Aembit Cloud API - Data Schemas
Section titled “Aembit Cloud API - Data Schemas”Version: v1
AccessConditionDTO
Section titled “AccessConditionDTO”DTO of an individual Access Condition for enforcement during Access Policy evaluation
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- integrationID (optional): string (uuid) - ID of the Integration Entity used by this Access Condition
- integration (optional): any
- conditions (required): object - Rules which are enforced by the Access Condition
- accessPolicyCount (optional): integer (int32) - Access Policies associated with this Access Condition
- integrationType (optional): string | null
AccessConditionListDTO
Section titled “AccessConditionListDTO”Page of Access Conditions
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32)
- recordsTotal (optional): integer (int32)
- accessConditions (optional): Array
AccessConditionPatchDTO
Section titled “AccessConditionPatchDTO”Patch Request DTO for individual Access Condition
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
AgentControllerDTO
Section titled “AgentControllerDTO”DTO of an individual Agent Controller for Agent Proxy management
Type: object
Properties:
- id (optional): integer (int) - ID of the Agent Controller
- externalId (optional): string (uuid) - ID of the Agent Controller
- createdAt (optional): string (date) - Agent Controller creation Timestamp
- version (optional): string | null - Last reported software version of the Agent Controller
- isActive (optional): boolean (boolean) - Active status of the Agent Controller
- name (required): string - Name of the Agent Controller
- description (optional): string | null - Description of the Agent Controller
- tags (optional): Array
- Tags assigned to the Agent Controller - tlsCertificates (optional): Array
- TLS Certificates associated with the Agent Controller - trustProviderId (optional): string (uuid) | null - Trust Provider ID of the Agent Controller used for attested authentication
- trustProvider (optional): any
- modifiedAt (optional): string (date) - Agent Controller modification Timestamp
- isHealthy (optional): boolean (boolean) - Recently reported Agent Controller Health Status
- lastReportedUptime (optional): integer (int64) - Last Reported Agent Controller Uptime (in seconds)
- lastReportedHealthTime (optional): string (date) | null - Last Reported Agent Controller Health Time
- allowedTlsHostname (optional): string | null - Allowed TLS Hostname for Aembit Managed TLS
AgentControllerDeviceCodeDTO
Section titled “AgentControllerDeviceCodeDTO”DTO of an individual Agent Controller Device Code
Type: object
Properties:
- device_code (optional): string | null - One time use OAuth 2 Device Code for use during AgentController deployment and registration
AgentControllerListDTO
Section titled “AgentControllerListDTO”Page of Agent Controllers for Agent Proxy management
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of AgentControllers available
- agentControllers (optional): Array
- Page of AgentControllers for this request
AgentControllerPatchDTO
Section titled “AgentControllerPatchDTO”Patch Request DTO for individual Agent Controller
Type: object
Properties:
- version (optional): string | null
- isActive (optional): boolean (boolean) | null - New Status for the identified Agent Controller
- trustProviderId (optional): string (uuid) | null - New Trust Provider to use for the identified Agent Controller
AgentControllerTagDTO
Section titled “AgentControllerTagDTO”Agent Controller Tag key and value
Type: object
Properties:
- key (required): string - Key for the Agent Controller Tag
- value (required): string - Value for the Agent Controller Tag
AgentControllerTlsCertificateDTO
Section titled “AgentControllerTlsCertificateDTO”Agent Controller TLS Certificate information
Type: object
Properties:
- subject (required): string - Subject of the Certificate
- serialNumber (required): string - Serial Number of the Certificate
- thumbprint (required): string - Thumbprint of the Certificate
- notBefore (required): string (date-time) - Creation Timestamp of the Certificate
- notAfter (required): string (date-time) - Expiration Timestamp of the Certificate
- hostName (required): string - Last reported Hostname for the Agent Controller
- createdAt (required): string (date-time) - Creation Timestamp for this Agent Controller TLS Certificate
- isManagedByAembit (optional): boolean (boolean) - True if the Agent Controller TLS Certificate is managed by Aembit
AuditActorDTO
Section titled “AuditActorDTO”DTO for the Actor details of an Aembit Audit Log
Type: object
Properties:
- type (optional): string | null - The type of Audit Log actor (e.g. User, System, or Role)
- displayName (optional): string | null - Fully qualified Audit Log Actor name
- userName (optional): string | null
- email (optional): string | null
- credentialProviderId (optional): string | null - Credential Provider ID that was used to generate the Role-based Access Token for this Audit Log action
- accessPolicyId (optional): string | null - Access Policy ID that was used to generate the Role-based Access Token for this Audit Log action
AuditClientDTO
Section titled “AuditClientDTO”DTO for the Client details of an Aembit Audit Log
Type: object
Properties:
- ipAddress (optional): string | null - IP Address of the remote client
- userAgent (optional): any
AuditLogDTO
Section titled “AuditLogDTO”DTO for an individual Aembit Audit Log
Type: object
Properties:
- externalId (optional): string (uuid) - ID of an Aembit Audit Log
- resourceSetId (optional): string (uuid) - Resource Set ID of an Aembit Audit Log
- category (optional): string | null - Category of an Aembit Audit Log (e.g. Users, AccessPolicies, Workloads, etc.)
- actor (optional): any
- activity (optional): string | null - Activity of an Aembit Audit Log
- target (optional): string | null - Target of an Aembit Audit Log
- client (optional): any
- outcome (optional): any
- trustProvider (optional): any
- severity (optional): string | null - Severity of an Aembit Audit Log
- createdAt (optional): string (date-time) - Timestamp of when this Aembit Audit Log was created
AuditLogListDTO
Section titled “AuditLogListDTO”Page of Aembit Audit Logs
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Aembit Audit Logs
- auditLogs (optional): Array
- Page of Aembit Audit Logs
AuditOutcomeDTO
Section titled “AuditOutcomeDTO”DTO for the Outcome of an individual Aembit Audit Log
Type: object
Properties:
- reason (optional): string | null - Reason for the outcome of this Aembit Audit Log
- result (optional): string | null - Outcome of the action associated with this Aembit Audit Log
AuthorizationEventAtttestationResultDTO
Section titled “AuthorizationEventAtttestationResultDTO”Individual Access Entity Attestation Result of an Aembit Access Authorization Event
Type: object
Properties:
- id (optional): string (uuid) - Access Entity ID
- name (optional): string | null - Access Entity Name
- result (optional): string | null - Access Entity processing Result for this Access Authorization Event
- matches (optional): Array
- List of matched Access Entity Identifiers - reason (optional): string | null
- attribute (optional): string | null
- expectedValue (optional): string | null
- actualValue (optional): string | null
AuthorizationEventCPResultDTO
Section titled “AuthorizationEventCPResultDTO”Individual Credential Provider Result of an Aembit Access Authorization Event
Type: object
Properties:
- id (optional): string (uuid) - Access Entity ID
- name (optional): string | null - Access Entity Name
- result (optional): string | null - Access Entity processing Result for this Access Authorization Event
- matches (optional): Array
- List of matched Access Entity Identifiers - type (optional): string | null - Credential Provider Type
- reason (optional): string | null - Credential Provider Failure Reason
AuthorizationEventDTO
Section titled “AuthorizationEventDTO”An individual Aembit Access Authorization Event
Type: object
Properties:
- meta (optional): any
- outcome (optional): any
- clientRequest (optional): any
- environment (optional): any
- clientWorkload (optional): any
- serverWorkload (optional): any
- accessPolicy (optional): any
- trustProviders (optional): Array
- Trust Provider information for an individual Aembit Access Authorization Event - accessConditions (optional): Array
- Access Condition information for an individual Aembit Access Authorization Event - credentialProvider (optional): any
AuthorizationEventDataMetaDTO
Section titled “AuthorizationEventDataMetaDTO”Metadata DTO for an individual Aembit Access Authorization Event
Type: object
Properties:
- clientIP (optional): string | null - Remote Client IP Address of the Access Authorization Request
- timestamp (optional): string (date-time) - Timestamp of the Access Authorization Request
- eventType (optional): string | null - Event Type of the Access Authorization Request
- eventId (optional): string (uuid) - Unique ID of the Access Authorization Event
- resourceSetId (optional): string (uuid) - Resource Set ID of the Access Authorization Event
- contextId (optional): string (uuid) - Context ID of the Access Authorization Events for a single Access Authorization Request
- directiveId (optional): string (uuid) - Directive ID of the Access Authorization Event (if available)
- severity (optional): string | null - Severity of the Access Authorization Event (e.g. Info, Warning, Error)
AuthorizationEventEntityResultDTO
Section titled “AuthorizationEventEntityResultDTO”Access Entity Result of an Aembit Access Authorization Event
Type: object
Properties:
- id (optional): string (uuid) - Access Entity ID
- name (optional): string | null - Access Entity Name
- result (optional): string | null - Access Entity processing Result for this Access Authorization Event
- matches (optional): Array
- List of matched Access Entity Identifiers
AuthorizationEventEnvironmentDataDTO
Section titled “AuthorizationEventEnvironmentDataDTO”Type: object
Properties:
- network (optional): any
- host (optional): any
- process (optional): any
- aembit (optional): any
- aws (optional): any
- gcp (optional): any
- azure (optional): any
- kubernetes (optional): any
- gitlab (optional): any
- github (optional): any
- terraform (optional): any
AuthorizationEventListDTO
Section titled “AuthorizationEventListDTO”Page of Aembit Access Authorization Events
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Aembit Audit Logs
- authorizationEvents (optional): Array
- Page of Aembit Access Authorization Events
AuthorizationEventOutcomeDTO
Section titled “AuthorizationEventOutcomeDTO”Outcome of an individual Aembit Access Authorization Event
Type: object
Properties:
- result (optional): string | null - Result of an individual Aembit Access Authorization Event
- reason (optional): string | null - Reason for the Result of an individual Aembit Access Authorization Event
AwsIamRoleCpiDTO
Section titled “AwsIamRoleCpiDTO”DTO for AWS IAM Role Credential Provider Integration
CPAwsStsV2DTO
Section titled “CPAwsStsV2DTO”CPGitLabManagedAccountDTO
Section titled “CPGitLabManagedAccountDTO”CPTypeAembitAccessTokenV2DTO
Section titled “CPTypeAembitAccessTokenV2DTO”CPTypeApiKeyUIV2DTO
Section titled “CPTypeApiKeyUIV2DTO”CPTypeAzureEntraFederationV2DTO
Section titled “CPTypeAzureEntraFederationV2DTO”CPTypeGoogleWorkflowIDFederationV2DTO
Section titled “CPTypeGoogleWorkflowIDFederationV2DTO”CPTypeJWTTokenV2DTO
Section titled “CPTypeJWTTokenV2DTO”CPTypeOAuth2AuthorizationCodeUIV2DTO
Section titled “CPTypeOAuth2AuthorizationCodeUIV2DTO”CPTypeOAuth2ClientCredentialsUIV2DTO
Section titled “CPTypeOAuth2ClientCredentialsUIV2DTO”CPTypeOAuth2CustomParameters
Section titled “CPTypeOAuth2CustomParameters”Type: object
Properties:
- key (optional): string | null
- value (optional): string | null
- valueType (optional): string | null
CPTypeUsernamePasswordUIV2DTO
Section titled “CPTypeUsernamePasswordUIV2DTO”CPTypeVaultClientTokenV2DTO
Section titled “CPTypeVaultClientTokenV2DTO”ClientIdentifierExternalDTO
Section titled “ClientIdentifierExternalDTO”Type: object
Properties:
- name (optional): string | null
- displayName (optional): string | null
- environmentPath (optional): string | null
- isSupported (optional): boolean
ClientRequestDTO
Section titled “ClientRequestDTO”Type: object
Properties:
- version (required): string
- network (required): any
ClientWorkloadExternalDTO
Section titled “ClientWorkloadExternalDTO”Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- identities (optional): Array
- standaloneCertificateAuthority (optional): string (uuid) | null - Standalone Certificate Authority associated with this Client Workload
- type (optional): string | null
- accessPolicyCount (optional): integer (int32) - Access Policies associated with this Client Workload
ClientWorkloadIdentityDTO
Section titled “ClientWorkloadIdentityDTO”Type: object
Properties:
- type (optional): string | null
- value (required): string
ClientWorkloadListDTO
Section titled “ClientWorkloadListDTO”Page of Client Workloads
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32)
- recordsTotal (optional): integer (int32)
- clientWorkloads (optional): Array
ClientWorkloadPatchDTO
Section titled “ClientWorkloadPatchDTO”Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity - identities (optional): Array
CreatePolicyDTO
Section titled “CreatePolicyDTO”Create/Update Access Policy
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- credentialProviders (optional): Array
- Credential Providers associated with this Access Policy - trustProviders (optional): Array<string (uuid)> - Trust Providers associated with this Access Policy
- accessConditions (optional): Array<string (uuid)> - Access Conditions associated with this Access Policy
- clientWorkload (required): string (uuid) - Client Workload associated with this Access Policy
- serverWorkload (required): string (uuid) - Server Workload associated with this Access Policy
CredentialProviderDTO
Section titled “CredentialProviderDTO”Individual Credential Provider
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- type (required): string - Credential Provider Type (e.g. oauth-client-credential, username-password, etc.)
- roleId (optional): string (uuid) | null - Credential Provider Role for use with Aembit Access Token type Credential Providers
- lifetimeTimeSpanSeconds (optional): integer (int32) - The Lifetime of a Credential Provider’s credential value
- lifetimeExpiration (optional): string (date-time) | null - The expiration timestamp for a Credential Provider’s credential value
- providerDetailJSON (optional): string | null - JSON representation of the Credential Provider configuration details
- accessPolicyCount (optional): integer (int32) - Access Policies associated with this Credential Provider
CredentialProviderIntegrationDTO
Section titled “CredentialProviderIntegrationDTO”Individual Credential Provider Integration
Type: object
Properties:
- type (required): any
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- tokenExpiration (optional): string (date-time) | null
- lastOperationTimestamp (optional): string (date-time) | null
- status (optional): string | null
- errorMessage (optional): string | null
CredentialProviderIntegrationPatchDTO
Section titled “CredentialProviderIntegrationPatchDTO”Patch Request for an individual Credential Provider Integration
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
CredentialProviderIntegrationType
Section titled “CredentialProviderIntegrationType”Type: string
Possible values: GitLab, AwsIamRole
CredentialProviderPatchDTO
Section titled “CredentialProviderPatchDTO”Patch request for an individual Credential Provider
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity - providerDetailJSON (optional): string | null - JSON representation of the Credential Provider configuration details
- type (optional): string | null - Credential Provider Type (e.g. oauth-client-credential, username-password, etc.)
CredentialProviderUIDTO
Section titled “CredentialProviderUIDTO”Individual Credential Provider
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- type (required): string - Credential Provider Type (e.g. oauth-client-credential, username-password, etc.)
- roleId (optional): string (uuid) | null - Credential Provider Role for use with Aembit Access Token type Credential Providers
- lifetimeTimeSpanSeconds (optional): integer (int32) - The Lifetime of a Credential Provider’s credential value
- lifetimeExpiration (optional): string (date-time) | null - The expiration timestamp for a Credential Provider’s credential value
- providerDetailJSON (optional): string | null - JSON representation of the Credential Provider configuration details
- accessPolicyCount (optional): integer (int32) - Access Policies associated with this Credential Provider
CredentialProviderUIDTOCredentialProviderListDTO
Section titled “CredentialProviderUIDTOCredentialProviderListDTO”Page of Credential Providers
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Credential Providers
- credentialProviders (optional): Array
- Page of Credential Providers
CredentialProviderV2DTO
Section titled “CredentialProviderV2DTO”Type: object
Properties:
- type (required): string
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- lifetimeTimeSpanSeconds (optional): integer (int32)
- lifetimeExpiration (optional): string (date-time) | null
- accessPolicyCount (optional): integer (int32) - Access Policies associated with this Credential Provider
CredentialProviderV2DTOCredentialProviderListDTO
Section titled “CredentialProviderV2DTOCredentialProviderListDTO”Page of Credential Providers
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Credential Providers
- credentialProviders (optional): Array
- Page of Credential Providers
DiscoveryIntegrationDTO
Section titled “DiscoveryIntegrationDTO”Integration details for 3rd party data used by Discovery
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- type (required): string
- syncFrequencySeconds (required): integer (int32)
- lastSync (optional): string (date-time) | null
- lastSyncStatus (optional): string | null
- endpoint (required): string
- discoveryIntegrationJSON (required): string
DiscoveryIntegrationListDTO
Section titled “DiscoveryIntegrationListDTO”Page of Integrations
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Integrations
- integrations (optional): Array
- Page of Integrations
DiscoveryIntegrationPatchDTO
Section titled “DiscoveryIntegrationPatchDTO”Patch request for an individual Integration
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
EntityMetaDTO
Section titled “EntityMetaDTO”Type: object
Properties:
- externalId (optional): string (uuid)
- name (optional): string | null
- isActive (optional): boolean
- tags (optional): Array
EntityPatchDTO
Section titled “EntityPatchDTO”Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
EventDTO
Section titled “EventDTO”Type: object
Properties:
- meta (optional): any
- network (optional): any
- outcome (optional): any
EventListDTO
Section titled “EventListDTO”Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32)
- recordsTotal (optional): integer (int32)
- workloadEvents (optional): Array
EventMetaDTO
Section titled “EventMetaDTO”Type: object
Properties:
- timestamp (optional): string (date-time)
- eventType (optional): string | null
- eventId (optional): string | null
- resourceSetId (optional): string (uuid)
- policyId (optional): string | null
- action (optional): string | null
- connectionId (optional): string | null
- severity (optional): string | null
EventNetworkDTO
Section titled “EventNetworkDTO”Type: object
Properties:
- clientWorkloadIP (optional): string | null
- clientWorkloadPort (optional): integer (int32)
- serverWorkloadIP (optional): string | null
- serverWorkloadPort (optional): integer (int32) | null
- proxyPort (optional): integer (int32) | null
EventOutcomeDTO
Section titled “EventOutcomeDTO”Type: object
Properties:
- result (optional): string | null
EventResultDTO
Section titled “EventResultDTO”Type: object
Properties:
- reason (optional): string | null
- attribute (optional): string | null
- expectedValue (optional): string | null
- actualValue (optional): string | null
GenericResponseDTO
Section titled “GenericResponseDTO”DTO for a Generic API Response
Type: object
Properties:
- success (optional): boolean - True if the API call was successful, False otherwise
- message (optional): string | null - Message to indicate why the API call failed
- id (optional): integer (int32) - Unique identifier of the API response
GetPolicyDTO
Section titled “GetPolicyDTO”Individual Access Policy
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- clientWorkload (optional): any
- serverWorkload (optional): any
- trustProviders (optional): Array
- Trust Providers associated with this Access Policy - credentialProviders (optional): Array
- Credential Providers associated with this Access Policy - accessConditions (optional): Array
- Access Conditions associated with this Access Policy
GetPolicyDTOListDTO
Section titled “GetPolicyDTOListDTO”Type: object
Properties:
- page (optional): integer (int32) - Current page number of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of entities available
- entities (optional): Array
- Page of entities for this request
GetSignInPolicyDTO
Section titled “GetSignInPolicyDTO”Type: object
Properties:
- ssoRequired (optional): boolean
- mfaRequired (optional): boolean
GitLabCredentialProviderIntegrationDTO
Section titled “GitLabCredentialProviderIntegrationDTO”Individual Credential Provider Integration
GuidStringKeyValuePairDto
Section titled “GuidStringKeyValuePairDto”Type: object
Properties:
- key (optional): string (uuid)
- value (optional): string | null
HealthDTO
Section titled “HealthDTO”Aembit Health Status
Type: object
Properties:
- status (optional): string | null - Aembit Health Status
- version (optional): string | null - Aembit Cloud Version
- gitSHA (optional): string | null - Aembit Cloud Version Git SHA
- host (optional): string | null - Aembit Cloud Requested Hostname
- user (optional): string | null - Aembit Cloud Authenticated User Email
- userFullName (optional): string | null - Aembit Cloud Authenticated User Full Name
- tenant (optional): string | null - Aembit Cloud Tenant ID
- sessionExpiresAt (optional): string | null - Aembit Cloud Session Expiration
IntegrationDTO
Section titled “IntegrationDTO”Integration details for 3rd party data used by Access Conditions
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- type (required): string
- syncFrequencySeconds (required): integer (int32)
- lastSync (optional): string (date-time) | null
- lastSyncStatus (optional): string | null
- endpoint (required): string
- integrationJSON (required): object
- accessConditionsCount (optional): integer (int32)
IntegrationListDTO
Section titled “IntegrationListDTO”Page of Integrations
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Integrations
- integrations (optional): Array
- Page of Integrations
IntegrationPatchDTO
Section titled “IntegrationPatchDTO”Patch request for an individual Integration
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
JWTClaimDTO
Section titled “JWTClaimDTO”Type: object
Properties:
- key (optional): string | null
- value (optional): string | null
- valueType (optional): string | null
JsonNode
Section titled “JsonNode”Type: object
Properties:
- options (optional): any
- parent (optional): any
- root (optional): any
JsonNodeOptions
Section titled “JsonNodeOptions”Type: object
Properties:
- propertyNameCaseInsensitive (optional): boolean
ListCredentialProviderIntegrationDTO
Section titled “ListCredentialProviderIntegrationDTO”Page of Credential Provider Integrations
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- url (optional): string | null
- type (optional): any
- status (optional): string | null
- lastOperationTimestamp (optional): string (date-time) | null
ListCredentialProviderIntegrationDTOListDTO
Section titled “ListCredentialProviderIntegrationDTOListDTO”Type: object
Properties:
- page (optional): integer (int32) - Current page number of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of entities available
- entities (optional): Array
- Page of entities for this request
LogStreamDTO
Section titled “LogStreamDTO”Individual Log Stream
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- id (optional): integer (int32)
- dataType (required): string - Log Stream Data Type (e.g. AuditLogs, etc.)
- type (required): any
- inProgTransactionCount (optional): integer (int32) - Log Stream In Progress Transaction Count
- completedTransactionCount (optional): integer (int32) - Log Stream Completed Transaction Count
- erroredTransactionCount (optional): integer (int32) - Log Stream Errored Transaction Count
LogStreamDestinationType
Section titled “LogStreamDestinationType”Type: string
Possible values: AwsS3Bucket, GcsBucket, SplunkHttpEventCollector, CrowdstrikeHttpEventCollector
LogStreamListDTO
Section titled “LogStreamListDTO”Page of Log Streams
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Log Streams
- logStreams (optional): Array
- Page of Log Streams
LogStreamPatchDTO
Section titled “LogStreamPatchDTO”Patch Request for an individual of Log Stream
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
MFASignInPolicyDTO
Section titled “MFASignInPolicyDTO”Type: object
Properties:
- mfaRequired (optional): boolean
NetworkDTO
Section titled “NetworkDTO”Type: object
Properties:
- sourceIP (required): string
- sourcePort (required): integer (int32)
- transportProtocol (required): string
- proxyPort (required): integer (int32)
- targetHost (optional): string | null
- targetPort (optional): integer (int32)
PatchPolicyV2DTO
Section titled “PatchPolicyV2DTO”Patch request for an Access Policy
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity - clientWorkload (optional): string (uuid) - Client Workload associated with this Access Policy
- serverWorkload (optional): string (uuid) - Server Workload associated with this Access Policy
- credentialProviders (optional): Array
- Credential Providers associated with this Access Policy - trustProviders (optional): Array<string (uuid)> - Trust Providers associated with this Access Policy
- accessConditions (optional): Array<string (uuid)> - Access Conditions associated with this Access Policy
PermissionDTO
Section titled “PermissionDTO”Individual Permission details
Type: object
Properties:
- name (optional): string | null - Name of the Permission Target
- read (optional): boolean - True if this permission allows access to Read the Permission Target, False otherwise
- write (optional): boolean - True if this permission allows access to Write the Permission Target, False otherwise
- isWritable (optional): boolean - True if this permission allows access to Write the Permission Target, False otherwise
- isReadable (optional): boolean - True if this permission allows access to Read the Permission Target, False otherwise
- accessLevel (optional): string | null - Description of the Permission level
PolicyCredentialMappingDTO
Section titled “PolicyCredentialMappingDTO”Access Policy Credential Mappings
Type: object
Properties:
- credentialProviderId (required): string (uuid) - CredentialProviderId
- mappingType (required): any
- accountName (optional): string | null - Snowflake Username
- headerName (optional): string | null - Header Name
- headerValue (optional): string | null - Header Value
- httpbodyFieldPath (optional): string | null - HttpBody Field Path
- httpbodyFieldValue (optional): string | null - HttpBody Field Value
PolicyCredentialProviderMappingTypes
Section titled “PolicyCredentialProviderMappingTypes”Type: string
Possible values: None, AccountName, HttpHeader, HttpBody
PolicyDTO
Section titled “PolicyDTO”Individual Access Policy
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- credentialProvider (optional): string (uuid) | null - Credential Provider associated with this Access Policy
- trustProviders (optional): Array<string (uuid)> - Trust Providers associated with this Access Policy
- accessConditions (optional): Array<string (uuid)> - Access Conditions associated with this Access Policy
- clientWorkload (required): string (uuid) - Client Workload associated with this Access Policy
- serverWorkload (required): string (uuid) - Server Workload associated with this Access Policy
- clientWorkloadDetails (optional): any
- serverWorkloadDetails (optional): any
- policyNotes (optional): Array
- Policy Notes for this Access Policy
PolicyExternalDTO
Section titled “PolicyExternalDTO”Individual Access Policy
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- clientWorkload (optional): any
- trustProviders (optional): Array
- Details of the Trust Providers associated with this Access Policy - accessConditions (optional): Array
- Details of the Access Conditions associated with this Access Policy - credentialProvider (optional): any
- serverWorkload (optional): any
- policyNotes (optional): Array
- Policy Notes for this Access Policy
PolicyListDTO
Section titled “PolicyListDTO”Page of Access Policies
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Access Policies
- accessPolicies (optional): Array
- Page of Access Policies
PolicyNoteDTO
Section titled “PolicyNoteDTO”Individual Note created for an Access Policy
Type: object
Properties:
- note (required): string - Note added to an Access Policy by a User
- createdAt (optional): string (date-time) - Timestamp the Note was created
- createdBy (optional): string | null - Email address of the User who created the Access Policy Note
PolicyNoteDTOListDTO
Section titled “PolicyNoteDTOListDTO”Type: object
Properties:
- page (optional): integer (int32) - Current page number of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of entities available
- entities (optional): Array
- Page of entities for this request
PolicyPatchDTO
Section titled “PolicyPatchDTO”Patch request for an Access Policy
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity - clientWorkload (optional): string (uuid) - Client Workload associated with this Access Policy
- serverWorkload (optional): string (uuid) - Server Workload associated with this Access Policy
- credentialProvider (optional): string (uuid) | null - Credential Provider associated with this Access Policy
- trustProviders (optional): Array<string (uuid)> - Trust Providers associated with this Access Policy
- accessConditions (optional): Array<string (uuid)> - Access Conditions associated with this Access Policy
PublicKeyValidationDTO
Section titled “PublicKeyValidationDTO”Response to a request for Public Key Validation
Type: object
Properties:
- isValidContent (optional): boolean - True if the Public Key was valid, False otherwise
- thumbprint (optional): string | null - Thumbprint of the Public Key
- expirationDate (optional): string | null - Expiration of the Public Key Certificate
- certificateSubject (optional): string | null - Subject of the Public Key Certificate
- message (optional): string | null - Message describing why the Public Key was not valid if IsValidContent is False
RequestMetadaAembitDTO
Section titled “RequestMetadaAembitDTO”Type: object
Properties:
- clientId (optional): string | null
RequestMetadaAwsDTO
Section titled “RequestMetadaAwsDTO”Type: object
Properties:
- accountId (optional): string | null
- instanceId (optional): string | null
- region (optional): string | null
- ecs (optional): any
- lambda (optional): any
RequestMetadaAzureDTO
Section titled “RequestMetadaAzureDTO”Type: object
Properties:
- vmId (optional): string | null
- subscriptionId (optional): string | null
RequestMetadaEcsDTO
Section titled “RequestMetadaEcsDTO”Type: object
Properties:
- taskFamily (optional): string | null
- serviceName (optional): string | null
RequestMetadaGcpDTO
Section titled “RequestMetadaGcpDTO”Type: object
Properties:
- serviceAccount (optional): string | null
RequestMetadaGithubDTO
Section titled “RequestMetadaGithubDTO”Type: object
Properties:
- repository (optional): string | null
- subject (optional): string | null
RequestMetadaGitlabDTO
Section titled “RequestMetadaGitlabDTO”Type: object
Properties:
- namespacePath (optional): string | null
- projectPath (optional): string | null
- refPath (optional): string | null
- subject (optional): string | null
RequestMetadaHostDTO
Section titled “RequestMetadaHostDTO”Type: object
Properties:
- hostname (optional): string | null
RequestMetadaKubernetesDTO
Section titled “RequestMetadaKubernetesDTO”Type: object
Properties:
- namespace (optional): string | null
- podName (optional): string | null
- serviceAccountName (optional): string | null
- serviceAccountUID (optional): string | null
RequestMetadaLambdaDTO
Section titled “RequestMetadaLambdaDTO”Type: object
Properties:
- arn (optional): string | null
RequestMetadaNetworkDTO
Section titled “RequestMetadaNetworkDTO”Type: object
Properties:
- sourceIP (optional): string | null
RequestMetadaProcessDTO
Section titled “RequestMetadaProcessDTO”Type: object
Properties:
- name (optional): string | null
- userName (optional): string | null
RequestMetadaTerraformDTO
Section titled “RequestMetadaTerraformDTO”Type: object
Properties:
- workspaceId (optional): string | null
- organizationId (optional): string | null
- projectId (optional): string | null
ResourceSetDTO
Section titled “ResourceSetDTO”Individual Resource Set
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- serverWorkloadCount (optional): integer (int32) | null - Server Workloads associated with this Resource Set
- clientWorkloadCount (optional): integer (int32) | null - Client Workloads associated with this Resource Set
- accessPolicyCount (optional): integer (int32) | null - Access Policies associated with this Resource Set
- trustProviderCount (optional): integer (int32) | null - Trust Providers associated with this Resource Set
- accessConditionCount (optional): integer (int32) | null - Access Conditions associated with this Resource Set
- credentialProviderCount (optional): integer (int32) | null - Credential Providers associated with this Resource Set
- roles (optional): Array<string (uuid)> - Roles associated with this Resource Set
- rolesDetails (optional): Array
- Details of the Roles associated with this Resource Set - users (optional): Array
- Users associated with this Resource Set - standaloneCertificateAuthority (optional): string (uuid) | null - Standalone Certificate Authority associated with this Resource Set
ResourceSetDTOListDTO
Section titled “ResourceSetDTOListDTO”Type: object
Properties:
- page (optional): integer (int32) - Current page number of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of entities available
- entities (optional): Array
- Page of entities for this request
ResourceSetPatchDTO
Section titled “ResourceSetPatchDTO”Patch Request for an Individual Resource Set
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
RoleDTO
Section titled “RoleDTO”Individual Role
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- usersCount (optional): integer (int32) - Number of Users associated with this Role
- credentialProvidersCount (optional): integer (int32) - Number of Credential Providers associated with this Role
- isSystem (optional): boolean - True if this is a system included Role (e.g. SuperAdmin or Auditor)
- permissions (optional): Array
- Permissions assigned to this Role - resourceSets (optional): Array
- Resource Sets assigned to this Role
RoleListDTO
Section titled “RoleListDTO”Page of Roles
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Roles
- roles (optional): Array
- Page of Roles
RolePatchDTO
Section titled “RolePatchDTO”Patch request for an individual Role
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
RoutingDTO
Section titled “RoutingDTO”Individual Routing
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSetId (required): string (uuid) - ID of the Resource Set related to routing
- proxyUrl (required): string - URL of the proxy. The format is http(s)://server:port
RoutingDTOListDTO
Section titled “RoutingDTOListDTO”Type: object
Properties:
- page (optional): integer (int32) - Current page number of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of entities available
- entities (optional): Array
- Page of entities for this request
RoutingPatchDTO
Section titled “RoutingPatchDTO”Patch request for an individual Routing
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
SSOIdentityProviderDTO
Section titled “SSOIdentityProviderDTO”Individual SSO Identity Provider
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- entityId (optional): string | null - SAML Entity ID of the remote SSO Identity Provider
- metadataUrl (optional): string | null - Metadata URL of the remote SSO Identity Provider
- metadataXml (optional): string | null - Metadata XML content of the remote SSO Identity Provider
- samlStatementRoleMappings (optional): Array
- Collection of mappings of SAML attributes to Aembit roles
SSOIdentityProviderDTOListDTO
Section titled “SSOIdentityProviderDTOListDTO”Type: object
Properties:
- page (optional): integer (int32) - Current page number of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of entities available
- entities (optional): Array
- Page of entities for this request
SSOIdentityProviderPatchDTO
Section titled “SSOIdentityProviderPatchDTO”Patch request for an individual SSO Identity Provider
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity
SSOSignInPolicyDTO
Section titled “SSOSignInPolicyDTO”Type: object
Properties:
- ssoRequired (optional): boolean
SamlStatementRoleMappingDTO
Section titled “SamlStatementRoleMappingDTO”Represents a mapping of a SAML attribute to an Aembit role
Type: object
Properties:
- attributeName (optional): string | null - SAML Attribute name
- attributeValue (optional): string | null - SAML Attribute value
- roleExternalId (optional): string (uuid) - Aembit Role ID
ServerWorkloadExternalDTO
Section titled “ServerWorkloadExternalDTO”Individual Server Workload
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- serviceEndpoint (required): any
- type (optional): string | null - Type of Server Workload
- accessPolicyCount (optional): integer (int32) - Access Policies associated with this Server Workload
ServerWorkloadListDTO
Section titled “ServerWorkloadListDTO”Page of Server Workloads
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32)
- recordsTotal (optional): integer (int32)
- serverWorkloads (optional): Array
SettingDTO
Section titled “SettingDTO”Type: object
Properties:
- name (required): string
- value (required): string
StandaloneCertificatePatchDTO
Section titled “StandaloneCertificatePatchDTO”Patch Request for an Individual Standalone Certificate Authority
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity - leafLifetime (optional): integer (int32) | null
StandaloneCertificateRequestDTO
Section titled “StandaloneCertificateRequestDTO”Individual Standalone Certificate Authority
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- leafLifetime (required): integer (int32) - Leaf certificate lifetime value for this Standalone Certificate Authority
StandaloneCertificateResponseDTO
Section titled “StandaloneCertificateResponseDTO”Individual Standalone Certificate Authority
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- leafLifetime (required): integer (int32) - Leaf certificate lifetime value for this Standalone Certificate Authority
- notBefore (optional): string (date-time) - Not before value of the Root CA for this Standalone Certificate Authority
- notAfter (optional): string (date-time) - Not after value of the Root CA for this Standalone Certificate Authority
- clientWorkloadCount (optional): integer (int32) | null - Client Workloads associated with this Standalone Certificate Authority
StandaloneCertificateResponseDTOListDTO
Section titled “StandaloneCertificateResponseDTOListDTO”Type: object
Properties:
- page (optional): integer (int32) - Current page number of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP StatusCode for the current result
- recordsTotal (optional): integer (int32) - Total number of entities available
- entities (optional): Array
- Page of entities for this request
StringStringKeyValuePair
Section titled “StringStringKeyValuePair”Type: object
Properties:
- key (optional): string | null
- value (optional): string | null
TagDTO
Section titled “TagDTO”Aembit Entity Tag Details
Type: object
Properties:
- key (required): string - Tag Key
- value (required): string - Tag Key Value
TrustProviderDTO
Section titled “TrustProviderDTO”Individual Trust Provider
Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- id (optional): integer (int32) - Trust Provider Id
- provider (required): string - Trust Provider Type
- matchRules (optional): Array
- Trust Provider Match Rules - certificate (optional): string | null - Trust Provider Certificate or Public Key for cryptographic attestation
- jwks (optional): string | null - Jwks Content for cryptographic attestation
- publicKeyValidation (optional): any
- oidcUrl (optional): string | null - OIDC URL to use for retrieving JWKS Public Keys
- symmetricKey (optional): string | null - Symmetric Key
- pemType (optional): string | null - PEM Input Type
- accessPolicyCount (optional): integer (int32) - Access Policies associated with this Trust Provider
- agentControllersCount (optional): integer (int32) - Agent Controllers associated with this Trust Provider
- agentControllerIds (optional): Array<string (uuid)> - Agent Controller IDs associated with this Trust Provider
TrustProviderItemDTO
Section titled “TrustProviderItemDTO”Type: object
Properties:
- externalId (optional): string (uuid)
- name (optional): string | null
TrustProviderListDTO
Section titled “TrustProviderListDTO”Page of Trust Providers
Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32) - HTTP Status Code of the response
- recordsTotal (optional): integer (int32) - Total number of Trust Providers
- trustProviders (optional): Array
- Page of Trust Providers
TrustProviderMatchRuleDTO
Section titled “TrustProviderMatchRuleDTO”Individual Match Rule to enforce during Trust Provider attestation
Type: object
Properties:
- attribute (required): string - Match Rule Attribute
- value (required): string - Match Rule Attribute Value
TrustProviderPatchDTO
Section titled “TrustProviderPatchDTO”Patch request for an individual Trust Provider
Type: object
Properties:
- name (optional): string | null - New Name for the identified entity
- description (optional): string | null - New Description for the identified entity
- isActive (optional): boolean (boolean) | null - New Status for the identified entity
- tags (optional): Array
- New Tags for the identified entity - provider (optional): string | null - Trust Provider Type
- matchRules (optional): Array
- Trust Provider Match Rules - oidcUrl (optional): string | null - OIDC URL to use for retrieving JWKS Public Keys
- pemType (optional): string | null - PEM Input Type
- certificate (optional): string | null - Trust Provider Certificate or Public Key for cryptographic attestation
- jwks (optional): string | null - Jwks Content for cryptographic attestation
- symmetricKey (optional): string | null - Symmetric Key
- publicKeyValidation (optional): any
UserAgentDTO
Section titled “UserAgentDTO”DTO for the HTTP User Agent of an individual Aembit Audit Log
Type: object
Properties:
- browser (optional): string | null - The browser as determined from the HTTP User Agent
- operatingSystem (optional): string | null - The operating system as determined from the HTTP User Agent
- raw (optional): string | null - The raw HTTP User Agent
UserDTO
Section titled “UserDTO”Type: object
Properties:
- email (required): string (email)
- externalId (optional): string (uuid)
- roles (optional): Array<string (uuid)>
- rolesDetails (optional): Array
- firstName (required): string
- lastName (required): string
- phoneNumber (optional): string | null
- createdAt (optional): string (date-time)
- isActive (optional): boolean
- twoFactorEnabled (optional): boolean
- isLocked (optional): boolean
- tags (optional): Array
- userTokens (optional): Array
UserListDTO
Section titled “UserListDTO”Type: object
Properties:
- page (optional): integer (int32) - Page of entities
- perPage (optional): integer (int32) - Number of entities requested for the current page
- order (optional): string | null - Ordering criteria used for the current page
- statusCode (optional): integer (int32)
- recordsTotal (optional): integer (int32)
- users (optional): Array
UserPatchDTO
Section titled “UserPatchDTO”Type: object
Properties:
- email (optional): string | null
- firstName (optional): string | null
- lastName (optional): string | null
- phoneNumber (optional): string | null
- isActive (optional): boolean | null
UserTokensDTO
Section titled “UserTokensDTO”Type: object
Properties:
- id (optional): string (uuid)
- name (optional): string | null
- verified (optional): boolean
- createdAt (optional): string (date-time)
WorkloadExternalDTO
Section titled “WorkloadExternalDTO”Type: object
Properties:
- externalId (optional): string (uuid)
- name (required): string - Name of the Entity
- description (optional): string | null - Description of the Entity
- isActive (required): boolean (boolean) - True/False value that determines if this entity is Active or Disabled
- tags (optional): Array
- createdAt (optional): string (date-time)
- modifiedAt (optional): string (date-time) | null
- createdBy (optional): string | null
- modifiedBy (optional): string | null
- resourceSet (required): string (uuid) - ID of the Resource Set in which this Access Entity exists
- trustProviders (optional): Array
- credentialProviderId (optional): string (uuid) | null
- credentialProviderText (optional): string | null
- workloadServiceEndpoints (optional): Array<string (uuid)>
- serviceEndpoint (optional): any
- type (optional): string | null
WorkloadServiceAuthenticationDTO
Section titled “WorkloadServiceAuthenticationDTO”Authentication configuration for a Server Workload
Type: object
Properties:
- method (required): string - Authentication Method
- scheme (required): string - Authentication Scheme
- config (optional): string | null - Authentication Configuration
WorkloadServiceEndpointDTO
Section titled “WorkloadServiceEndpointDTO”Service Endpoint for a Server Workload
Type: object
Properties:
- externalId (optional): string | null - External ID of the Service Endpoint
- id (optional): integer (int32) - ID of the Service Endpoint
- host (required): string - Hostname or IP Address
- appProtocol (required): string - Application Protocol
- transportProtocol (required): string - Transport Protocol (e.g. TCP)
- requestedPort (required): integer (int32) - The target port as specified by the Client Workload
- requestedTls (required): boolean - The TLS encryption configuration of the Client Workload
- port (required): integer (int32) - The target port to which the Agent/Proxy will communicate
- tls (required): boolean - The TLS encryption configuration which will be used by the Agent/Proxy
- workloadServiceAuthentication (optional): any
- tlsVerification (required): string - TLS Verification configuration for the Agent/Proxy to Server Workload connection
- httpHeaders (optional): Array
- Static HTTP Headers to include for transmission to the Server Workload