Automated commit by github action: 7023530373

sailpoint-oss · Nov 28, 2023 · db1daf6 · db1daf6
1 parent f61aea5
commit db1daf6
Show file tree

Hide file tree

Showing 25 changed files with 498 additions and 95 deletions.
diff --git a/static/api-specs/idn/beta/paths/campaigns.yaml b/static/api-specs/idn/beta/paths/campaigns.yaml
@@ -57,7 +57,7 @@ get:
       example: name
   responses:
     '200':
-      description: A list of campaign objects.
+      description: A list of campaign objects. By default list of SLIM campaigns is returned.
       content:
         application/json:
           schema:

diff --git a/static/api-specs/idn/beta/paths/mfa-kba-authenticate.yaml b/static/api-specs/idn/beta/paths/mfa-kba-authenticate.yaml
@@ -0,0 +1,59 @@
+post:
+  operationId: sendKbaAnswers
+  tags:
+    - MFA Controller
+  summary: Authenticate KBA provided MFA method
+  description: >-
+    This API Authenticate user in KBA MFA method.
+  security:
+    - UserContextAuth: [idn:mfa-kba:authenticate]
+  requestBody:
+    required: true
+    content:
+      application/json:
+        schema:
+              $ref: "../schemas/KbaAnswerRequest.yaml"
+        example:
+              {"answers": [
+                {
+                  "questionId": "089899f13a8f4da7824996191587bab9",
+                  "answer": "Your answer"
+                },
+                {
+                  "questionId": "067899f13a8f4da7824996191587bab9",
+                  "answer": "Your answer1"
+                }
+                          ]
+              }
+
+  responses:
+    "200":
+      description: KBA authenticated status.
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/KbaAuthResponse.yaml"
+          example:
+            {
+              "kbaAuthResponseItem": [
+                {
+                  "questionId": "089899f13a8f4da7824996191587bab9",
+                  "IsVerified": false
+                },
+                {
+                  "questionId": "089899f13a8f4da7824996191587bda8",
+                  "IsVerified": true
+                }
+              ],
+              "status": "PENDING"
+            }
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"
diff --git a/static/api-specs/idn/beta/paths/mfa-poll.yaml b/static/api-specs/idn/beta/paths/mfa-poll.yaml
@@ -0,0 +1,54 @@
+post:
+  operationId: pingVerificationStatus
+  tags:
+    - MFA Controller
+  summary: Polling MFA method by VerificationPollRequest
+  description: >-
+    This API poll the VerificationPollRequest for the specified MFA method.
+    A token with ORG_ADMIN authority is required to call this API.
+  security:
+    - UserContextAuth: [idn:mfa:poll]
+  parameters:
+    - in: path
+      name: method
+      schema:
+        type: string
+        example: okta-verify
+      required: true
+      description: >-
+        The name of the MFA method.
+        The currently supported method names are 'okta-verify', 'duo-web', 'kba','token', 'rsa'
+  requestBody:
+    required: true
+    content:
+      application/json:
+        schema:
+          $ref: "../schemas/VerificationPollRequest.yaml"
+        example:
+          {
+            "requestId": "089899f13a8f4da7824996191587bab9"
+          }
+
+  responses:
+    "200":
+      description: MFA VerificationPollRequest status an MFA method.
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/VerificationResponse.yaml"
+          example:
+            {
+              "requestId": "089899f13a8f4da7824996191587bab9",
+              "status": "PENDING",
+              "error" : ""
+            }
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"
diff --git a/static/api-specs/idn/beta/paths/mfa-token-authenticate.yaml b/static/api-specs/idn/beta/paths/mfa-token-authenticate.yaml
@@ -0,0 +1,43 @@
+post:
+  operationId: sendTokenAuthRequest
+  tags:
+    - MFA Controller
+  summary: Authenticate Token provided MFA method
+  description: >-
+    This API Authenticate user in Token MFA method.
+  security:
+    - UserContextAuth: [idn:mfa:verify]
+  requestBody:
+    required: true
+    content:
+      application/json:
+        schema:
+          $ref: "../schemas/TokenAuthRequest.yaml"
+        example:
+          {
+            "token": "12345",
+            "userAlias": "will.albin",
+            "deliveryType": "EMAIL_WORK"
+          }
+
+  responses:
+    "200":
+      description: Token authenticated status.
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/TokenAuthResponse.yaml"
+          example:
+            {
+              "status": "PENDING"
+            }
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"
diff --git a/static/api-specs/idn/beta/paths/mfa-token-send.yaml b/static/api-specs/idn/beta/paths/mfa-token-send.yaml
@@ -0,0 +1,44 @@
+post:
+  operationId: createSendToken
+  tags:
+    - MFA Controller
+  summary: Create and send user token
+  description:
+    This API send token request.
+  security:
+    - UserContextAuth: [idn:mfa:send]
+  requestBody:
+    required: true
+    content:
+      application/json:
+        schema:
+          $ref: "../schemas/SendTokenRequest.yaml"
+        example:
+          {
+            "userAlias": "will.albin",
+            "deliveryType": "EMAIL_WORK"
+          }
+
+  responses:
+    "200":
+      description: Token send status.
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/SendTokenResponse.yaml"
+          example:
+            {
+              "requestId": "089899f13a8f4da7824996191587bab9",
+              "status": "SUCCESS",
+              "errorMessage": ""
+            }
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"
diff --git a/static/api-specs/idn/beta/schemas/Campaign.yaml b/static/api-specs/idn/beta/schemas/Campaign.yaml
@@ -4,12 +4,6 @@ allOf:
   - $ref: 'SlimCampaign.yaml'
   - type: object
     properties:
-      created:
-        type: string
-        readOnly: true
-        format: date-time
-        description: Created time of the campaign
-        example: '2020-03-03T22:15:13.611Z'
       modified:
         type: string
         readOnly: true
@@ -194,22 +188,6 @@ allOf:
             example: Role Composition Description
         required:
           - remediatorRef
-      alerts:
-        type: array
-        description: A list of errors and warnings that have accumulated.
-        readOnly: true
-        items:
-          $ref: './CampaignAlert.yaml'
-      totalCertifications:
-        type: integer
-        description: The total number of certifications in this campaign.
-        readOnly: true
-        example: 100
-      completedCertifications:
-        type: integer
-        description: The number of completed certifications in this campaign.
-        readOnly: true
-        example: 10
       sourcesWithOrphanEntitlements:
         type: array
         description: >-
@@ -243,4 +221,4 @@ allOf:
           - "ALL_DECISIONS"
           - "REVOKE_ONLY_DECISIONS"
           - "NO_DECISIONS"
-        example: NO_DECISIONS
+        example: NO_DECISIONS
diff --git a/static/api-specs/idn/beta/schemas/KbaAnswerRequest.yaml b/static/api-specs/idn/beta/schemas/KbaAnswerRequest.yaml
@@ -0,0 +1,18 @@
+type: object
+properties:
+  answers:
+    nullable: false
+    type: array
+    items:
+        $ref: "../schemas/KbaAnswerRequestItem.yaml"
+
+    description: Kba answers
+    example:
+      - questionId: 089899f13a8f4da7824996191587bab9
+        answer: Your answer
+      - questionId: 067899f13a8f4da7824996191587bab9
+        answer: Your answer1
+required:
+  - answers
+
+
diff --git a/static/api-specs/idn/beta/schemas/KbaAnswerRequestItem.yaml b/static/api-specs/idn/beta/schemas/KbaAnswerRequestItem.yaml
@@ -0,0 +1,15 @@
+type: object
+properties:
+  questionId:
+    type: string
+    nullable: false
+    description: Question Id
+    example: 089899f13a8f4da7824996191587bab9
+  answer:
+    type: string
+    nullable: false
+    description: An answer for the KBA question
+    example: Your answer
+required:
+  - questionId
+  - answer
diff --git a/static/api-specs/idn/beta/schemas/KbaAuthResponse.yaml b/static/api-specs/idn/beta/schemas/KbaAuthResponse.yaml
@@ -0,0 +1,19 @@
+type: object
+properties:
+  kbaAuthResponseItems:
+    type: array
+    example:
+       -  questionId: 089899f13a8f4da7824996191587bab9
+          isVerified: false
+    items:
+      $ref: '../schemas/KbaAuthResponseItem.yaml'
+  status:
+    type: string
+    enum:
+        - PENDING
+        - SUCCESS
+        - FAILED
+        - LOCKOUT
+        - NOT_ENOUGH_DATA
+    description: MFA Authentication status
+    example: PENDING
diff --git a/static/api-specs/idn/beta/schemas/KbaAuthResponseItem.yaml b/static/api-specs/idn/beta/schemas/KbaAuthResponseItem.yaml
@@ -0,0 +1,13 @@
+type: object
+properties:
+  questionId:
+    type: string
+    nullable: true
+    description: The KBA question id
+    example: 089899f13a8f4da7824996191587bab9
+  isVerified:
+    type: boolean
+    nullable: true
+    default: null
+    description: Return true if verified
+    example: true
diff --git a/static/api-specs/idn/beta/schemas/SendTokenRequest.yaml b/static/api-specs/idn/beta/schemas/SendTokenRequest.yaml
@@ -0,0 +1,24 @@
+type: object
+properties:
+  userAlias:
+    nullable: false
+    type: string
+    description: User alias from table spt_identity field named 'name'
+    example: will.albin
+  deliveryType:
+    nullable: false
+    type: string
+    enum:
+      - SMS_PERSONAL #("sms", "phone")
+      - VOICE_PERSONAL #("voice", "phone")
+      - SMS_WORK #("sms", "work")
+      - VOICE_WORK #("voice","work")
+      - EMAIL_WORK #("email"L, "email")
+      - EMAIL_PERSONAL #("email", "personalEmail")
+    description: Token delivery type
+    example: "EMAIL_WORK"
+required:
+  - userAlias
+  - deliveryType
+
+
diff --git a/static/api-specs/idn/beta/schemas/SendTokenResponse.yaml b/static/api-specs/idn/beta/schemas/SendTokenResponse.yaml
@@ -0,0 +1,19 @@
+type: object
+properties:
+  requestId:
+    type: string
+    nullable: true
+    description: The token request ID
+    example: 089899f13a8f4da7824996191587bab9
+  status:
+    type: string
+    enum:
+      - SUCCESS
+      - FAILED
+    description: Status of sending token
+    example: SUCCESS
+  errorMessage:
+    type: string
+    nullable: true
+    description: Error messages from token send request
+    example: Unable to sent text message