{"openapi": "3.0.0", "info": {"title": "Ldap API", "description": "API for ldap service", "version": "4.0.0"}, "servers": [{"url": "https://127.0.0.1/api/ldap/v4"}], "tags": [{"name": "admin", "description": "Admin calls"}, {"name": "internal", "description": "Internal only calls"}], "paths": {"/connect": {"post": {"tags": ["admin"], "summary": "Check connection to LDAP", "operationId": "connect_post", "requestBody": {"content": {"application/json": {"schema": {"$ref": "#/components/schemas/ConnectionPostParams"}}}}, "responses": {"200": {"description": "Connected successfully", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ConnectionPostResponse"}}}}, "default": {"description": "Failed to connect to LDAP", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}}, "/auth": {"post": {"tags": ["internal"], "summary": "Authentication via LDAP", "operationId": "auth_post", "requestBody": {"content": {"application/json": {"schema": {"$ref": "#/components/schemas/AuthPostParams"}}}}, "responses": {"200": {"description": "Successfully authenticated", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SuccessSchema"}}}}, "default": {"description": "Authentication via LDAP failed", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}}, "/setting": {"get": {"tags": ["admin"], "summary": "Get LDAP settings", "operationId": "setting_get", "responses": {"200": {"description": "LDAP settings got successfully. Empty object, if not setup", "content": {"application/json": {"schema": {"oneOf": [{"$ref": "#/components/schemas/SettingGetResponse"}, {"$ref": "#/components/schemas/EmptySchema"}]}}}}, "default": {"description": "Failed to get LDAP settings", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}, "post": {"tags": ["admin"], "summary": "Check connection to LDAP", "operationId": "setting_post", "requestBody": {"content": {"application/json": {"schema": {"$ref": "#/components/schemas/SettingPostParams"}}}}, "responses": {"200": {"description": "LDAP settings set successfully", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SuccessSchema"}}}}, "default": {"description": "Failed to set LDAP settings", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}, "delete": {"tags": ["admin"], "summary": "Delete LDAP settings", "operationId": "setting_delete", "responses": {"200": {"description": "LDAP settings removed successfully", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SuccessSchema"}}}}, "default": {"description": "Failed to remove LDAP settings", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}}, "/user/list": {"post": {"tags": ["admin"], "summary": "Get users to be synced from LDAP", "operationId": "user_list_post", "requestBody": {"content": {"application/json": {"schema": {"$ref": "#/components/schemas/SettingPostParams"}}}}, "responses": {"200": {"description": "Successfully got users for syncing", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SyncPostResponse"}}}}, "default": {"description": "Failed to get users for syncing", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}}, "/user/sync": {"get": {"tags": ["admin"], "summary": "Get users syncing status", "operationId": "user_sync_get", "responses": {"200": {"description": "Successfully got status", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SyncGetResponse"}}}}, "default": {"description": "Failed to get syncing status", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}, "post": {"tags": ["admin"], "summary": "Start users syncing from LDAP", "operationId": "user_sync_post", "requestBody": {"content": {"application/json": {"schema": {"$ref": "#/components/schemas/EmptySchema"}}}}, "responses": {"200": {"description": "Syncing started successfully", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SuccessSchema"}}}}, "default": {"description": "Failed to start syncing", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/ErrorSchema"}}}}}}}}, "components": {"schemas": {"SuccessSchema": {"properties": {"status": {"type": "string", "default": "ok", "enum": ["ok"]}}}, "SyncGetResponse": {"properties": {"is_running": {"type": "boolean", "description": "Is syncing task running"}}}, "ErrorSchema": {"properties": {"error": {"properties": {"code": {"type": "integer"}, "msg": {"type": "string"}, "value": {"type": "string"}}, "type": "object"}}, "type": "object"}, "EmptySchema": {"additionalProperties": false, "properties": {}, "type": "object"}, "ConnectionPostParams": {"type": "object", "additionalProperties": false, "required": ["base_dn", "address", "port", "bind_dn", "password"], "properties": {"type": {"type": "string", "enum": ["ldap", "active_directory", "free_ipa", "ald_pro"], "example": "ldap", "default": "ldap", "description": "Type of LDAP server. If AD or FreeIPA some arguments could not be send, i.e. users DN"}, "base_dn": {"type": "string", "example": "dc=example,dc=com", "description": "Base Distinguished Name - the search will be started from such catalog object"}, "address": {"oneOf": [{"format": "ipv4", "type": "string"}, {"format": "hostname", "type": "string"}], "example": "192.168.0.5"}, "port": {"type": "integer", "example": 389, "default": 389}, "is_ssl": {"type": "boolean", "example": false, "default": false}, "bind_dn": {"type": "string", "example": "cn=admin,dc=example,dc=com", "description": "The bind user DN with database read right"}, "password": {"type": "string", "example": "PaSsWoRd", "description": "The bind user password"}, "users_dn": {"type": "string", "example": "cn=users", "description": "The part for searching users with base DN"}, "groups_dn": {"type": "string", "example": "cn=groups", "description": "The part for searching groups with base DN"}, "groupname_attr": {"type": "string", "example": "memberOf", "description": "The name of group attribute for users searching"}, "email_attr": {"type": "string", "example": "mail", "description": "The name of email attribute for users searching"}, "blocked_attr": {"type": "string", "example": "nsaccountlock", "description": "The name of blocked attribute for users searching"}}}, "AuthPostParams": {"type": "object", "required": ["email", "password"], "properties": {"email": {"description": "User email", "type": "string"}, "password": {"description": "User password", "type": "string"}}}, "ConnectionPostResponse": {"type": "object", "properties": {"groups": {"description": "List of groups found in LDAP", "type": "array", "items": {"type": "string", "example": "cn=admins,cn=groups,dc=example,dc=com"}}}}, "SettingPostParams": {"type": "object", "additionalProperties": false, "required": ["base_dn", "address", "port", "bind_dn", "password", "groups_bind"], "properties": {"type": {"type": "string", "enum": ["ldap", "active_directory", "free_ipa", "ald_pro"], "example": "ldap", "default": "ldap", "description": "Type of LDAP server. If AD or FreeIPA some arguments could not be send, i.e. users DN"}, "base_dn": {"type": "string", "example": "dc=example,dc=com", "description": "Base Distinguished Name - the search will be started from such catalog object"}, "address": {"oneOf": [{"format": "ipv4", "type": "string"}, {"format": "hostname", "type": "string"}], "example": "192.168.0.5"}, "port": {"type": "integer", "example": 389, "default": 389}, "is_ssl": {"type": "boolean", "example": false, "default": false}, "bind_dn": {"type": "string", "example": "cn=admin,dc=example,dc=com", "description": "The bind user DN with database read right"}, "password": {"type": "string", "example": "PaSsWoRd", "description": "The bind user password"}, "users_dn": {"type": "string", "example": "cn=users", "description": "The part for searching users with base DN"}, "groups_dn": {"type": "string", "example": "cn=groups", "description": "The part for searching groups with base DN"}, "groupname_attr": {"type": "string", "example": "memberOf", "description": "The name of group attribute for users searching"}, "email_attr": {"type": "string", "example": "mail", "description": "The name of email attribute for users searching"}, "blocked_attr": {"type": "string", "example": "nsaccountlock", "description": "The name of blocked attribute for users searching"}, "auto_sync": {"type": "string", "nullable": true, "example": "0 16 * * *", "description": "The automaticaly syncing period. Use cron format or null"}, "groups_bind": {"type": "object", "additionalProperties": true, "properties": {"@admin": {"type": "array", "items": {"type": "string"}}, "@user": {"type": "array", "items": {"type": "string"}}}, "example": {"@admin": ["cn=admins,cn=groups,dc=example,dc=com"], "@user": ["cn=users,cn=groups,dc=example,dc=com"]}}}}, "SettingGetResponse": {"type": "object", "properties": {"type": {"type": "string", "enum": ["ldap", "active_directory", "free_ipa", "ald_pro"], "example": "ldap", "default": "ldap", "description": "Type of LDAP server. If AD or FreeIPA some arguments could not be send, i.e. users DN"}, "base_dn": {"type": "string", "example": "dc=example,dc=com", "description": "Base Distinguished Name - the search will be started from such catalog object"}, "address": {"oneOf": [{"format": "ipv4", "type": "string"}, {"format": "hostname", "type": "string"}], "example": "192.168.0.5"}, "port": {"type": "integer", "example": 389, "default": 389}, "is_ssl": {"type": "boolean", "example": false, "default": false}, "bind_dn": {"type": "string", "example": "cn=admin,dc=example,dc=com", "description": "The bind user DN with database read right"}, "password": {"type": "string", "example": "PaSsWoRd", "description": "The bind user password"}, "users_dn": {"type": "string", "example": "cn=users", "description": "The part for searching users with base DN"}, "groups_dn": {"type": "string", "example": "cn=groups", "description": "The part for searching groups with base DN"}, "groupname_attr": {"type": "string", "example": "memberOf", "description": "The name of group attribute for users searching"}, "email_attr": {"type": "string", "example": "mail", "description": "The name of email attribute for users searching"}, "blocked_attr": {"type": "string", "example": "nsaccountlock", "description": "The name of blocked attribute for users searching"}, "groups_bind": {"type": "object", "additionalProperties": true, "properties": {"@admin": {"type": "array", "items": {"type": "string"}}, "@user": {"type": "array", "items": {"type": "string"}}}, "example": {"@admin": ["cn=admins,cn=groups,dc=example,dc=com"], "@user": ["cn=users,cn=groups,dc=example,dc=com"]}}, "auto_sync": {"type": "string", "nullable": true, "example": "0 16 * * *", "description": "The automaticaly syncing period. Use cron format or null"}, "last_sync": {"type": "string", "nullable": true, "format": "datetime", "example": "2021-02-09T18:09:57"}}}, "SyncGetResponseOne": {"type": "object", "properties": {"id": {"type": "integer", "nullable": true, "example": 1, "description": "The user identifier in the platform. Null if new user"}, "email": {"type": "string", "example": "test@example.com", "description": "The user email"}, "role": {"type": "string", "example": "@admin", "description": "The user role in the platform"}, "status": {"type": "string", "enum": ["new", "removed", "blocked", "unblocked"], "example": "new", "description": "What's gone be done with user: * `new` - New user adding or user data changing * `removed` - The user was removed in LDAP and will be blocked at platform * `blocked` - The user was blocked in LDAP and will be blocked at platform * `unblocked` - The user was unblocked or created in LDAP and will be ubblocked at platform\n"}}}, "SyncPostResponse": {"type": "object", "additionalProperties": false, "properties": {"list": {"type": "array", "items": {"$ref": "#/components/schemas/SyncGetResponseOne"}}}}}}}