c35680...
lastSeen: 1529994790226
updatedAt: 1529598066602
updatedBy: 9208409884327
commonName: jiraWebHookIntegration
expiryDate: 1768510565000
certInfo:
- name: General
attributes:
- name: Issuer
value: >-
C=US O=Symphony Communications LLC
CN=bot_user_provisioning
- name: Subject
value: >-
C=US OU=NOT FOR PRODUCTION USE O=Symphony
Communications LLC CN=jiraWebHookIntegration
- name: Signature Algorithm
value: SHA256withRSA
- name: Validity
attributes:
- name: Not Before
value: Mon Jan 15 20:56:05 UTC 2018
- name: Not After
value: Thu Jan 15 20:56:05 UTC 2026
- name: Public Key
attributes:
- name: Algorithm
value: RSA
- name: Format
value: X.509
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/companycert/{fingerPrint}/update:
post:
summary: Update a Company Certificate
consumes:
- application/json
produces:
- application/json
parameters:
- name: fingerPrint
description: Certificate fingerPrint (ID)
in: path
required: true
type: string
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: certAttributes
in: body
required: true
schema:
$ref: '#/definitions/CompanyCertAttributes'
tags:
- Finger
responses:
'200':
description: Success
schema:
$ref: '#/definitions/SuccessResponse'
examples:
application/json:
format: TEXT
message: OK
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/companycert/{fingerPrint}/issuedBy:
get:
summary: |
Return a list of all certificates which were verified to the cert whose
fingerprint is passed.
consumes:
- application/json
produces:
- application/json
parameters:
- name: fingerPrint
description: Certificate fingerPrint (ID)
in: path
required: true
type: string
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
tags:
- Finger
- Issued
responses:
'200':
description: Success
schema:
$ref: '#/definitions/CompanyCertInfoList'
examples:
application/json:
- companyCertAttributes:
name: agentservice
type:
type: USER
status:
type: TRUSTED
companyCertInfo:
fingerPrint: 300a...
lastSeen: 0
updatedAt: 0
updatedBy: 0
commonName: agentservice
expiryDate: 1781886755000
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/companycert/podmanaged/list:
get:
summary: List All Trusted Certs
consumes:
- application/json
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: skip
description: Pagination start
in: query
required: false
type: integer
- name: limit
description: Row limit
in: query
required: false
type: integer
tags:
- Pod Managed
responses:
'200':
description: Success
schema:
$ref: '#/definitions/CompanyCertInfoList'
examples:
application/json:
- companyCertAttributes:
name: agentservice
type:
type: USER
status:
type: TRUSTED
companyCertInfo:
fingerPrint: 300a...
lastSeen: 0
updatedAt: 0
updatedBy: 0
commonName: agentservice
expiryDate: 1781886755000
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/companycert/type/list:
post:
summary: List All Certs of the Given Types
consumes:
- application/json
produces:
- application/json
parameters:
- name: typeIdList
description: Certificate type list
in: body
required: true
schema:
$ref: '#/definitions/CompanyCertTypeList'
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: skip
description: Pagination start
in: query
required: false
type: integer
- name: limit
description: Row limit
in: query
required: false
type: integer
tags:
- Types
responses:
'200':
description: Success
schema:
$ref: '#/definitions/CompanyCertInfoList'
examples:
application/json:
- companyCertAttributes:
name: agentservice
type:
type: USER
status:
type: TRUSTED
companyCertInfo:
fingerPrint: 300a...
lastSeen: 0
updatedAt: 0
updatedBy: 0
commonName: agentservice
expiryDate: 1781886755000
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/podcert:
get:
summary: >
Retrieve the pod certificate that can be use to validate signed JWT
tokens generated from the pod
produces:
- application/json
tags: []
responses:
'200':
description: OK
schema:
$ref: '#/definitions/PodCertificate'
examples:
application/json:
certificate: PEM_CERTIFICATE
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/connection/list:
get:
summary: List of Requesting User's Connection
description: >
This retrieves all connections of the requesting user. (i.e. both
connections in which the requesting user is the sender and those
in which the requesting user is the inivtee) By default, if you haven't
specified the connection status to filter on, this call will only
return results for both "pending_incoming" and "pending_outgoing". You
can optionally filter by userIds to further restrict the results of
a specific connection status. If the users are in the same private pod,
the users have an implicit connection status of "accepted". Those
users will not be returned in the response if you don't specify the
connection status as "accepted" (default is "pending")
and the explicit userIds in the request.
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: status
description: >
Filter the connection list based on the connection status.
The connection status can only be pending_incoming,
pending_outgoing, accepted, rejected, or all (all of the above)
in: query
type: string
enum:
- PENDING_INCOMING
- PENDING_OUTGOING
- ACCEPTED
- REJECTED
- ALL
- name: userIds
description: >
The userIds parameter should be specified as a comma delimited list
of user ids and can be used to restrict the results of a specific
connection.
Note that this is particularly important if the caller intends to
retrieve results for implicit connection (user within the same pod).
Implicit connections will not be included in the response if userId
is not provided.
in: query
type: string
tags: []
responses:
'200':
description: OK
schema:
$ref: '#/definitions/UserConnectionList'
examples:
application/json:
- userId: 769658112378
status: ACCEPTED
updatedAt: 1471018076255
- userId: 7078106103809
status: PENDING_INCOMING
updatedAt: 1467562406219
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'404':
description: 'Not Found: Connection cannot be found.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
// Not Found. Connection cannot be found. See response body for
fruther details.
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/connection/create:
post:
summary: Sends an Invitation to Connect With Another User
consumes:
- application/json
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: connectionRequest
in: body
required: true
schema:
$ref: '#/definitions/UserConnectionRequest'
tags: []
responses:
'200':
description: OK
schema:
$ref: '#/definitions/UserConnection'
examples:
application/json:
userId: 7078106126503
status: PENDING_OUTGOING
firstRequestedAt: 1470018076306
updatedAt: 1471018076255
requestCounter: 1
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'404':
description: 'Not Found: User cannot be found.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
// Not Found. User cannot be found. See response body for
fruther details.
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/connection/accept:
post:
summary: Accept the Connection Request for the Requesting User
consumes:
- application/json
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: connectionRequest
in: body
required: true
schema:
$ref: '#/definitions/UserConnectionRequest'
tags:
- Accept
responses:
'200':
description: Success
schema:
$ref: '#/definitions/UserConnection'
examples:
application/json:
userId: 7078106126503
status: ACCEPTED
firstRequestedAt: 1470018076306
updatedAt: 1471018076255
requestCounter: 1
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks necessary entitlement.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
The user lacks the required entitlement to perform this
operation
'404':
description: 'Not Found: Connection cannot be found.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 403
message: >-
// Not Found. Connection cannot be found. See response body for
fruther details.
'500':
description: Server error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 500
message: // Server error, see response body for further details.
/v1/connection/reject:
post:
summary: Reject the Connection Request for the Requesting User
description: >
Reject the connection between the requesting user and request sender. If
both users are in the same private pod,
an error will be returned because both users have an implicit connection
which cannot be rejected.
consumes:
- application/json
produces:
- application/json
parameters:
- name: sessionToken
description: Session authentication token.
in: header
required: true
type: string
- name: connectionRequest
in: body
required: true
schema:
$ref: '#/definitions/UserConnectionRequest'
tags:
- Reject
responses:
'200':
description: Success
schema:
$ref: '#/definitions/UserConnection'
examples:
application/json:
userId: 7078106126503
status: REJECTED
firstRequestedAt: 1470018076306
updatedAt: 1471018076255
requestCounter: 1
'400':
description: Client error, see response body for further details.
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 400
message: // Client error, see response body for further details.
'401':
description: 'Unauthorized: Invalid session token.'
schema:
$ref: '#/definitions/Error'
examples:
application/json:
code: 401
message: Invalid session
'403':
description: 'Forbidden: Caller lacks nece
# --- truncated at 32 KB (362 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/symphony/refs/heads/main/openapi/symphony-pod-api-openapi.yml