From a3f3c5ccb88ac75e20e6912dfb38c95d344a69d8 Mon Sep 17 00:00:00 2001 From: dk670466 Date: Mon, 30 Mar 2026 15:21:11 -0700 Subject: [PATCH 1/3] updated postman collection as per chages in Certificate & keys --- postman/graphman.postman_collection.json | 164 +++++++++++++++++++++-- 1 file changed, 153 insertions(+), 11 deletions(-) diff --git a/postman/graphman.postman_collection.json b/postman/graphman.postman_collection.json index 2d2c8f7..75ba5c7 100755 --- a/postman/graphman.postman_collection.json +++ b/postman/graphman.postman_collection.json @@ -5560,7 +5560,7 @@ "body": { "mode": "graphql", "graphql": { - "query": "query keys {\n keys {\n goid\n keystoreId\n alias\n checksum\n\n keyType\n subjectDn\n p12\n certChain\n }\n}", + "query": "query keys {\n keys {\n goid\n keystoreId\n alias\n checksum\n\n keyType\n subjectDn\n p12\n certChain\n validationStatus\n validationStatusDescription\n }\n}", "variables": "{}" } }, @@ -5582,7 +5582,7 @@ "body": { "mode": "graphql", "graphql": { - "query": "query keyByAlias($alias: String!) {\n keyByAlias(alias : $alias) {\n goid\n keystoreId\n alias\n checksum\n\n keyType\n subjectDn\n p12\n certChain\n }\n}", + "query": "query keyByAlias($alias: String!) {\n keyByAlias(alias : $alias) {\n goid\n keystoreId\n alias\n checksum\n\n keyType\n subjectDn\n p12\n certChain\n validationStatus\n validationStatusDescription\n }\n}", "variables": "{\n \"alias\": \"some-key\"\n}" } }, @@ -6210,7 +6210,7 @@ "body": { "mode": "graphql", "graphql": { - "query": "query trustedCerts {\n trustedCerts {\n goid \n name \n subjectDn \n thumbprintSha1 \n checksum \n \n verifyHostname \n trustAnchor \n trustedFor \n revocationCheckPolicyType \n revocationCheckPolicy { goid name }\n notBefore \n notAfter \n certBase64\n }\n}", + "query": "query trustedCerts {\n trustedCerts {\n goid \n name \n subjectDn \n thumbprintSha1 \n checksum \n \n verifyHostname \n trustAnchor \n trustedFor \n revocationCheckPolicyType \n revocationCheckPolicy { goid name }\n notBefore \n notAfter \n certBase64\n validationStatus\n validationStatusDescription\n }\n}", "variables": "{}" } }, @@ -6232,7 +6232,7 @@ "body": { "mode": "graphql", "graphql": { - "query": "query trustedCertsByDn ($subjectDn: String!) {\n trustedCertsByDn (subjectDn: $subjectDn) {\n goid \n name \n subjectDn \n thumbprintSha1 \n checksum \n \n verifyHostname \n trustAnchor \n trustedFor \n revocationCheckPolicyType \n revocationCheckPolicy { goid name } \n notBefore \n notAfter \n certBase64\n }\n}", + "query": "query trustedCertsByDn ($subjectDn: String!) {\n trustedCertsByDn (subjectDn: $subjectDn) {\n goid \n name \n subjectDn \n thumbprintSha1 \n checksum \n \n verifyHostname \n trustAnchor \n trustedFor \n revocationCheckPolicyType \n revocationCheckPolicy { goid name } \n notBefore \n notAfter \n certBase64\n validationStatus\n validationStatusDescription\n }\n}", "variables": "{\n \"subjectDn\": \"cn=www.example.org,o=internet corporation for assigned names and numbers,l=los angeles,st=california,c=us\"\n}" } }, @@ -6254,7 +6254,7 @@ "body": { "mode": "graphql", "graphql": { - "query": "query trustedCertByThumbprint ($thumbprintSha1: String!) {\n trustedCertByThumbprint (thumbprintSha1: $thumbprintSha1) {\n goid \n name \n subjectDn \n thumbprintSha1 \n checksum \n \n verifyHostname \n trustAnchor \n trustedFor \n revocationCheckPolicyType \n revocationCheckPolicy { goid name } \n notBefore \n notAfter \n certBase64\n }\n}", + "query": "query trustedCertByThumbprint ($thumbprintSha1: String!) {\n trustedCertByThumbprint (thumbprintSha1: $thumbprintSha1) {\n goid \n name \n subjectDn \n thumbprintSha1 \n checksum \n \n verifyHostname \n trustAnchor \n trustedFor \n revocationCheckPolicyType \n revocationCheckPolicy { goid name } \n notBefore \n notAfter \n certBase64\n validationStatus\n validationStatusDescription\n }\n}", "variables": "{\n \"thumbprintSha1\": \"8qrXPTJoO3FtKn1htRxtV2SrOJk=\"\n}" } }, @@ -6271,12 +6271,154 @@ ] } ] - }, - { - "name": "Web API Services", - "item": [ - { - "name": "Mutations", + }, + { + "name": "Runtime Validation Status", + "item": [ + { + "name": "Queries", + "item": [ + { + "name": "All Runtime Validation Statuses", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "graphql", + "graphql": { + "query": "query runtimeValidationStatuses {\n runtimeValidationStatuses {\n certificateGoid\n certificateName\n certificateType\n subjectDn\n issuerDn\n serialNumber\n notBefore\n notAfter\n thumbprintSha256\n status\n validationSource\n statusDescription\n }\n}", + "variables": "{}" + } + }, + "url": { + "raw": "{{source_gw}}", + "host": [ + "{{source_gw}}" + ] + }, + "description": "# All Runtime Validation Statuses\n\nReturns runtime validation statuses for all certificates known to the Gateway. Expiry is always computed on-demand. Revocation status for trusted certificates reflects the most recent CRL/OCSP check from the Gateway's existing caches." + }, + "response": [] + }, + { + "name": "Runtime Validation Statuses by Status", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "graphql", + "graphql": { + "query": "query runtimeValidationStatusesByStatus($status: CertValidationStatus) {\n runtimeValidationStatuses(status: $status) {\n certificateGoid\n certificateName\n certificateType\n status\n statusDescription\n }\n}", + "variables": "{\n \"status\": \"EXPIRED\"\n}" + } + }, + "url": { + "raw": "{{source_gw}}", + "host": [ + "{{source_gw}}" + ] + }, + "description": "# Runtime Validation Statuses by Status\n\nFilter certificates by validation status. Possible values: OK, EXPIRING_SOON, EXPIRED, REVOKED, VALIDATION_ERROR, REVOCATION_NOT_CHECKED." + }, + "response": [] + }, + { + "name": "Runtime Validation Statuses by Certificate Type", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "graphql", + "graphql": { + "query": "query runtimeValidationStatusesByCertType($type: RvsCertificateType) {\n runtimeValidationStatuses(certificateType: $type) {\n certificateGoid\n certificateName\n certificateType\n status\n }\n}", + "variables": "{\n \"type\": \"TRUSTED_CERT\"\n}" + } + }, + "url": { + "raw": "{{source_gw}}", + "host": [ + "{{source_gw}}" + ] + }, + "description": "# Runtime Validation Statuses by Certificate Type\n\nFilter certificates by type. Possible values: PRIVATE_KEY_CERT, TRUSTED_CERT." + }, + "response": [] + }, + { + "name": "Runtime Validation Status by Certificate GOID", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "graphql", + "graphql": { + "query": "query runtimeValidationStatusByCertGoid($goid: ID) {\n runtimeValidationStatuses(certificateGoid: $goid) {\n certificateGoid\n certificateName\n certificateType\n status\n validationSource\n statusDescription\n }\n}", + "variables": "{\n \"goid\": \"\"\n}" + } + }, + "url": { + "raw": "{{source_gw}}", + "host": [ + "{{source_gw}}" + ] + }, + "description": "# Runtime Validation Status by Certificate GOID\n\nFilter to a specific certificate by its Gateway object ID." + }, + "response": [] + }, + { + "name": "Runtime Validation Statuses Expiring Within N Days", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "graphql", + "graphql": { + "query": "query runtimeValidationStatusesExpiringWithinDays($days: Int) {\n runtimeValidationStatuses(expiresWithinDays: $days) {\n certificateGoid\n certificateName\n notAfter\n status\n }\n}", + "variables": "{\n \"days\": 30\n}" + } + }, + "url": { + "raw": "{{source_gw}}", + "host": [ + "{{source_gw}}" + ] + }, + "description": "# Runtime Validation Statuses Expiring Within N Days\n\nReturn only certificates expiring within N days (includes already-expired)." + }, + "response": [] + }, + { + "name": "Runtime Validation Statuses by Status and Certificate Type", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "graphql", + "graphql": { + "query": "query runtimeValidationStatusesByStatusAndType($status: CertValidationStatus, $type: RvsCertificateType) {\n runtimeValidationStatuses(status: $status, certificateType: $type) {\n certificateGoid\n certificateName\n certificateType\n status\n }\n}", + "variables": "{\n \"status\": \"EXPIRING_SOON\",\n \"type\": \"TRUSTED_CERT\"\n}" + } + }, + "url": { + "raw": "{{source_gw}}", + "host": [ + "{{source_gw}}" + ] + }, + "description": "# Runtime Validation Statuses by Status and Certificate Type\n\nCombined filter: retrieve certificates matching both a specific validation status and certificate type." + }, + "response": [] + } + ] + } + ] + }, + { + "name": "Web API Services", + "item": [ + { + "name": "Mutations", "item": [ { "name": "Set Web API Services", From 8a6c315d3bbcbc5eb070bdf0c87ff73cb1b91153 Mon Sep 17 00:00:00 2001 From: dk670466 Date: Mon, 30 Mar 2026 17:35:21 -0700 Subject: [PATCH 2/3] F162647: add schema/v11.2.2 with certificate validation status support - Create schema/v11.2.2/ as a copy of v11.2.1 baseline - Add validationStatus and validationStatusDescription fields to type Key - Add validationStatus and validationStatusDescription fields to type Certificate - Add runtimeValidationStatuses(status: CertValidationStatus) query - Add CertValidationStatus enum (VALID, EXPIRED, REVOKED, UNKNOWN, UNTRUSTED) - Add RvsCertificateType enum (TRUSTED_CERT, PRIVATE_KEY) - Add RvsValidationSource enum (CACHE, ON_DEMAND) - Add CertificateValidationResult type with full runtime validation fields Made-with: Cursor --- schema/v11.2.2/assertions/AddHeader.json | 75 + .../v11.2.2/assertions/AddWsAddressing.json | 73 + .../assertions/AddWssSecurityToken.json | 168 + .../v11.2.2/assertions/AddWssTimestamp.json | 124 + .../assertions/AddWssUsernameToken.json | 117 + schema/v11.2.2/assertions/All.json | 49 + .../ApiPortalAuthAndMgmtServiceInstaller.json | 33 + .../ApiPortalEncassIntegration.json | 33 + .../assertions/ApiPortalIntegration.json | 47 + schema/v11.2.2/assertions/ApplyJSONPatch.json | 77 + schema/v11.2.2/assertions/Audit.json | 53 + schema/v11.2.2/assertions/AuditDetail.json | 47 + .../v11.2.2/assertions/AuditRecordToXml.json | 45 + schema/v11.2.2/assertions/Authentication.json | 56 + schema/v11.2.2/assertions/BufferData.json | 51 + .../assertions/BuildRstSoapRequest.json | 103 + .../assertions/BuildRstrSoapResponse.json | 144 + schema/v11.2.2/assertions/BulkJdbcInsert.json | 112 + schema/v11.2.2/assertions/CORS.json | 83 + schema/v11.2.2/assertions/CacheLookup.json | 60 + schema/v11.2.2/assertions/CacheStorage.json | 69 + .../assertions/CancelSecurityContext.json | 65 + schema/v11.2.2/assertions/CassandraQuery.json | 78 + .../assertions/CertificateAttributes.json | 53 + schema/v11.2.2/assertions/CircuitBreaker.json | 104 + .../assertions/CodeInjectionProtection.json | 75 + schema/v11.2.2/assertions/Comment.json | 39 + .../assertions/ComparisonAssertion.json | 94 + schema/v11.2.2/assertions/ConcurrentAll.json | 49 + schema/v11.2.2/assertions/ContentType.json | 64 + .../assertions/CookieCredentialSource.json | 41 + .../v11.2.2/assertions/CreateJsonWebKey.json | 64 + .../assertions/CreateRoutingStrategy.json | 69 + .../CreateSecurityContextToken.json | 76 + schema/v11.2.2/assertions/CsrSigner.json | 67 + schema/v11.2.2/assertions/CsrfProtection.json | 70 + .../v11.2.2/assertions/CustomAssertion.json | 40 + ....DecodeIDToken.IDTokenDecodeAssertion.json | 133 + ...ateIDToken.IDTokenGenerationAssertion.json | 111 + .../assertions/CustomizeErrorResponse.json | 75 + .../assertions/DecodeJsonWebToken.json | 82 + .../assertions/DistributedRateLimit.json | 54 + .../assertions/EchoRoutingAssertion.json | 55 + schema/v11.2.2/assertions/Email.json | 118 + .../EmbeddedGemfireSharedStateProvider.json | 33 + .../EmbeddedHazelcastSharedStateProvider.json | 33 + schema/v11.2.2/assertions/Encapsulated.json | 51 + schema/v11.2.2/assertions/EncodeDecode.json | 93 + .../assertions/EncodeJsonWebToken.json | 122 + .../assertions/EncryptedUsernameToken.json | 66 + .../assertions/EntityChangeListener.json | 33 + .../EstablishOutboundSecureConversation.json | 103 + .../EvaluateJsonPathExpressionV2.json | 56 + schema/v11.2.2/assertions/ExactlyOne.json | 49 + .../assertions/ExecuteRoutingStrategy.json | 45 + .../v11.2.2/assertions/ExportVariables.json | 39 + .../ExternalGemfireSharedStateProvider.json | 33 + .../assertions/ExternalHazelcastProvider.json | 33 + schema/v11.2.2/assertions/False.json | 33 + schema/v11.2.2/assertions/FaultLevel.json | 136 + schema/v11.2.2/assertions/ForEachLoop.json | 49 + schema/v11.2.2/assertions/FtpCredential.json | 33 + .../assertions/FtpRoutingAssertion.json | 186 + schema/v11.2.2/assertions/GatewayGraphQL.json | 69 + .../v11.2.2/assertions/GatewayManagement.json | 36 + .../GatewayTelemetryDataProvider.json | 33 + .../GenerateOAuthSignatureBaseString.json | 97 + .../v11.2.2/assertions/GeneratePassword.json | 33 + .../assertions/GenerateSecurityHash.json | 58 + .../GenericIdentityManagementService.json | 33 + .../v11.2.2/assertions/GetApiIncrement.json | 33 + schema/v11.2.2/assertions/GetIncrement.json | 33 + .../assertions/GraphQLExtractValue.json | 55 + .../assertions/GraphQLSchemaValidation.json | 108 + schema/v11.2.2/assertions/HandleErrors.json | 47 + .../v11.2.2/assertions/HardcodedResponse.json | 71 + schema/v11.2.2/assertions/HtmlFormData.json | 97 + schema/v11.2.2/assertions/Http2Routing.json | 145 + schema/v11.2.2/assertions/Http2Transport.json | 33 + schema/v11.2.2/assertions/HttpBasic.json | 36 + schema/v11.2.2/assertions/HttpDigest.json | 44 + schema/v11.2.2/assertions/HttpFormPost.json | 51 + schema/v11.2.2/assertions/HttpNegotiate.json | 36 + schema/v11.2.2/assertions/HttpRouting.json | 335 + .../assertions/IcapAntivirusScanner.json | 131 + .../assertions/IdentityAttributes.json | 178 + schema/v11.2.2/assertions/Include.json | 42 + .../v11.2.2/assertions/IncrementPostBack.json | 33 + .../v11.2.2/assertions/IndexLookupByItem.json | 46 + .../assertions/InverseHttpFormPost.json | 39 + .../v11.2.2/assertions/ItemLookupByIndex.json | 48 + schema/v11.2.2/assertions/JSONSchema.json | 103 + schema/v11.2.2/assertions/JavaScript.json | 46 + schema/v11.2.2/assertions/JdbcQuery.json | 87 + schema/v11.2.2/assertions/JmsRouting.json | 210 + schema/v11.2.2/assertions/Join.json | 43 + .../assertions/JsonDocumentStructure.json | 85 + .../assertions/JsonTransformation.json | 105 + schema/v11.2.2/assertions/JwtDecode.json | 46 + schema/v11.2.2/assertions/JwtEncode.json | 61 + schema/v11.2.2/assertions/KafkaConsumer.json | 33 + schema/v11.2.2/assertions/KafkaRouting.json | 118 + schema/v11.2.2/assertions/KafkaTransact.json | 49 + .../assertions/KerberosAuthentication.json | 76 + schema/v11.2.2/assertions/KeyValueLookup.json | 52 + schema/v11.2.2/assertions/KeyValueRemove.json | 44 + .../assertions/KeyValueStatistics.json | 40 + .../v11.2.2/assertions/KeyValueStorage.json | 59 + schema/v11.2.2/assertions/LDAPQuery.json | 121 + schema/v11.2.2/assertions/LDAPUpdate.json | 33 + schema/v11.2.2/assertions/LdapWrite.json | 75 + schema/v11.2.2/assertions/LookupApiKey.json | 44 + .../LookupDynamicContextVariables.json | 66 + ...okupOutboundSecureConversationSession.json | 52 + .../assertions/LookupTrustedCertificate.json | 70 + .../assertions/MTOMDecodeAssertion.json | 86 + .../assertions/MTOMEncodeAssertion.json | 118 + .../assertions/MTOMValidateAssertion.json | 98 + schema/v11.2.2/assertions/ManageApiKey.json | 48 + schema/v11.2.2/assertions/ManageCookie.json | 99 + .../assertions/ManagePortalResource.json | 33 + .../ManipulateMultiValuedVariable.json | 39 + schema/v11.2.2/assertions/MapValue.json | 57 + schema/v11.2.2/assertions/MemberOfGroup.json | 62 + .../v11.2.2/assertions/MessageBuffering.json | 53 + .../assertions/MessageContextAssertion.json | 59 + .../v11.2.2/assertions/MqNativeRouting.json | 216 + .../v11.2.2/assertions/MqNativeSupport.json | 33 + .../v11.2.2/assertions/MysqlClusterInfo.json | 33 + schema/v11.2.2/assertions/MysqlCounter.json | 33 + .../assertions/NonSoapCheckVerifyResults.json | 98 + .../assertions/NonSoapDecryptElement.json | 82 + .../assertions/NonSoapEncryptElement.json | 103 + .../assertions/NonSoapSignElement.json | 127 + .../assertions/NonSoapVerifyElement.json | 109 + .../assertions/NtlmAuthentication.json | 58 + .../assertions/OAuth2Introspection.json | 65 + .../v11.2.2/assertions/OdataValidation.json | 96 + schema/v11.2.2/assertions/OneOrMore.json | 49 + schema/v11.2.2/assertions/OpenApi.json | 108 + schema/v11.2.2/assertions/Operation.json | 36 + schema/v11.2.2/assertions/OtelMeter.json | 65 + schema/v11.2.2/assertions/OversizedText.json | 101 + .../assertions/PolicyBundleInstaller.json | 33 + .../v11.2.2/assertions/PortalBootstrap.json | 40 + schema/v11.2.2/assertions/PortalUpgrade.json | 33 + .../v11.2.2/assertions/ProcessIncrement.json | 33 + .../ProcessRoutingStrategyResult.json | 41 + .../assertions/ProcessRstrSoapResponse.json | 57 + .../ProcessSamlAttributeQueryRequest.json | 134 + .../assertions/ProcessSamlAuthnRequest.json | 80 + .../assertions/RESTGatewayManagement.json | 49 + schema/v11.2.2/assertions/Radius.json | 33 + .../assertions/RadiusAuthenticate.json | 78 + schema/v11.2.2/assertions/RaiseError.json | 33 + schema/v11.2.2/assertions/RateLimit.json | 72 + schema/v11.2.2/assertions/RateLimitQuery.json | 39 + .../assertions/RedisSharedStateProvider.json | 33 + schema/v11.2.2/assertions/Regex.json | 99 + schema/v11.2.2/assertions/RemoteIpRange.json | 48 + schema/v11.2.2/assertions/RemoveElement.json | 60 + .../v11.2.2/assertions/ReplaceTagContent.json | 58 + .../v11.2.2/assertions/RequestSizeLimit.json | 53 + schema/v11.2.2/assertions/RequestSwA.json | 89 + .../assertions/RequestWssKerberos.json | 51 + schema/v11.2.2/assertions/RequestXpath.json | 65 + .../RequireWssEncryptedElement.json | 106 + schema/v11.2.2/assertions/RequireWssSaml.json | 273 + .../v11.2.2/assertions/RequireWssSaml2.json | 274 + .../assertions/RequireWssSignedElement.json | 132 + .../assertions/RequireWssTimestamp.json | 114 + .../assertions/RequireWssX509Cert.json | 70 + schema/v11.2.2/assertions/ResolveService.json | 40 + schema/v11.2.2/assertions/ResponseXpath.json | 68 + .../assertions/RetrieveServiceWsdl.json | 114 + schema/v11.2.2/assertions/SFTPResponse.json | 63 + .../assertions/SamlBrowserArtifact.json | 94 + schema/v11.2.2/assertions/SamlIssuer.json | 312 + schema/v11.2.2/assertions/SamlProtocol.json | 207 + .../assertions/SamlpRequestBuilder.json | 393 + .../assertions/SamlpResponseBuilder.json | 133 + .../assertions/SamlpResponseEvaluation.json | 236 + .../v11.2.2/assertions/SchemaValidation.json | 108 + .../assertions/SecureConversation.json | 48 + schema/v11.2.2/assertions/SelectElement.json | 78 + .../ServiceMetricsEventListener.json | 33 + schema/v11.2.2/assertions/SetSamlStatus.json | 75 + schema/v11.2.2/assertions/SetVariable.json | 88 + .../assertions/SimpleRawTransport.json | 114 + .../assertions/SiteMinderAuthenticate.json | 90 + .../assertions/SiteMinderAuthorize.json | 84 + .../assertions/SiteMinderChangePassword.json | 67 + .../assertions/SiteMinderCheckProtected.json | 77 + .../assertions/SiteMinderEnableUser.json | 61 + schema/v11.2.2/assertions/SnmpTrap.json | 53 + schema/v11.2.2/assertions/SpecificUser.json | 65 + schema/v11.2.2/assertions/Split.json | 51 + schema/v11.2.2/assertions/SqlAttack.json | 63 + schema/v11.2.2/assertions/SshCredential.json | 41 + .../v11.2.2/assertions/SshRouteAssertion.json | 206 + schema/v11.2.2/assertions/Ssl.json | 49 + schema/v11.2.2/assertions/Swagger.json | 60 + .../v11.2.2/assertions/ThroughputQuota.json | 72 + .../assertions/ThroughputQuotaQuery.json | 39 + schema/v11.2.2/assertions/TimeRange.json | 82 + schema/v11.2.2/assertions/Transaction.json | 42 + schema/v11.2.2/assertions/True.json | 33 + .../v11.2.2/assertions/UDDINotification.json | 33 + schema/v11.2.2/assertions/UUIDGenerator.json | 44 + schema/v11.2.2/assertions/Unknown.json | 39 + .../assertions/ValidateCertificate.json | 53 + .../assertions/ValidateNonSoapSamlToken.json | 254 + .../assertions/VariableCredentialSource.json | 48 + schema/v11.2.2/assertions/WebSocket.json | 33 + .../v11.2.2/assertions/WebSocketConnect.json | 37 + .../assertions/WebSocketEntityManager.json | 33 + .../assertions/WebSocketMessageInjection.json | 65 + .../assertions/WebSocketValidation.json | 48 + schema/v11.2.2/assertions/WsAddressing.json | 109 + .../WsFederationPassiveTokenExchange.json | 46 + .../WsFederationPassiveTokenRequest.json | 53 + schema/v11.2.2/assertions/WsSecurity.json | 89 + .../assertions/WsTrustCredentialExchange.json | 58 + schema/v11.2.2/assertions/WsiBsp.json | 57 + schema/v11.2.2/assertions/WsiSaml.json | 57 + schema/v11.2.2/assertions/WssBasic.json | 60 + .../v11.2.2/assertions/WssConfiguration.json | 148 + schema/v11.2.2/assertions/WssDigest.json | 74 + .../v11.2.2/assertions/WssEncryptElement.json | 135 + .../assertions/WssReplayProtection.json | 105 + schema/v11.2.2/assertions/WssSignElement.json | 122 + schema/v11.2.2/assertions/WssVersion.json | 33 + schema/v11.2.2/assertions/Wssp.json | 42 + .../assertions/XMPPAssociateSessions.json | 39 + .../v11.2.2/assertions/XMPPCloseSession.json | 40 + .../XMPPGetAssociatedSessionId.json | 43 + .../assertions/XMPPGetRemoteCertificate.json | 43 + .../assertions/XMPPGetSessionAttribute.json | 46 + .../assertions/XMPPOpenServerSession.json | 40 + .../assertions/XMPPSendToRemoteHost.json | 103 + .../assertions/XMPPSetSessionAttribute.json | 46 + schema/v11.2.2/assertions/XMPPStartTLS.json | 123 + .../v11.2.2/assertions/XacmlPdpAssertion.json | 122 + .../XacmlRequestBuilderAssertion.json | 158 + .../assertions/XpathCredentialSource.json | 85 + .../v11.2.2/assertions/XslTransformation.json | 114 + schema/v11.2.2/assertions/_index.json | 989 ++ schema/v11.2.2/metadata-base.json | 59 + schema/v11.2.2/policy-code-schema.json | 26 + schema/v11.2.2/schema.graphql | 8076 +++++++++++++++++ 250 files changed, 28149 insertions(+) create mode 100644 schema/v11.2.2/assertions/AddHeader.json create mode 100644 schema/v11.2.2/assertions/AddWsAddressing.json create mode 100644 schema/v11.2.2/assertions/AddWssSecurityToken.json create mode 100644 schema/v11.2.2/assertions/AddWssTimestamp.json create mode 100644 schema/v11.2.2/assertions/AddWssUsernameToken.json create mode 100644 schema/v11.2.2/assertions/All.json create mode 100644 schema/v11.2.2/assertions/ApiPortalAuthAndMgmtServiceInstaller.json create mode 100644 schema/v11.2.2/assertions/ApiPortalEncassIntegration.json create mode 100644 schema/v11.2.2/assertions/ApiPortalIntegration.json create mode 100644 schema/v11.2.2/assertions/ApplyJSONPatch.json create mode 100644 schema/v11.2.2/assertions/Audit.json create mode 100644 schema/v11.2.2/assertions/AuditDetail.json create mode 100644 schema/v11.2.2/assertions/AuditRecordToXml.json create mode 100644 schema/v11.2.2/assertions/Authentication.json create mode 100644 schema/v11.2.2/assertions/BufferData.json create mode 100644 schema/v11.2.2/assertions/BuildRstSoapRequest.json create mode 100644 schema/v11.2.2/assertions/BuildRstrSoapResponse.json create mode 100644 schema/v11.2.2/assertions/BulkJdbcInsert.json create mode 100644 schema/v11.2.2/assertions/CORS.json create mode 100644 schema/v11.2.2/assertions/CacheLookup.json create mode 100644 schema/v11.2.2/assertions/CacheStorage.json create mode 100644 schema/v11.2.2/assertions/CancelSecurityContext.json create mode 100644 schema/v11.2.2/assertions/CassandraQuery.json create mode 100644 schema/v11.2.2/assertions/CertificateAttributes.json create mode 100644 schema/v11.2.2/assertions/CircuitBreaker.json create mode 100644 schema/v11.2.2/assertions/CodeInjectionProtection.json create mode 100644 schema/v11.2.2/assertions/Comment.json create mode 100644 schema/v11.2.2/assertions/ComparisonAssertion.json create mode 100644 schema/v11.2.2/assertions/ConcurrentAll.json create mode 100644 schema/v11.2.2/assertions/ContentType.json create mode 100644 schema/v11.2.2/assertions/CookieCredentialSource.json create mode 100644 schema/v11.2.2/assertions/CreateJsonWebKey.json create mode 100644 schema/v11.2.2/assertions/CreateRoutingStrategy.json create mode 100644 schema/v11.2.2/assertions/CreateSecurityContextToken.json create mode 100644 schema/v11.2.2/assertions/CsrSigner.json create mode 100644 schema/v11.2.2/assertions/CsrfProtection.json create mode 100644 schema/v11.2.2/assertions/CustomAssertion.json create mode 100644 schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion.json create mode 100644 schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion.json create mode 100644 schema/v11.2.2/assertions/CustomizeErrorResponse.json create mode 100644 schema/v11.2.2/assertions/DecodeJsonWebToken.json create mode 100644 schema/v11.2.2/assertions/DistributedRateLimit.json create mode 100644 schema/v11.2.2/assertions/EchoRoutingAssertion.json create mode 100644 schema/v11.2.2/assertions/Email.json create mode 100644 schema/v11.2.2/assertions/EmbeddedGemfireSharedStateProvider.json create mode 100644 schema/v11.2.2/assertions/EmbeddedHazelcastSharedStateProvider.json create mode 100644 schema/v11.2.2/assertions/Encapsulated.json create mode 100644 schema/v11.2.2/assertions/EncodeDecode.json create mode 100644 schema/v11.2.2/assertions/EncodeJsonWebToken.json create mode 100644 schema/v11.2.2/assertions/EncryptedUsernameToken.json create mode 100644 schema/v11.2.2/assertions/EntityChangeListener.json create mode 100644 schema/v11.2.2/assertions/EstablishOutboundSecureConversation.json create mode 100644 schema/v11.2.2/assertions/EvaluateJsonPathExpressionV2.json create mode 100644 schema/v11.2.2/assertions/ExactlyOne.json create mode 100644 schema/v11.2.2/assertions/ExecuteRoutingStrategy.json create mode 100644 schema/v11.2.2/assertions/ExportVariables.json create mode 100644 schema/v11.2.2/assertions/ExternalGemfireSharedStateProvider.json create mode 100644 schema/v11.2.2/assertions/ExternalHazelcastProvider.json create mode 100644 schema/v11.2.2/assertions/False.json create mode 100644 schema/v11.2.2/assertions/FaultLevel.json create mode 100644 schema/v11.2.2/assertions/ForEachLoop.json create mode 100644 schema/v11.2.2/assertions/FtpCredential.json create mode 100644 schema/v11.2.2/assertions/FtpRoutingAssertion.json create mode 100644 schema/v11.2.2/assertions/GatewayGraphQL.json create mode 100644 schema/v11.2.2/assertions/GatewayManagement.json create mode 100644 schema/v11.2.2/assertions/GatewayTelemetryDataProvider.json create mode 100644 schema/v11.2.2/assertions/GenerateOAuthSignatureBaseString.json create mode 100644 schema/v11.2.2/assertions/GeneratePassword.json create mode 100644 schema/v11.2.2/assertions/GenerateSecurityHash.json create mode 100644 schema/v11.2.2/assertions/GenericIdentityManagementService.json create mode 100644 schema/v11.2.2/assertions/GetApiIncrement.json create mode 100644 schema/v11.2.2/assertions/GetIncrement.json create mode 100644 schema/v11.2.2/assertions/GraphQLExtractValue.json create mode 100644 schema/v11.2.2/assertions/GraphQLSchemaValidation.json create mode 100644 schema/v11.2.2/assertions/HandleErrors.json create mode 100644 schema/v11.2.2/assertions/HardcodedResponse.json create mode 100644 schema/v11.2.2/assertions/HtmlFormData.json create mode 100644 schema/v11.2.2/assertions/Http2Routing.json create mode 100644 schema/v11.2.2/assertions/Http2Transport.json create mode 100644 schema/v11.2.2/assertions/HttpBasic.json create mode 100644 schema/v11.2.2/assertions/HttpDigest.json create mode 100644 schema/v11.2.2/assertions/HttpFormPost.json create mode 100644 schema/v11.2.2/assertions/HttpNegotiate.json create mode 100644 schema/v11.2.2/assertions/HttpRouting.json create mode 100644 schema/v11.2.2/assertions/IcapAntivirusScanner.json create mode 100644 schema/v11.2.2/assertions/IdentityAttributes.json create mode 100644 schema/v11.2.2/assertions/Include.json create mode 100644 schema/v11.2.2/assertions/IncrementPostBack.json create mode 100644 schema/v11.2.2/assertions/IndexLookupByItem.json create mode 100644 schema/v11.2.2/assertions/InverseHttpFormPost.json create mode 100644 schema/v11.2.2/assertions/ItemLookupByIndex.json create mode 100644 schema/v11.2.2/assertions/JSONSchema.json create mode 100644 schema/v11.2.2/assertions/JavaScript.json create mode 100644 schema/v11.2.2/assertions/JdbcQuery.json create mode 100644 schema/v11.2.2/assertions/JmsRouting.json create mode 100644 schema/v11.2.2/assertions/Join.json create mode 100644 schema/v11.2.2/assertions/JsonDocumentStructure.json create mode 100644 schema/v11.2.2/assertions/JsonTransformation.json create mode 100644 schema/v11.2.2/assertions/JwtDecode.json create mode 100644 schema/v11.2.2/assertions/JwtEncode.json create mode 100644 schema/v11.2.2/assertions/KafkaConsumer.json create mode 100644 schema/v11.2.2/assertions/KafkaRouting.json create mode 100644 schema/v11.2.2/assertions/KafkaTransact.json create mode 100644 schema/v11.2.2/assertions/KerberosAuthentication.json create mode 100644 schema/v11.2.2/assertions/KeyValueLookup.json create mode 100644 schema/v11.2.2/assertions/KeyValueRemove.json create mode 100644 schema/v11.2.2/assertions/KeyValueStatistics.json create mode 100644 schema/v11.2.2/assertions/KeyValueStorage.json create mode 100644 schema/v11.2.2/assertions/LDAPQuery.json create mode 100644 schema/v11.2.2/assertions/LDAPUpdate.json create mode 100644 schema/v11.2.2/assertions/LdapWrite.json create mode 100644 schema/v11.2.2/assertions/LookupApiKey.json create mode 100644 schema/v11.2.2/assertions/LookupDynamicContextVariables.json create mode 100644 schema/v11.2.2/assertions/LookupOutboundSecureConversationSession.json create mode 100644 schema/v11.2.2/assertions/LookupTrustedCertificate.json create mode 100644 schema/v11.2.2/assertions/MTOMDecodeAssertion.json create mode 100644 schema/v11.2.2/assertions/MTOMEncodeAssertion.json create mode 100644 schema/v11.2.2/assertions/MTOMValidateAssertion.json create mode 100644 schema/v11.2.2/assertions/ManageApiKey.json create mode 100644 schema/v11.2.2/assertions/ManageCookie.json create mode 100644 schema/v11.2.2/assertions/ManagePortalResource.json create mode 100644 schema/v11.2.2/assertions/ManipulateMultiValuedVariable.json create mode 100644 schema/v11.2.2/assertions/MapValue.json create mode 100644 schema/v11.2.2/assertions/MemberOfGroup.json create mode 100644 schema/v11.2.2/assertions/MessageBuffering.json create mode 100644 schema/v11.2.2/assertions/MessageContextAssertion.json create mode 100644 schema/v11.2.2/assertions/MqNativeRouting.json create mode 100644 schema/v11.2.2/assertions/MqNativeSupport.json create mode 100644 schema/v11.2.2/assertions/MysqlClusterInfo.json create mode 100644 schema/v11.2.2/assertions/MysqlCounter.json create mode 100644 schema/v11.2.2/assertions/NonSoapCheckVerifyResults.json create mode 100644 schema/v11.2.2/assertions/NonSoapDecryptElement.json create mode 100644 schema/v11.2.2/assertions/NonSoapEncryptElement.json create mode 100644 schema/v11.2.2/assertions/NonSoapSignElement.json create mode 100644 schema/v11.2.2/assertions/NonSoapVerifyElement.json create mode 100644 schema/v11.2.2/assertions/NtlmAuthentication.json create mode 100644 schema/v11.2.2/assertions/OAuth2Introspection.json create mode 100644 schema/v11.2.2/assertions/OdataValidation.json create mode 100644 schema/v11.2.2/assertions/OneOrMore.json create mode 100644 schema/v11.2.2/assertions/OpenApi.json create mode 100644 schema/v11.2.2/assertions/Operation.json create mode 100644 schema/v11.2.2/assertions/OtelMeter.json create mode 100644 schema/v11.2.2/assertions/OversizedText.json create mode 100644 schema/v11.2.2/assertions/PolicyBundleInstaller.json create mode 100644 schema/v11.2.2/assertions/PortalBootstrap.json create mode 100644 schema/v11.2.2/assertions/PortalUpgrade.json create mode 100644 schema/v11.2.2/assertions/ProcessIncrement.json create mode 100644 schema/v11.2.2/assertions/ProcessRoutingStrategyResult.json create mode 100644 schema/v11.2.2/assertions/ProcessRstrSoapResponse.json create mode 100644 schema/v11.2.2/assertions/ProcessSamlAttributeQueryRequest.json create mode 100644 schema/v11.2.2/assertions/ProcessSamlAuthnRequest.json create mode 100644 schema/v11.2.2/assertions/RESTGatewayManagement.json create mode 100644 schema/v11.2.2/assertions/Radius.json create mode 100644 schema/v11.2.2/assertions/RadiusAuthenticate.json create mode 100644 schema/v11.2.2/assertions/RaiseError.json create mode 100644 schema/v11.2.2/assertions/RateLimit.json create mode 100644 schema/v11.2.2/assertions/RateLimitQuery.json create mode 100644 schema/v11.2.2/assertions/RedisSharedStateProvider.json create mode 100644 schema/v11.2.2/assertions/Regex.json create mode 100644 schema/v11.2.2/assertions/RemoteIpRange.json create mode 100644 schema/v11.2.2/assertions/RemoveElement.json create mode 100644 schema/v11.2.2/assertions/ReplaceTagContent.json create mode 100644 schema/v11.2.2/assertions/RequestSizeLimit.json create mode 100644 schema/v11.2.2/assertions/RequestSwA.json create mode 100644 schema/v11.2.2/assertions/RequestWssKerberos.json create mode 100644 schema/v11.2.2/assertions/RequestXpath.json create mode 100644 schema/v11.2.2/assertions/RequireWssEncryptedElement.json create mode 100644 schema/v11.2.2/assertions/RequireWssSaml.json create mode 100644 schema/v11.2.2/assertions/RequireWssSaml2.json create mode 100644 schema/v11.2.2/assertions/RequireWssSignedElement.json create mode 100644 schema/v11.2.2/assertions/RequireWssTimestamp.json create mode 100644 schema/v11.2.2/assertions/RequireWssX509Cert.json create mode 100644 schema/v11.2.2/assertions/ResolveService.json create mode 100644 schema/v11.2.2/assertions/ResponseXpath.json create mode 100644 schema/v11.2.2/assertions/RetrieveServiceWsdl.json create mode 100644 schema/v11.2.2/assertions/SFTPResponse.json create mode 100644 schema/v11.2.2/assertions/SamlBrowserArtifact.json create mode 100644 schema/v11.2.2/assertions/SamlIssuer.json create mode 100644 schema/v11.2.2/assertions/SamlProtocol.json create mode 100644 schema/v11.2.2/assertions/SamlpRequestBuilder.json create mode 100644 schema/v11.2.2/assertions/SamlpResponseBuilder.json create mode 100644 schema/v11.2.2/assertions/SamlpResponseEvaluation.json create mode 100644 schema/v11.2.2/assertions/SchemaValidation.json create mode 100644 schema/v11.2.2/assertions/SecureConversation.json create mode 100644 schema/v11.2.2/assertions/SelectElement.json create mode 100644 schema/v11.2.2/assertions/ServiceMetricsEventListener.json create mode 100644 schema/v11.2.2/assertions/SetSamlStatus.json create mode 100644 schema/v11.2.2/assertions/SetVariable.json create mode 100644 schema/v11.2.2/assertions/SimpleRawTransport.json create mode 100644 schema/v11.2.2/assertions/SiteMinderAuthenticate.json create mode 100644 schema/v11.2.2/assertions/SiteMinderAuthorize.json create mode 100644 schema/v11.2.2/assertions/SiteMinderChangePassword.json create mode 100644 schema/v11.2.2/assertions/SiteMinderCheckProtected.json create mode 100644 schema/v11.2.2/assertions/SiteMinderEnableUser.json create mode 100644 schema/v11.2.2/assertions/SnmpTrap.json create mode 100644 schema/v11.2.2/assertions/SpecificUser.json create mode 100644 schema/v11.2.2/assertions/Split.json create mode 100644 schema/v11.2.2/assertions/SqlAttack.json create mode 100644 schema/v11.2.2/assertions/SshCredential.json create mode 100644 schema/v11.2.2/assertions/SshRouteAssertion.json create mode 100644 schema/v11.2.2/assertions/Ssl.json create mode 100644 schema/v11.2.2/assertions/Swagger.json create mode 100644 schema/v11.2.2/assertions/ThroughputQuota.json create mode 100644 schema/v11.2.2/assertions/ThroughputQuotaQuery.json create mode 100644 schema/v11.2.2/assertions/TimeRange.json create mode 100644 schema/v11.2.2/assertions/Transaction.json create mode 100644 schema/v11.2.2/assertions/True.json create mode 100644 schema/v11.2.2/assertions/UDDINotification.json create mode 100644 schema/v11.2.2/assertions/UUIDGenerator.json create mode 100644 schema/v11.2.2/assertions/Unknown.json create mode 100644 schema/v11.2.2/assertions/ValidateCertificate.json create mode 100644 schema/v11.2.2/assertions/ValidateNonSoapSamlToken.json create mode 100644 schema/v11.2.2/assertions/VariableCredentialSource.json create mode 100644 schema/v11.2.2/assertions/WebSocket.json create mode 100644 schema/v11.2.2/assertions/WebSocketConnect.json create mode 100644 schema/v11.2.2/assertions/WebSocketEntityManager.json create mode 100644 schema/v11.2.2/assertions/WebSocketMessageInjection.json create mode 100644 schema/v11.2.2/assertions/WebSocketValidation.json create mode 100644 schema/v11.2.2/assertions/WsAddressing.json create mode 100644 schema/v11.2.2/assertions/WsFederationPassiveTokenExchange.json create mode 100644 schema/v11.2.2/assertions/WsFederationPassiveTokenRequest.json create mode 100644 schema/v11.2.2/assertions/WsSecurity.json create mode 100644 schema/v11.2.2/assertions/WsTrustCredentialExchange.json create mode 100644 schema/v11.2.2/assertions/WsiBsp.json create mode 100644 schema/v11.2.2/assertions/WsiSaml.json create mode 100644 schema/v11.2.2/assertions/WssBasic.json create mode 100644 schema/v11.2.2/assertions/WssConfiguration.json create mode 100644 schema/v11.2.2/assertions/WssDigest.json create mode 100644 schema/v11.2.2/assertions/WssEncryptElement.json create mode 100644 schema/v11.2.2/assertions/WssReplayProtection.json create mode 100644 schema/v11.2.2/assertions/WssSignElement.json create mode 100644 schema/v11.2.2/assertions/WssVersion.json create mode 100644 schema/v11.2.2/assertions/Wssp.json create mode 100644 schema/v11.2.2/assertions/XMPPAssociateSessions.json create mode 100644 schema/v11.2.2/assertions/XMPPCloseSession.json create mode 100644 schema/v11.2.2/assertions/XMPPGetAssociatedSessionId.json create mode 100644 schema/v11.2.2/assertions/XMPPGetRemoteCertificate.json create mode 100644 schema/v11.2.2/assertions/XMPPGetSessionAttribute.json create mode 100644 schema/v11.2.2/assertions/XMPPOpenServerSession.json create mode 100644 schema/v11.2.2/assertions/XMPPSendToRemoteHost.json create mode 100644 schema/v11.2.2/assertions/XMPPSetSessionAttribute.json create mode 100644 schema/v11.2.2/assertions/XMPPStartTLS.json create mode 100644 schema/v11.2.2/assertions/XacmlPdpAssertion.json create mode 100644 schema/v11.2.2/assertions/XacmlRequestBuilderAssertion.json create mode 100644 schema/v11.2.2/assertions/XpathCredentialSource.json create mode 100644 schema/v11.2.2/assertions/XslTransformation.json create mode 100644 schema/v11.2.2/assertions/_index.json create mode 100644 schema/v11.2.2/metadata-base.json create mode 100644 schema/v11.2.2/policy-code-schema.json create mode 100644 schema/v11.2.2/schema.graphql diff --git a/schema/v11.2.2/assertions/AddHeader.json b/schema/v11.2.2/assertions/AddHeader.json new file mode 100644 index 0000000..eb9de1f --- /dev/null +++ b/schema/v11.2.2/assertions/AddHeader.json @@ -0,0 +1,75 @@ +{ + "configName": "AddHeader", + "name": "Manage Transport Properties/Headers", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/AddHeader", + "title": "Manage Transport Properties/Headers", + "type": "object", + "properties": { + "evaluateNameAsExpression": { + "type": "boolean", + "default": false + }, + "evaluateValueExpression": { + "type": "boolean", + "default": false + }, + "headerName": { + "type": "string" + }, + "headerValue": { + "type": "string" + }, + "metadataType": { + "type": "string", + "default": "HTTP Header" + }, + "operation": { + "type": "string", + "enum": [ + "ADD", + "REMOVE" + ], + "default": "ADD" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "removeExisting": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/AddHeader/Main", + "title": "Manage Transport Properties/Headers", + "properties": { + "AddHeader": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/AddHeader" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/AddWsAddressing.json b/schema/v11.2.2/assertions/AddWsAddressing.json new file mode 100644 index 0000000..37be517 --- /dev/null +++ b/schema/v11.2.2/assertions/AddWsAddressing.json @@ -0,0 +1,73 @@ +{ + "configName": "AddWsAddressing", + "name": "Add WS-Addressing", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWsAddressing", + "title": "Add WS-Addressing", + "type": "object", + "properties": { + "action": { + "type": "string" + }, + "destination": { + "type": "string" + }, + "faultEndpoint": { + "type": "string" + }, + "messageId": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "relatesToMessageId": { + "type": "string" + }, + "replyEndpoint": { + "type": "string" + }, + "sourceEndpoint": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "wsa" + }, + "wsaNamespaceUri": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWsAddressing/Main", + "title": "Add WS-Addressing", + "properties": { + "AddWsAddressing": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/AddWsAddressing" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/AddWssSecurityToken.json b/schema/v11.2.2/assertions/AddWssSecurityToken.json new file mode 100644 index 0000000..cb3dcc2 --- /dev/null +++ b/schema/v11.2.2/assertions/AddWssSecurityToken.json @@ -0,0 +1,168 @@ +{ + "configName": "AddWssSecurityToken", + "name": "Add Security Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWssSecurityToken", + "title": "Add Security Token", + "type": "object", + "properties": { + "digest": { + "type": "boolean", + "default": false + }, + "digestAlgorithmName": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "encrypt": { + "type": "boolean", + "default": false + }, + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "includeCreated": { + "type": "boolean", + "default": true + }, + "includeNonce": { + "type": "boolean", + "default": true + }, + "includePassword": { + "type": "boolean", + "default": false + }, + "keyAlias": { + "type": "string" + }, + "keyReference": { + "type": "string", + "default": "BinarySecurityToken" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "omitSecurityContextToken": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "password": { + "type": "string" + }, + "protectTokens": { + "type": "boolean", + "default": true + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "samlAssertionVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "tokenType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/securityTokenType", + "default": "WS-S UsernameToken" + }, + "useLastGatheredCredentials": { + "type": "boolean", + "default": true + }, + "username": { + "type": "string" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "wsscSessionVariable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/securityTokenType" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWssSecurityToken/Main", + "title": "Add Security Token", + "properties": { + "AddWssSecurityToken": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/AddWssSecurityToken" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/AddWssTimestamp.json b/schema/v11.2.2/assertions/AddWssTimestamp.json new file mode 100644 index 0000000..5c78328 --- /dev/null +++ b/schema/v11.2.2/assertions/AddWssTimestamp.json @@ -0,0 +1,124 @@ +{ + "configName": "AddWssTimestamp", + "name": "Add Timestamp", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWssTimestamp", + "title": "Add Timestamp", + "type": "object", + "properties": { + "digestAlgorithmName": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "expiryMilliseconds": { + "type": "number", + "default": 0 + }, + "keyAlias": { + "type": "string" + }, + "keyReference": { + "type": "string", + "default": "BinarySecurityToken" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "protectTokens": { + "type": "boolean", + "default": false + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "resolution": { + "type": "string", + "enum": [ + "NANOSECONDS", + "MILLISECONDS", + "SECONDS" + ] + }, + "signatureRequired": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWssTimestamp/Main", + "title": "Add Timestamp", + "properties": { + "AddWssTimestamp": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/AddWssTimestamp" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/AddWssUsernameToken.json b/schema/v11.2.2/assertions/AddWssUsernameToken.json new file mode 100644 index 0000000..2e3c7d5 --- /dev/null +++ b/schema/v11.2.2/assertions/AddWssUsernameToken.json @@ -0,0 +1,117 @@ +{ + "configName": "AddWssUsernameToken", + "name": "Add WS-Security UsernameToken", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWssUsernameToken", + "title": "Add WS-Security UsernameToken", + "type": "object", + "properties": { + "digest": { + "type": "boolean", + "default": false + }, + "encrypt": { + "type": "boolean", + "default": false + }, + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "includeCreated": { + "type": "boolean", + "default": true + }, + "includeNonce": { + "type": "boolean", + "default": true + }, + "includePassword": { + "type": "boolean", + "default": true + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "password": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "username": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/AddWssUsernameToken/Main", + "title": "Add WS-Security UsernameToken", + "properties": { + "AddWssUsernameToken": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/AddWssUsernameToken" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/All.json b/schema/v11.2.2/assertions/All.json new file mode 100644 index 0000000..67e308c --- /dev/null +++ b/schema/v11.2.2/assertions/All.json @@ -0,0 +1,49 @@ +{ + "configName": "All", + "name": "All assertions must evaluate to true", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/All", + "title": "All assertions must evaluate to true", + "anyOf": [ + { + "type": "array", + "items": { + "type": "object" + } + }, + { + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/All/Main", + "title": "All assertions must evaluate to true", + "properties": { + "All": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/All" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ApiPortalAuthAndMgmtServiceInstaller.json b/schema/v11.2.2/assertions/ApiPortalAuthAndMgmtServiceInstaller.json new file mode 100644 index 0000000..f6dea12 --- /dev/null +++ b/schema/v11.2.2/assertions/ApiPortalAuthAndMgmtServiceInstaller.json @@ -0,0 +1,33 @@ +{ + "configName": "ApiPortalAuthAndMgmtServiceInstaller", + "name": "Api Portal Auth And Mgmt Service Installer", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ApiPortalAuthAndMgmtServiceInstaller", + "title": "Api Portal Auth And Mgmt Service Installer", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ApiPortalAuthAndMgmtServiceInstaller/Main", + "title": "Api Portal Auth And Mgmt Service Installer", + "properties": { + "ApiPortalAuthAndMgmtServiceInstaller": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ApiPortalAuthAndMgmtServiceInstaller" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ApiPortalEncassIntegration.json b/schema/v11.2.2/assertions/ApiPortalEncassIntegration.json new file mode 100644 index 0000000..55a8cb7 --- /dev/null +++ b/schema/v11.2.2/assertions/ApiPortalEncassIntegration.json @@ -0,0 +1,33 @@ +{ + "configName": "ApiPortalEncassIntegration", + "name": "Set as Portal Publishable Fragment", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ApiPortalEncassIntegration", + "title": "Set as Portal Publishable Fragment", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ApiPortalEncassIntegration/Main", + "title": "Set as Portal Publishable Fragment", + "properties": { + "ApiPortalEncassIntegration": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ApiPortalEncassIntegration" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ApiPortalIntegration.json b/schema/v11.2.2/assertions/ApiPortalIntegration.json new file mode 100644 index 0000000..8fe7120 --- /dev/null +++ b/schema/v11.2.2/assertions/ApiPortalIntegration.json @@ -0,0 +1,47 @@ +{ + "configName": "ApiPortalIntegration", + "name": "Set as Portal Managed Service", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ApiPortalIntegration", + "title": "Set as Portal Managed Service", + "type": "object", + "properties": { + "apiGroup": { + "type": "string" + }, + "apiId": { + "type": "string", + "default": "0c5193b6-e1e9-4296-b35c-0740befca054" + }, + "portalManagedApiFlag": { + "type": "string" + }, + "variablePrefix": { + "type": "string", + "default": "portal.managed.service" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ApiPortalIntegration/Main", + "title": "Set as Portal Managed Service", + "properties": { + "ApiPortalIntegration": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ApiPortalIntegration" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ApplyJSONPatch.json b/schema/v11.2.2/assertions/ApplyJSONPatch.json new file mode 100644 index 0000000..a5faf56 --- /dev/null +++ b/schema/v11.2.2/assertions/ApplyJSONPatch.json @@ -0,0 +1,77 @@ +{ + "configName": "ApplyJSONPatch", + "name": "Apply JSON Patch", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ApplyJSONPatch", + "title": "Apply JSON Patch", + "type": "object", + "properties": { + "destinationMessageTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "jsonPatch": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ApplyJSONPatch/Main", + "title": "Apply JSON Patch", + "properties": { + "ApplyJSONPatch": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ApplyJSONPatch" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Audit.json b/schema/v11.2.2/assertions/Audit.json new file mode 100644 index 0000000..602b7a3 --- /dev/null +++ b/schema/v11.2.2/assertions/Audit.json @@ -0,0 +1,53 @@ +{ + "configName": "Audit", + "name": "Audit Messages in Policy", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Audit", + "title": "Audit Messages in Policy", + "type": "object", + "properties": { + "changeSaveRequest": { + "type": "boolean", + "default": true + }, + "changeSaveResponse": { + "type": "boolean", + "default": true + }, + "level": { + "type": "string", + "default": "WARNING" + }, + "saveRequest": { + "type": "boolean", + "default": false + }, + "saveResponse": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Audit/Main", + "title": "Audit Messages in Policy", + "properties": { + "Audit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Audit" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/AuditDetail.json b/schema/v11.2.2/assertions/AuditDetail.json new file mode 100644 index 0000000..3eebc21 --- /dev/null +++ b/schema/v11.2.2/assertions/AuditDetail.json @@ -0,0 +1,47 @@ +{ + "configName": "AuditDetail", + "name": "Add Audit Details", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/AuditDetail", + "title": "Add Audit Details", + "type": "object", + "properties": { + "customLoggerSuffix": { + "type": "string" + }, + "detail": { + "type": "string" + }, + "level": { + "type": "string", + "default": "INFO" + }, + "loggingOnly": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/AuditDetail/Main", + "title": "Add Audit Details", + "properties": { + "AuditDetail": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/AuditDetail" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/AuditRecordToXml.json b/schema/v11.2.2/assertions/AuditRecordToXml.json new file mode 100644 index 0000000..96572b8 --- /dev/null +++ b/schema/v11.2.2/assertions/AuditRecordToXml.json @@ -0,0 +1,45 @@ +{ + "configName": "AuditRecordToXml", + "name": "Convert Audit Record to XML", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/AuditRecordToXml", + "title": "Convert Audit Record to XML", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/AuditRecordToXml/Main", + "title": "Convert Audit Record to XML", + "properties": { + "AuditRecordToXml": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/AuditRecordToXml" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Authentication.json b/schema/v11.2.2/assertions/Authentication.json new file mode 100644 index 0000000..948f64b --- /dev/null +++ b/schema/v11.2.2/assertions/Authentication.json @@ -0,0 +1,56 @@ +{ + "configName": "Authentication", + "name": "Authenticate Against Identity Provider", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Authentication", + "title": "Authenticate Against Identity Provider", + "type": "object", + "properties": { + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "identityTag": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Authentication/Main", + "title": "Authenticate Against Identity Provider", + "properties": { + "Authentication": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Authentication" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/BufferData.json b/schema/v11.2.2/assertions/BufferData.json new file mode 100644 index 0000000..e013cec --- /dev/null +++ b/schema/v11.2.2/assertions/BufferData.json @@ -0,0 +1,51 @@ +{ + "configName": "BufferData", + "name": "Accumulate Data in Memory", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/BufferData", + "title": "Accumulate Data in Memory", + "type": "object", + "properties": { + "bufferName": { + "type": "string" + }, + "maxAgeMillis": { + "type": "number", + "default": 86400000 + }, + "maxSizeBytes": { + "type": "number", + "default": 1048576 + }, + "newDataVarName": { + "type": "string" + }, + "variablePrefix": { + "type": "string", + "default": "buffer" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/BufferData/Main", + "title": "Accumulate Data in Memory", + "properties": { + "BufferData": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/BufferData" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/BuildRstSoapRequest.json b/schema/v11.2.2/assertions/BuildRstSoapRequest.json new file mode 100644 index 0000000..a504fc1 --- /dev/null +++ b/schema/v11.2.2/assertions/BuildRstSoapRequest.json @@ -0,0 +1,103 @@ +{ + "configName": "BuildRstSoapRequest", + "name": "Build RST SOAP Request", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/BuildRstSoapRequest", + "title": "Build RST SOAP Request", + "type": "object", + "properties": { + "appliesToAddress": { + "type": "string" + }, + "includeClientEntropy": { + "type": "boolean", + "default": false + }, + "issuerAddress": { + "type": "string" + }, + "keySize": { + "type": "integer" + }, + "lifetime": { + "type": "number" + }, + "lifetimeTimeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit" + }, + "requestType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/wsTrustRequestType", + "default": "http://schemas.xmlsoap.org/ws/2005/02/trust/Issue" + }, + "soapVersion": { + "type": "string", + "enum": [ + "SOAP_1_1", + "SOAP_1_2", + "UNKNOWN" + ] + }, + "targetTokenVariable": { + "type": "string" + }, + "tokenType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/securityTokenType", + "default": "Unknown" + }, + "variablePrefix": { + "type": "string", + "default": "requestBuilder" + }, + "wsTrustNamespace": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/wsTrustRequestType", + "enum": [ + "http://schemas.xmlsoap.org/ws/2005/02/trust/Issue", + "http://schemas.xmlsoap.org/ws/2005/02/trust/Validate", + "http://schemas.xmlsoap.org/ws/2005/02/trust/Renew", + "http://schemas.xmlsoap.org/ws/2005/02/trust/Cancel" + ] + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/securityTokenType" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/BuildRstSoapRequest/Main", + "title": "Build RST SOAP Request", + "properties": { + "BuildRstSoapRequest": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/BuildRstSoapRequest" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/BuildRstrSoapResponse.json b/schema/v11.2.2/assertions/BuildRstrSoapResponse.json new file mode 100644 index 0000000..3d132b2 --- /dev/null +++ b/schema/v11.2.2/assertions/BuildRstrSoapResponse.json @@ -0,0 +1,144 @@ +{ + "configName": "BuildRstrSoapResponse", + "name": "Build RSTR SOAP Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/BuildRstrSoapResponse", + "title": "Build RSTR SOAP Response", + "type": "object", + "properties": { + "addressOfEPR": { + "type": "string" + }, + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "includeAppliesTo": { + "type": "boolean", + "default": false + }, + "includeAttachedRef": { + "type": "boolean", + "default": false + }, + "includeKeySize": { + "type": "boolean", + "default": false + }, + "includeLifetime": { + "type": "boolean", + "default": false + }, + "includeUnattachedRef": { + "type": "boolean", + "default": false + }, + "lifetime": { + "type": "number", + "default": 3600000 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "responseForIssuance": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "tokenIssued": { + "type": "string" + }, + "variablePrefix": { + "type": "string", + "default": "responseBuilder" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/BuildRstrSoapResponse/Main", + "title": "Build RSTR SOAP Response", + "properties": { + "BuildRstrSoapResponse": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/BuildRstrSoapResponse" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/BulkJdbcInsert.json b/schema/v11.2.2/assertions/BulkJdbcInsert.json new file mode 100644 index 0000000..542f90b --- /dev/null +++ b/schema/v11.2.2/assertions/BulkJdbcInsert.json @@ -0,0 +1,112 @@ +{ + "configName": "BulkJdbcInsert", + "name": "Insert JDBC Data in Bulk", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/BulkJdbcInsert", + "title": "Insert JDBC Data in Bulk", + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "default": 100 + }, + "columnMapperList": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/BulkJdbcInsert:columnMapper" + } + }, + "compression": { + "type": "string", + "enum": [ + "NONE", + "GZIP", + "DEFLATE" + ], + "default": "GZIP" + }, + "connectionName": { + "type": "string" + }, + "escapeQuote": { + "type": "string", + "default": "" + }, + "fieldDelimiter": { + "type": "string", + "default": "," + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "quoteChar": { + "type": "string", + "default": "\"" + }, + "quoted": { + "type": "boolean", + "default": false + }, + "recordDelimiter": { + "type": "string", + "default": "CRLF" + }, + "schema": { + "type": "string" + }, + "tableName": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/BulkJdbcInsert:columnMapper", + "properties": { + "name": { + "type": "string" + }, + "order": { + "type": "integer", + "default": 0 + }, + "transformParam": { + "type": "string" + }, + "transformation": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/BulkJdbcInsert/Main", + "title": "Insert JDBC Data in Bulk", + "properties": { + "BulkJdbcInsert": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/BulkJdbcInsert" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CORS.json b/schema/v11.2.2/assertions/CORS.json new file mode 100644 index 0000000..888ba86 --- /dev/null +++ b/schema/v11.2.2/assertions/CORS.json @@ -0,0 +1,83 @@ +{ + "configName": "CORS", + "name": "Process CORS Request", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CORS", + "title": "Process CORS Request", + "type": "object", + "properties": { + "acceptSameOriginRequests": { + "type": "boolean", + "default": false + }, + "acceptedHeaders": { + "type": "array", + "items": { + "type": "string" + } + }, + "acceptedMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "acceptedOrigins": { + "type": "array", + "items": { + "type": "string" + } + }, + "allowNonStandardMethods": { + "type": "boolean", + "default": false + }, + "dynamicOrigins": { + "type": "string" + }, + "exposedHeaders": { + "type": "array", + "items": { + "type": "string" + } + }, + "requireCors": { + "type": "boolean", + "default": true + }, + "responseCacheTime": { + "type": "string" + }, + "supportsCredentials": { + "type": "boolean", + "default": true + }, + "variablePrefix": { + "type": "string", + "default": "cors" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CORS/Main", + "title": "Process CORS Request", + "properties": { + "CORS": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CORS" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CacheLookup.json b/schema/v11.2.2/assertions/CacheLookup.json new file mode 100644 index 0000000..1f4dfb2 --- /dev/null +++ b/schema/v11.2.2/assertions/CacheLookup.json @@ -0,0 +1,60 @@ +{ + "configName": "CacheLookup", + "name": "Look Up in Cache", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CacheLookup", + "title": "Look Up in Cache", + "type": "object", + "properties": { + "cacheEntryKey": { + "type": "string", + "default": "${request.url}" + }, + "cacheId": { + "type": "string", + "default": "defaultCache" + }, + "contentTypeOverride": { + "type": "string" + }, + "maxEntryAgeSeconds": { + "type": "string", + "default": "300" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CacheLookup/Main", + "title": "Look Up in Cache", + "properties": { + "CacheLookup": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CacheLookup" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CacheStorage.json b/schema/v11.2.2/assertions/CacheStorage.json new file mode 100644 index 0000000..28b818d --- /dev/null +++ b/schema/v11.2.2/assertions/CacheStorage.json @@ -0,0 +1,69 @@ +{ + "configName": "CacheStorage", + "name": "Store to Cache", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CacheStorage", + "title": "Store to Cache", + "type": "object", + "properties": { + "cacheEntryKey": { + "type": "string", + "default": "${request.url}" + }, + "cacheId": { + "type": "string", + "default": "defaultCache" + }, + "maxEntries": { + "type": "string", + "default": "10" + }, + "maxEntryAgeSeconds": { + "type": "string", + "default": "300" + }, + "maxEntrySizeBytes": { + "type": "string", + "default": "10000" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "storeSoapFaults": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CacheStorage/Main", + "title": "Store to Cache", + "properties": { + "CacheStorage": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CacheStorage" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CancelSecurityContext.json b/schema/v11.2.2/assertions/CancelSecurityContext.json new file mode 100644 index 0000000..ad3619f --- /dev/null +++ b/schema/v11.2.2/assertions/CancelSecurityContext.json @@ -0,0 +1,65 @@ +{ + "configName": "CancelSecurityContext", + "name": "Cancel Security Context", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CancelSecurityContext", + "title": "Cancel Security Context", + "type": "object", + "properties": { + "cancelInbound": { + "type": "boolean", + "default": true + }, + "failIfNotExist": { + "type": "boolean", + "default": true + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "outboundServiceUrl": { + "type": "string" + }, + "requiredAuthorization": { + "type": "string", + "enum": [ + "NONE", + "USER", + "TOKEN" + ], + "default": "TOKEN" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CancelSecurityContext/Main", + "title": "Cancel Security Context", + "properties": { + "CancelSecurityContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CancelSecurityContext" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CassandraQuery.json b/schema/v11.2.2/assertions/CassandraQuery.json new file mode 100644 index 0000000..6905c88 --- /dev/null +++ b/schema/v11.2.2/assertions/CassandraQuery.json @@ -0,0 +1,78 @@ +{ + "configName": "CassandraQuery", + "name": "Perform Cassandra Query", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CassandraQuery", + "title": "Perform Cassandra Query", + "type": "object", + "properties": { + "connectionName": { + "type": "string" + }, + "consistencyLevel": { + "type": "string" + }, + "failIfNoResults": { + "type": "boolean", + "default": false + }, + "fetchSize": { + "type": "integer", + "default": 0 + }, + "generateXmlResult": { + "type": "boolean", + "default": false + }, + "maxRecords": { + "type": "integer", + "default": 0 + }, + "namingMap": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "overrideConsistencyLevel": { + "type": "boolean", + "default": false + }, + "prefix": { + "type": "string", + "default": "cassandraQuery" + }, + "queryDocument": { + "type": "string" + }, + "queryTimeout": { + "type": ["null", "string"], + "default": "0" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CassandraQuery/Main", + "title": "Perform Cassandra Query", + "properties": { + "CassandraQuery": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CassandraQuery" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CertificateAttributes.json b/schema/v11.2.2/assertions/CertificateAttributes.json new file mode 100644 index 0000000..201e43e --- /dev/null +++ b/schema/v11.2.2/assertions/CertificateAttributes.json @@ -0,0 +1,53 @@ +{ + "configName": "CertificateAttributes", + "name": "Extract Attributes from Certificate", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CertificateAttributes", + "title": "Extract Attributes from Certificate", + "type": "object", + "properties": { + "extensionOids": { + "type": "string", + "default": "" + }, + "extensionOidsEnabled": { + "type": "boolean", + "default": false + }, + "sourceVariable": { + "type": "string", + "default": "" + }, + "sourceVariableEnabled": { + "type": "boolean", + "default": false + }, + "variablePrefix": { + "type": "string", + "default": "certificate" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CertificateAttributes/Main", + "title": "Extract Attributes from Certificate", + "properties": { + "CertificateAttributes": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CertificateAttributes" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CircuitBreaker.json b/schema/v11.2.2/assertions/CircuitBreaker.json new file mode 100644 index 0000000..5a6a594 --- /dev/null +++ b/schema/v11.2.2/assertions/CircuitBreaker.json @@ -0,0 +1,104 @@ +{ + "configName": "CircuitBreaker", + "name": "Apply Circuit Breaker", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CircuitBreaker", + "title": "Apply Circuit Breaker", + "type": "object", + "properties": { + "latencyCircuitCustomTrackerIdEnabled": { + "type": "boolean", + "default": false + }, + "latencyCircuitEnabled": { + "type": "boolean", + "default": false + }, + "latencyCircuitMaxFailures": { + "type": "string", + "default": "5" + }, + "latencyCircuitMaxLatency": { + "type": "string", + "default": "500" + }, + "latencyCircuitPercentageEnabled": { + "type": "boolean", + "default": false + }, + "latencyCircuitRecoveryPeriod": { + "type": "string", + "default": "10000" + }, + "latencyCircuitSamplingWindow": { + "type": "string", + "default": "5000" + }, + "latencyCircuitTrackerId": { + "type": "string" + }, + "policyFailureCircuitCustomTrackerIdEnabled": { + "type": "boolean", + "default": false + }, + "policyFailureCircuitEnabled": { + "type": "boolean", + "default": true + }, + "policyFailureCircuitMaxFailures": { + "type": "string", + "default": "5" + }, + "policyFailureCircuitPercentageEnabled": { + "type": "boolean", + "default": false + }, + "policyFailureCircuitRecoveryPeriod": { + "type": "string", + "default": "10000" + }, + "policyFailureCircuitRoutingFailuresOnly": { + "type": "boolean", + "default": false + }, + "policyFailureCircuitRoutingStatusCodes": { + "type": "string" + }, + "policyFailureCircuitSamplingWindow": { + "type": "string", + "default": "5000" + }, + "policyFailureCircuitTrackerId": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CircuitBreaker/Main", + "title": "Apply Circuit Breaker", + "properties": { + "CircuitBreaker": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CircuitBreaker" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CodeInjectionProtection.json b/schema/v11.2.2/assertions/CodeInjectionProtection.json new file mode 100644 index 0000000..d9a7164 --- /dev/null +++ b/schema/v11.2.2/assertions/CodeInjectionProtection.json @@ -0,0 +1,75 @@ +{ + "configName": "CodeInjectionProtection", + "name": "Protect Against Code Injection", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CodeInjectionProtection", + "title": "Protect Against Code Injection", + "type": "object", + "properties": { + "includeBody": { + "type": "boolean", + "default": false + }, + "includeUrlPath": { + "type": "boolean", + "default": false + }, + "includeUrlQueryString": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "protections": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/codeInjectionProtectionType" + } + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ] + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/codeInjectionProtectionType", + "enum": [ + "htmlJavaScriptInjection", + "hexEncodedInjection", + "phpEvalInjection", + "shellInjection", + "ldapDnInjection", + "ldapSearchInjection", + "xpathInjection" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CodeInjectionProtection/Main", + "title": "Protect Against Code Injection", + "properties": { + "CodeInjectionProtection": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CodeInjectionProtection" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Comment.json b/schema/v11.2.2/assertions/Comment.json new file mode 100644 index 0000000..4820e30 --- /dev/null +++ b/schema/v11.2.2/assertions/Comment.json @@ -0,0 +1,39 @@ +{ + "configName": "Comment", + "name": "Add Comment to Policy", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Comment", + "title": "Add Comment to Policy", + "type": [ + "string", + "object" + ], + "properties": { + "comment": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Comment/Main", + "title": "Add Comment to Policy", + "properties": { + "Comment": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Comment" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ComparisonAssertion.json b/schema/v11.2.2/assertions/ComparisonAssertion.json new file mode 100644 index 0000000..6374949 --- /dev/null +++ b/schema/v11.2.2/assertions/ComparisonAssertion.json @@ -0,0 +1,94 @@ +{ + "configName": "ComparisonAssertion", + "name": "Compare Expression", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ComparisonAssertion", + "title": "Compare Expression", + "type": "object", + "properties": { + "caseSensitive": { + "type": "boolean", + "default": true + }, + "expression1": { + "type": "string" + }, + "expression2": { + "type": "string" + }, + "expressionIsVariable": { + "type": "boolean", + "default": true + }, + "multivaluedComparison": { + "type": "string", + "enum": [ + "ALL", + "ANY", + "FIRST", + "LAST", + "FAIL" + ], + "default": "ALL" + }, + "negate": { + "type": "boolean", + "default": false + }, + "operator": { + "type": ["null", "string"], + "enum": [ + null, + "LT", + "LE", + "EQ", + "GT", + "GE", + "EMPTY", + "CONTAINS", + "NE", + "TRUE", + "FALSE" + ], + "default": "EQ" + }, + "predicates": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ComparisonAssertion:predicate" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ComparisonAssertion:predicate", + "properties": { + "negated": { + "type": "boolean" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ComparisonAssertion/Main", + "title": "Compare Expression", + "properties": { + "ComparisonAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ComparisonAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ConcurrentAll.json b/schema/v11.2.2/assertions/ConcurrentAll.json new file mode 100644 index 0000000..533cec2 --- /dev/null +++ b/schema/v11.2.2/assertions/ConcurrentAll.json @@ -0,0 +1,49 @@ +{ + "configName": "ConcurrentAll", + "name": "Run All Assertions Concurrently", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ConcurrentAll", + "title": "Run All Assertions Concurrently", + "anyOf": [ + { + "type": "array", + "items": { + "type": "object" + } + }, + { + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ConcurrentAll/Main", + "title": "Run All Assertions Concurrently", + "properties": { + "ConcurrentAll": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ConcurrentAll" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ContentType.json b/schema/v11.2.2/assertions/ContentType.json new file mode 100644 index 0000000..e43ab26 --- /dev/null +++ b/schema/v11.2.2/assertions/ContentType.json @@ -0,0 +1,64 @@ +{ + "configName": "ContentType", + "name": "Validate or Change Content Type", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ContentType", + "title": "Validate or Change Content Type", + "type": "object", + "properties": { + "changeContentType": { + "type": "boolean", + "default": false + }, + "messagePart": { + "type": "boolean", + "default": false + }, + "messagePartNum": { + "type": "string", + "default": "1" + }, + "newContentTypeValue": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "reinitializeMessage": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ContentType/Main", + "title": "Validate or Change Content Type", + "properties": { + "ContentType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ContentType" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CookieCredentialSource.json b/schema/v11.2.2/assertions/CookieCredentialSource.json new file mode 100644 index 0000000..6758913 --- /dev/null +++ b/schema/v11.2.2/assertions/CookieCredentialSource.json @@ -0,0 +1,41 @@ +{ + "configName": "CookieCredentialSource", + "name": "Require HTTP Cookie", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CookieCredentialSource", + "title": "Require HTTP Cookie", + "type": "object", + "properties": { + "cookieName": { + "type": "string", + "default": "session" + }, + "variablePrefix": { + "type": "string", + "default": "cookie" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CookieCredentialSource/Main", + "title": "Require HTTP Cookie", + "properties": { + "CookieCredentialSource": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CookieCredentialSource" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CreateJsonWebKey.json b/schema/v11.2.2/assertions/CreateJsonWebKey.json new file mode 100644 index 0000000..9131d4c --- /dev/null +++ b/schema/v11.2.2/assertions/CreateJsonWebKey.json @@ -0,0 +1,64 @@ +{ + "configName": "CreateJsonWebKey", + "name": "Create Json Web Key", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateJsonWebKey", + "title": "Create Json Web Key", + "type": "object", + "properties": { + "keys": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CreateJsonWebKey:key" + } + }, + "targetVariable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateJsonWebKey:key", + "properties": { + "keyId": { + "type": "string" + }, + "publicKeyUse": { + "type": "string" + }, + "sourceKeyAlias": { + "type": "string" + }, + "sourceKeyGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateJsonWebKey/Main", + "title": "Create Json Web Key", + "properties": { + "CreateJsonWebKey": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CreateJsonWebKey" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CreateRoutingStrategy.json b/schema/v11.2.2/assertions/CreateRoutingStrategy.json new file mode 100644 index 0000000..19ccd6a --- /dev/null +++ b/schema/v11.2.2/assertions/CreateRoutingStrategy.json @@ -0,0 +1,69 @@ +{ + "configName": "CreateRoutingStrategy", + "name": "Create Routing Strategy", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateRoutingStrategy", + "title": "Create Routing Strategy", + "type": "object", + "properties": { + "routes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CreateRoutingStrategy:route" + } + }, + "strategy": { + "type": "string", + "default": "strategy" + }, + "strategyDescription": { + "type": "string" + }, + "strategyName": { + "type": "string" + }, + "strategyProperties": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateRoutingStrategy:route", + "properties": { + "name": { + "type": "string" + }, + "properties": { + "type": "object" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateRoutingStrategy/Main", + "title": "Create Routing Strategy", + "properties": { + "CreateRoutingStrategy": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CreateRoutingStrategy" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CreateSecurityContextToken.json b/schema/v11.2.2/assertions/CreateSecurityContextToken.json new file mode 100644 index 0000000..2ed4d0e --- /dev/null +++ b/schema/v11.2.2/assertions/CreateSecurityContextToken.json @@ -0,0 +1,76 @@ +{ + "configName": "CreateSecurityContextToken", + "name": "Create Security Context Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateSecurityContextToken", + "title": "Create Security Context Token", + "type": "object", + "properties": { + "keySize": { + "type": "integer", + "default": 0 + }, + "lifetime": { + "type": "number", + "default": 7200000 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "useSystemDefaultSessionDuration": { + "type": "boolean", + "default": true + }, + "variablePrefix": { + "type": "string", + "default": "sctBuilder" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CreateSecurityContextToken/Main", + "title": "Create Security Context Token", + "properties": { + "CreateSecurityContextToken": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CreateSecurityContextToken" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CsrSigner.json b/schema/v11.2.2/assertions/CsrSigner.json new file mode 100644 index 0000000..4673aa5 --- /dev/null +++ b/schema/v11.2.2/assertions/CsrSigner.json @@ -0,0 +1,67 @@ +{ + "configName": "CsrSigner", + "name": "Sign Certificate", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CsrSigner", + "title": "Sign Certificate", + "type": "object", + "properties": { + "certDNVariableName": { + "type": "string" + }, + "csrVariableName": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "expiryAgeDays": { + "type": "string" + }, + "keyAlias": { + "type": "string" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "outputPrefix": { + "type": "string" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CsrSigner/Main", + "title": "Sign Certificate", + "properties": { + "CsrSigner": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CsrSigner" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CsrfProtection.json b/schema/v11.2.2/assertions/CsrfProtection.json new file mode 100644 index 0000000..4270b8e --- /dev/null +++ b/schema/v11.2.2/assertions/CsrfProtection.json @@ -0,0 +1,70 @@ +{ + "configName": "CsrfProtection", + "name": "Protect Against Cross-Site Request Forgery", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CsrfProtection", + "title": "Protect Against Cross-Site Request Forgery", + "type": "object", + "properties": { + "allowMissingOrEmptyReferer": { + "type": "boolean", + "default": false + }, + "cookieName": { + "type": "string" + }, + "enableDoubleSubmitCookieChecking": { + "type": "boolean", + "default": true + }, + "enableHttpRefererChecking": { + "type": "boolean", + "default": false + }, + "onlyAllowCurrentDomain": { + "type": "boolean", + "default": true + }, + "parameterName": { + "type": "string" + }, + "parameterType": { + "type": "string", + "enum": [ + "GET", + "POST", + "GET_AND_POST" + ], + "default": "POST" + }, + "trustedDomains": { + "type": "array", + "items": { + "type": "string" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CsrfProtection/Main", + "title": "Protect Against Cross-Site Request Forgery", + "properties": { + "CsrfProtection": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CsrfProtection" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CustomAssertion.json b/schema/v11.2.2/assertions/CustomAssertion.json new file mode 100644 index 0000000..176a00f --- /dev/null +++ b/schema/v11.2.2/assertions/CustomAssertion.json @@ -0,0 +1,40 @@ +{ + "configName": "CustomAssertion", + "name": "Custom Assertion", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion", + "title": "Custom Assertion", + "type": "object", + "properties": { + "value": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/customAssertion" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/customAssertion" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion/Main", + "title": "Custom Assertion", + "properties": { + "CustomAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion.json b/schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion.json new file mode 100644 index 0000000..43d6bc1 --- /dev/null +++ b/schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion.json @@ -0,0 +1,133 @@ +{ + "configName": "CustomAssertion:com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion", + "name": "Decode ID Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion:com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion", + "title": "Decode ID Token", + "type": "object", + "properties": { + "name": { + "type": "string", + "const": "Decode ID Token" + }, + "valueClass": { + "type": "string", + "const": "com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion" + }, + "value": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/iDTokenDecodeAssertion" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/category" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/customAssertion" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion:com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion/Main", + "title": "Decode ID Token", + "properties": { + "CustomAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion:com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/iDTokenDecodeAssertion", + "properties": { + "allowedCustomClaims": { + "type": "string", + "default": "" + }, + "exportAcr": { + "type": "boolean", + "default": true + }, + "exportAll": { + "type": "boolean", + "default": true + }, + "exportAtHash": { + "type": "boolean", + "default": true + }, + "exportAud": { + "type": "boolean", + "default": true + }, + "exportAuthTime": { + "type": "boolean", + "default": true + }, + "exportAzp": { + "type": "boolean", + "default": true + }, + "exportCHash": { + "type": "boolean", + "default": true + }, + "exportExpiration": { + "type": "boolean", + "default": true + }, + "exportIat": { + "type": "boolean", + "default": true + }, + "exportIss": { + "type": "boolean", + "default": true + }, + "exportNonce": { + "type": "boolean", + "default": true + }, + "exportOtherClaims": { + "type": "boolean", + "default": true + }, + "exportSHash": { + "type": "boolean", + "default": true + }, + "exportSub": { + "type": "boolean", + "default": true + }, + "exportVariable": { + "type": "string", + "default": "didt" + }, + "payload": { + "type": "string" + }, + "validateClaims": { + "type": "boolean", + "default": true + }, + "validateExpiration": { + "type": "boolean", + "default": true + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion.json b/schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion.json new file mode 100644 index 0000000..b7c72a6 --- /dev/null +++ b/schema/v11.2.2/assertions/CustomAssertion_com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion.json @@ -0,0 +1,111 @@ +{ + "configName": "CustomAssertion:com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion", + "name": "Generate ID Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion:com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion", + "title": "Generate ID Token", + "type": "object", + "properties": { + "name": { + "type": "string", + "const": "Generate ID Token" + }, + "valueClass": { + "type": "string", + "const": "com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion" + }, + "value": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/iDTokenGenerationAssertion" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/category" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/customAssertion" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion:com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion/Main", + "title": "Generate ID Token", + "properties": { + "CustomAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CustomAssertion:com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/iDTokenGenerationAssertion", + "properties": { + "acr": { + "type": "string" + }, + "atHash": { + "type": "string" + }, + "aud": { + "type": "string" + }, + "authTime": { + "type": "string" + }, + "automatic": { + "type": "boolean", + "default": false + }, + "azp": { + "type": "string" + }, + "cHash": { + "type": "string" + }, + "expiration": { + "type": "string" + }, + "generateSub": { + "type": "boolean", + "default": false + }, + "iss": { + "type": "string" + }, + "nonce": { + "type": "string" + }, + "otherClaims": { + "type": "string", + "default": "" + }, + "responseType": { + "type": "string" + }, + "state": { + "type": "string", + "default": "" + }, + "sub": { + "type": "string" + }, + "useAuthTimeNow": { + "type": "boolean", + "default": false + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/CustomizeErrorResponse.json b/schema/v11.2.2/assertions/CustomizeErrorResponse.json new file mode 100644 index 0000000..2295c34 --- /dev/null +++ b/schema/v11.2.2/assertions/CustomizeErrorResponse.json @@ -0,0 +1,75 @@ +{ + "configName": "CustomizeErrorResponse", + "name": "Customize Error Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomizeErrorResponse", + "title": "Customize Error Response", + "type": "object", + "properties": { + "content": { + "type": "string", + "default": "Internal Server Error" + }, + "contentType": { + "type": "string", + "default": "text/plain; charset=UTF-8" + }, + "errorLevel": { + "type": "string", + "enum": [ + "DROP_CONNECTION", + "TEMPLATE_RESPONSE" + ], + "default": "TEMPLATE_RESPONSE" + }, + "extraHeaders": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair" + } + }, + "httpStatus": { + "type": "string", + "default": "500" + }, + "includePolicyDownloadURL": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/CustomizeErrorResponse/Main", + "title": "Customize Error Response", + "properties": { + "CustomizeErrorResponse": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/CustomizeErrorResponse" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/DecodeJsonWebToken.json b/schema/v11.2.2/assertions/DecodeJsonWebToken.json new file mode 100644 index 0000000..5257681 --- /dev/null +++ b/schema/v11.2.2/assertions/DecodeJsonWebToken.json @@ -0,0 +1,82 @@ +{ + "configName": "DecodeJsonWebToken", + "name": "Decode Json Web Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/DecodeJsonWebToken", + "title": "Decode Json Web Token", + "type": "object", + "properties": { + "base64Encoded": { + "type": "boolean", + "default": false + }, + "detachedJwsContent": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string" + }, + "failUnverifiedSignature": { + "type": "boolean", + "default": false + }, + "keyAlias": { + "type": "string" + }, + "keyGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "keyId": { + "type": "string" + }, + "keyType": { + "type": "string" + }, + "privateKeyFromList": { + "type": "boolean", + "default": false + }, + "privateKeySource": { + "type": "string" + }, + "signatureSecret": { + "type": "string" + }, + "sourcePayload": { + "type": "string" + }, + "targetVariablePrefix": { + "type": "string" + }, + "validationType": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/DecodeJsonWebToken/Main", + "title": "Decode Json Web Token", + "properties": { + "DecodeJsonWebToken": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/DecodeJsonWebToken" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/DistributedRateLimit.json b/schema/v11.2.2/assertions/DistributedRateLimit.json new file mode 100644 index 0000000..0d335a8 --- /dev/null +++ b/schema/v11.2.2/assertions/DistributedRateLimit.json @@ -0,0 +1,54 @@ +{ + "configName": "DistributedRateLimit", + "name": "Apply Distributed Rate Limit", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/DistributedRateLimit", + "title": "Apply Distributed Rate Limit", + "type": "object", + "properties": { + "burstLimit": { + "type": "string" + }, + "counterId": { + "type": "string" + }, + "counterPrefix": { + "type": "string" + }, + "limitEachCounterType": { + "type": "string" + }, + "limitExceededOption": { + "type": "string" + }, + "limitRequests": { + "type": "string" + }, + "rateLimitUnit": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/DistributedRateLimit/Main", + "title": "Apply Distributed Rate Limit", + "properties": { + "DistributedRateLimit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/DistributedRateLimit" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EchoRoutingAssertion.json b/schema/v11.2.2/assertions/EchoRoutingAssertion.json new file mode 100644 index 0000000..193afa4 --- /dev/null +++ b/schema/v11.2.2/assertions/EchoRoutingAssertion.json @@ -0,0 +1,55 @@ +{ + "configName": "EchoRoutingAssertion", + "name": "Copy Request Message to Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EchoRoutingAssertion", + "title": "Copy Request Message to Response", + "type": "object", + "properties": { + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 1 + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EchoRoutingAssertion/Main", + "title": "Copy Request Message to Response", + "properties": { + "EchoRoutingAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EchoRoutingAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Email.json b/schema/v11.2.2/assertions/Email.json new file mode 100644 index 0000000..9e5b923 --- /dev/null +++ b/schema/v11.2.2/assertions/Email.json @@ -0,0 +1,118 @@ +{ + "configName": "Email", + "name": "Send Email", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Email", + "title": "Send Email", + "type": "object", + "properties": { + "attachments": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Email:Attachment" + } + }, + "authPassword": { + "type": "string" + }, + "authUsername": { + "type": "string" + }, + "authenticate": { + "type": "boolean", + "default": false + }, + "base64message": { + "type": "string", + "default": "" + }, + "contextVarPassword": { + "type": "boolean", + "default": false + }, + "format": { + "type": "string", + "enum": [ + "PLAIN_TEXT", + "HTML" + ], + "default": "PLAIN_TEXT" + }, + "protocol": { + "type": "string", + "enum": [ + "PLAIN", + "SSL", + "STARTTLS" + ], + "default": "PLAIN" + }, + "smtpHost": { + "type": "string", + "default": "mail" + }, + "smtpPort": { + "type": "string", + "default": "25" + }, + "sourceEmailAddress": { + "type": "string", + "default": "L7SSG@NOMAILBOX" + }, + "subject": { + "type": "string", + "default": "Layer7 API Gateway Email" + }, + "targetBCCEmailAddress": { + "type": "string", + "default": "" + }, + "targetCCEmailAddress": { + "type": "string", + "default": "" + }, + "targetEmailAddress": { + "type": "string", + "default": "" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Email:Attachment", + "properties": { + "mimePartVariable": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "sourceVariable": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Email/Main", + "title": "Send Email", + "properties": { + "Email": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Email" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EmbeddedGemfireSharedStateProvider.json b/schema/v11.2.2/assertions/EmbeddedGemfireSharedStateProvider.json new file mode 100644 index 0000000..273fb19 --- /dev/null +++ b/schema/v11.2.2/assertions/EmbeddedGemfireSharedStateProvider.json @@ -0,0 +1,33 @@ +{ + "configName": "EmbeddedGemfireSharedStateProvider", + "name": "Embedded Gemfire Shared State Provider", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EmbeddedGemfireSharedStateProvider", + "title": "Embedded Gemfire Shared State Provider", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EmbeddedGemfireSharedStateProvider/Main", + "title": "Embedded Gemfire Shared State Provider", + "properties": { + "EmbeddedGemfireSharedStateProvider": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EmbeddedGemfireSharedStateProvider" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EmbeddedHazelcastSharedStateProvider.json b/schema/v11.2.2/assertions/EmbeddedHazelcastSharedStateProvider.json new file mode 100644 index 0000000..dc939fe --- /dev/null +++ b/schema/v11.2.2/assertions/EmbeddedHazelcastSharedStateProvider.json @@ -0,0 +1,33 @@ +{ + "configName": "EmbeddedHazelcastSharedStateProvider", + "name": "Embedded Hazelcast Shared State Provider", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EmbeddedHazelcastSharedStateProvider", + "title": "Embedded Hazelcast Shared State Provider", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EmbeddedHazelcastSharedStateProvider/Main", + "title": "Embedded Hazelcast Shared State Provider", + "properties": { + "EmbeddedHazelcastSharedStateProvider": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EmbeddedHazelcastSharedStateProvider" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Encapsulated.json b/schema/v11.2.2/assertions/Encapsulated.json new file mode 100644 index 0000000..d63d9cb --- /dev/null +++ b/schema/v11.2.2/assertions/Encapsulated.json @@ -0,0 +1,51 @@ +{ + "configName": "Encapsulated", + "name": "Encapsulated", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Encapsulated", + "title": "Encapsulated", + "type": "object", + "properties": { + "encassGuid": { + "type": "string" + }, + "encassName": { + "type": "string" + }, + "noOpIfConfigMissing": { + "type": "boolean", + "default": false + }, + "parameters": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Encapsulated/Main", + "title": "Encapsulated", + "properties": { + "Encapsulated": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Encapsulated" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EncodeDecode.json b/schema/v11.2.2/assertions/EncodeDecode.json new file mode 100644 index 0000000..1df65d9 --- /dev/null +++ b/schema/v11.2.2/assertions/EncodeDecode.json @@ -0,0 +1,93 @@ +{ + "configName": "EncodeDecode", + "name": "Encode/Decode Data", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EncodeDecode", + "title": "Encode/Decode Data", + "type": "object", + "properties": { + "characterEncoding": { + "type": ["null", "string"], + "default": "UTF-8" + }, + "lineBreakInterval": { + "type": "integer", + "default": 0 + }, + "sourceVariableName": { + "type": "string" + }, + "strict": { + "type": "boolean", + "default": false + }, + "targetContentType": { + "type": "string" + }, + "targetDataType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType" + }, + "targetVariableName": { + "type": "string" + }, + "transformType": { + "type": "string", + "enum": [ + "BASE64_ENCODE", + "BASE64_DECODE", + "BASE32_ENCODE", + "BASE32_DECODE", + "HEX_ENCODE", + "HEX_DECODE", + "URL_ENCODE", + "URL_DECODE", + "ZIP", + "UNZIP", + "GZIP", + "GUNZIP" + ] + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType", + "enum": [ + "string", + "cert", + "int", + "decimal", + "float", + "xml", + "boolean", + "binary", + "dateTime", + "message", + "blob", + "clob", + "other" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EncodeDecode/Main", + "title": "Encode/Decode Data", + "properties": { + "EncodeDecode": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EncodeDecode" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EncodeJsonWebToken.json b/schema/v11.2.2/assertions/EncodeJsonWebToken.json new file mode 100644 index 0000000..01a9912 --- /dev/null +++ b/schema/v11.2.2/assertions/EncodeJsonWebToken.json @@ -0,0 +1,122 @@ +{ + "configName": "EncodeJsonWebToken", + "name": "Encode Json Web Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EncodeJsonWebToken", + "title": "Encode Json Web Token", + "type": "object", + "properties": { + "contentEncryptionAlgorithm": { + "type": "string" + }, + "dynamicPrivateKeyAliasVariable": { + "type": "string" + }, + "emptyPayload": { + "type": "boolean", + "default": false + }, + "encryptPayload": { + "type": "boolean", + "default": false + }, + "encryptionKey": { + "type": "string" + }, + "encryptionKeyId": { + "type": "string" + }, + "encryptionKeyType": { + "type": "string" + }, + "encryptionSecret": { + "type": "string" + }, + "encryptionSecretBase64Encoded": { + "type": "boolean", + "default": false + }, + "encryptionSourceType": { + "type": "integer", + "default": 0 + }, + "headerAction": { + "type": "string", + "default": "Use Generated Header" + }, + "keyAlias": { + "type": "string" + }, + "keyGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "keyManagementAlgorithm": { + "type": "string" + }, + "signPayload": { + "type": "boolean", + "default": false + }, + "signatureAlgorithm": { + "type": ["null", "string"], + "default": "None" + }, + "signatureJwksKeyId": { + "type": "string" + }, + "signatureKeyType": { + "type": "string" + }, + "signatureSecretBase64Encoded": { + "type": "boolean", + "default": false + }, + "signatureSecretKey": { + "type": "string" + }, + "signatureSourceType": { + "type": "integer", + "default": 0 + }, + "signatureSourceVariable": { + "type": "string" + }, + "sourceHeaders": { + "type": "string" + }, + "sourceVariable": { + "type": "string", + "default": "" + }, + "targetVariable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EncodeJsonWebToken/Main", + "title": "Encode Json Web Token", + "properties": { + "EncodeJsonWebToken": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EncodeJsonWebToken" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EncryptedUsernameToken.json b/schema/v11.2.2/assertions/EncryptedUsernameToken.json new file mode 100644 index 0000000..8951890 --- /dev/null +++ b/schema/v11.2.2/assertions/EncryptedUsernameToken.json @@ -0,0 +1,66 @@ +{ + "configName": "EncryptedUsernameToken", + "name": "Require Encrypted UsernameToken Profile Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EncryptedUsernameToken", + "title": "Require Encrypted UsernameToken Profile Credentials", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "xEncAlgorithmList": { + "type": "array", + "items": { + "type": "string" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EncryptedUsernameToken/Main", + "title": "Require Encrypted UsernameToken Profile Credentials", + "properties": { + "EncryptedUsernameToken": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EncryptedUsernameToken" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EntityChangeListener.json b/schema/v11.2.2/assertions/EntityChangeListener.json new file mode 100644 index 0000000..9c5c0f2 --- /dev/null +++ b/schema/v11.2.2/assertions/EntityChangeListener.json @@ -0,0 +1,33 @@ +{ + "configName": "EntityChangeListener", + "name": "Entity Change Listener", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EntityChangeListener", + "title": "Entity Change Listener", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EntityChangeListener/Main", + "title": "Entity Change Listener", + "properties": { + "EntityChangeListener": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EntityChangeListener" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EstablishOutboundSecureConversation.json b/schema/v11.2.2/assertions/EstablishOutboundSecureConversation.json new file mode 100644 index 0000000..8f8716e --- /dev/null +++ b/schema/v11.2.2/assertions/EstablishOutboundSecureConversation.json @@ -0,0 +1,103 @@ +{ + "configName": "EstablishOutboundSecureConversation", + "name": "Establish Outbound Secure Conversation", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EstablishOutboundSecureConversation", + "title": "Establish Outbound Secure Conversation", + "type": "object", + "properties": { + "allowInboundMsgUsingSession": { + "type": "boolean", + "default": false + }, + "clientEntropy": { + "type": "string", + "default": "${requestBuilder.clientEntropy}" + }, + "creationTime": { + "type": "string", + "default": "${rstrResponseProcessor.createTime}" + }, + "expirationTime": { + "type": "string", + "default": "${rstrResponseProcessor.expiryTime}" + }, + "fullKey": { + "type": "string", + "default": "${rstrResponseProcessor.fullKey}" + }, + "keySize": { + "type": "string", + "default": "${rstrResponseProcessor.keySize}" + }, + "maxLifetime": { + "type": "number", + "default": 0 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "securityContextTokenVarName": { + "type": "string", + "default": "rstrResponseProcessor.token" + }, + "serverEntropy": { + "type": "string", + "default": "${rstrResponseProcessor.serverEntropy}" + }, + "serviceUrl": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "useSystemDefaultSessionDuration": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EstablishOutboundSecureConversation/Main", + "title": "Establish Outbound Secure Conversation", + "properties": { + "EstablishOutboundSecureConversation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EstablishOutboundSecureConversation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/EvaluateJsonPathExpressionV2.json b/schema/v11.2.2/assertions/EvaluateJsonPathExpressionV2.json new file mode 100644 index 0000000..40cfa10 --- /dev/null +++ b/schema/v11.2.2/assertions/EvaluateJsonPathExpressionV2.json @@ -0,0 +1,56 @@ +{ + "configName": "EvaluateJsonPathExpressionV2", + "name": "Evaluate JSON Path Expression V2", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/EvaluateJsonPathExpressionV2", + "title": "Evaluate JSON Path Expression V2", + "type": "object", + "properties": { + "evaluator": { + "type": "string", + "default": "SystemDefault" + }, + "expression": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "jsonPath" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/EvaluateJsonPathExpressionV2/Main", + "title": "Evaluate JSON Path Expression V2", + "properties": { + "EvaluateJsonPathExpressionV2": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/EvaluateJsonPathExpressionV2" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ExactlyOne.json b/schema/v11.2.2/assertions/ExactlyOne.json new file mode 100644 index 0000000..665add5 --- /dev/null +++ b/schema/v11.2.2/assertions/ExactlyOne.json @@ -0,0 +1,49 @@ +{ + "configName": "ExactlyOne", + "name": "Exactly One", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ExactlyOne", + "title": "Exactly One", + "anyOf": [ + { + "type": "array", + "items": { + "type": "object" + } + }, + { + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ExactlyOne/Main", + "title": "Exactly One", + "properties": { + "ExactlyOne": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ExactlyOne" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ExecuteRoutingStrategy.json b/schema/v11.2.2/assertions/ExecuteRoutingStrategy.json new file mode 100644 index 0000000..d578878 --- /dev/null +++ b/schema/v11.2.2/assertions/ExecuteRoutingStrategy.json @@ -0,0 +1,45 @@ +{ + "configName": "ExecuteRoutingStrategy", + "name": "Execute Routing Strategy", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ExecuteRoutingStrategy", + "title": "Execute Routing Strategy", + "type": "object", + "properties": { + "feedback": { + "type": "string", + "default": "feedback" + }, + "route": { + "type": "string", + "default": "route" + }, + "strategy": { + "type": "string", + "default": "strategy" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ExecuteRoutingStrategy/Main", + "title": "Execute Routing Strategy", + "properties": { + "ExecuteRoutingStrategy": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ExecuteRoutingStrategy" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ExportVariables.json b/schema/v11.2.2/assertions/ExportVariables.json new file mode 100644 index 0000000..e3ba453 --- /dev/null +++ b/schema/v11.2.2/assertions/ExportVariables.json @@ -0,0 +1,39 @@ +{ + "configName": "ExportVariables", + "name": "Export Variables from Fragment", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ExportVariables", + "title": "Export Variables from Fragment", + "type": "object", + "properties": { + "exportedVars": { + "type": "array", + "items": { + "type": "string" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ExportVariables/Main", + "title": "Export Variables from Fragment", + "properties": { + "ExportVariables": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ExportVariables" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ExternalGemfireSharedStateProvider.json b/schema/v11.2.2/assertions/ExternalGemfireSharedStateProvider.json new file mode 100644 index 0000000..252767e --- /dev/null +++ b/schema/v11.2.2/assertions/ExternalGemfireSharedStateProvider.json @@ -0,0 +1,33 @@ +{ + "configName": "ExternalGemfireSharedStateProvider", + "name": "External Gemfire Shared State Provider", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ExternalGemfireSharedStateProvider", + "title": "External Gemfire Shared State Provider", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ExternalGemfireSharedStateProvider/Main", + "title": "External Gemfire Shared State Provider", + "properties": { + "ExternalGemfireSharedStateProvider": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ExternalGemfireSharedStateProvider" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ExternalHazelcastProvider.json b/schema/v11.2.2/assertions/ExternalHazelcastProvider.json new file mode 100644 index 0000000..e101768 --- /dev/null +++ b/schema/v11.2.2/assertions/ExternalHazelcastProvider.json @@ -0,0 +1,33 @@ +{ + "configName": "ExternalHazelcastProvider", + "name": "External Hazelcast Provider", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ExternalHazelcastProvider", + "title": "External Hazelcast Provider", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ExternalHazelcastProvider/Main", + "title": "External Hazelcast Provider", + "properties": { + "ExternalHazelcastProvider": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ExternalHazelcastProvider" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/False.json b/schema/v11.2.2/assertions/False.json new file mode 100644 index 0000000..094d192 --- /dev/null +++ b/schema/v11.2.2/assertions/False.json @@ -0,0 +1,33 @@ +{ + "configName": "False", + "name": "Stop Processing", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/False", + "title": "Stop Processing", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/False/Main", + "title": "Stop Processing", + "properties": { + "False": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/False" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/FaultLevel.json b/schema/v11.2.2/assertions/FaultLevel.json new file mode 100644 index 0000000..7c2f807 --- /dev/null +++ b/schema/v11.2.2/assertions/FaultLevel.json @@ -0,0 +1,136 @@ +{ + "configName": "FaultLevel", + "name": "Customize SOAP Fault Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/FaultLevel", + "title": "Customize SOAP Fault Response", + "type": "object", + "properties": { + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "keyAlias": { + "type": "string" + }, + "levelInfo": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/soapFaultLevel" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "soap12": { + "type": "boolean", + "default": false + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/soapFaultLevel", + "properties": { + "alwaysReturnSoapFault": { + "type": "boolean", + "default": false + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "extraHeaders": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair" + } + }, + "faultTemplate": { + "type": "string" + }, + "faultTemplateContentType": { + "type": "string" + }, + "faultTemplateCustomContentType": { + "type": "string" + }, + "faultTemplateHttpStatus": { + "type": "string" + }, + "includePolicyDownloadURL": { + "type": "boolean", + "default": true + }, + "keyAlias": { + "type": "string" + }, + "level": { + "type": "integer", + "default": 2 + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "signSoapFault": { + "type": "boolean", + "default": false + }, + "useClientFault": { + "type": "boolean", + "default": false + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/FaultLevel/Main", + "title": "Customize SOAP Fault Response", + "properties": { + "FaultLevel": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/FaultLevel" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ForEachLoop.json b/schema/v11.2.2/assertions/ForEachLoop.json new file mode 100644 index 0000000..cd419de --- /dev/null +++ b/schema/v11.2.2/assertions/ForEachLoop.json @@ -0,0 +1,49 @@ +{ + "configName": "ForEachLoop", + "name": "Run Assertions for Each Item", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ForEachLoop", + "title": "Run Assertions for Each Item", + "type": "object", + "properties": { + "iterationLimit": { + "type": "integer", + "default": 0 + }, + "loopVariableName": { + "type": "string" + }, + "variablePrefix": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ForEachLoop/Main", + "title": "Run Assertions for Each Item", + "properties": { + "ForEachLoop": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ForEachLoop" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/FtpCredential.json b/schema/v11.2.2/assertions/FtpCredential.json new file mode 100644 index 0000000..c202a24 --- /dev/null +++ b/schema/v11.2.2/assertions/FtpCredential.json @@ -0,0 +1,33 @@ +{ + "configName": "FtpCredential", + "name": "Require FTP Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/FtpCredential", + "title": "Require FTP Credentials", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/FtpCredential/Main", + "title": "Require FTP Credentials", + "properties": { + "FtpCredential": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/FtpCredential" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/FtpRoutingAssertion.json b/schema/v11.2.2/assertions/FtpRoutingAssertion.json new file mode 100644 index 0000000..64a2644 --- /dev/null +++ b/schema/v11.2.2/assertions/FtpRoutingAssertion.json @@ -0,0 +1,186 @@ +{ + "configName": "FtpRoutingAssertion", + "name": "Route via FTP(S)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/FtpRoutingAssertion", + "title": "Route via FTP(S)", + "type": "object", + "properties": { + "arguments": { + "type": "string" + }, + "clientCertKeyAlias": { + "type": "string" + }, + "clientCertKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "commandFromVariable": { + "type": "boolean", + "default": false + }, + "credentialsSource": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/FtpRoutingAssertion:credentialsSource" + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 1 + }, + "directory": { + "type": "string" + }, + "failureMode": { + "type": "integer", + "default": 0 + }, + "ftpCommand": { + "type": "string", + "enum": [ + "APPE", + "STOR", + "STOU", + "RETR", + "LIST", + "MLSD", + "NLST", + "CDUP", + "CWD", + "DELE", + "MDTM", + "MLST", + "MKD", + "NOOP", + "PWD", + "RMD", + "SIZE" + ], + "default": "STOR" + }, + "ftpCommandVariable": { + "type": "string" + }, + "hostName": { + "type": "string" + }, + "password": { + "type": "string" + }, + "passwordGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "passwordUsesContextVariables": { + "type": "boolean", + "default": false + }, + "port": { + "type": "string", + "default": "21" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "responseByteLimit": { + "type": "string" + }, + "responseTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "security": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/FtpRoutingAssertion:security" + }, + "timeout": { + "type": "integer", + "default": 10000 + }, + "useClientCert": { + "type": "boolean", + "default": false + }, + "userName": { + "type": "string" + }, + "verifyServerCert": { + "type": "boolean", + "default": false + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/FtpRoutingAssertion:credentialsSource" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/FtpRoutingAssertion:security" + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/FtpRoutingAssertion/Main", + "title": "Route via FTP(S)", + "properties": { + "FtpRoutingAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/FtpRoutingAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GatewayGraphQL.json b/schema/v11.2.2/assertions/GatewayGraphQL.json new file mode 100644 index 0000000..9d475bc --- /dev/null +++ b/schema/v11.2.2/assertions/GatewayGraphQL.json @@ -0,0 +1,69 @@ +{ + "configName": "GatewayGraphQL", + "name": "GraphQL Manage Gateway", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GatewayGraphQL", + "title": "GraphQL Manage Gateway", + "type": "object", + "properties": { + "authzOption": { + "type": "string", + "enum": [ + "ADMINISTRATORS", + "ALL_USERS" + ], + "default": "ADMINISTRATORS" + }, + "checkAdmin": { + "type": "boolean", + "default": true + }, + "encPass": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "query": { + "type": "string" + }, + "queryOptions": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variables": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GatewayGraphQL/Main", + "title": "GraphQL Manage Gateway", + "properties": { + "GatewayGraphQL": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GatewayGraphQL" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GatewayManagement.json b/schema/v11.2.2/assertions/GatewayManagement.json new file mode 100644 index 0000000..ddd99da --- /dev/null +++ b/schema/v11.2.2/assertions/GatewayManagement.json @@ -0,0 +1,36 @@ +{ + "configName": "GatewayManagement", + "name": "Manage Gateway", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GatewayManagement", + "title": "Manage Gateway", + "type": "object", + "properties": { + "variablePrefix": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GatewayManagement/Main", + "title": "Manage Gateway", + "properties": { + "GatewayManagement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GatewayManagement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GatewayTelemetryDataProvider.json b/schema/v11.2.2/assertions/GatewayTelemetryDataProvider.json new file mode 100644 index 0000000..35c78dc --- /dev/null +++ b/schema/v11.2.2/assertions/GatewayTelemetryDataProvider.json @@ -0,0 +1,33 @@ +{ + "configName": "GatewayTelemetryDataProvider", + "name": "Gateway Telemetry Data Provider", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GatewayTelemetryDataProvider", + "title": "Gateway Telemetry Data Provider", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GatewayTelemetryDataProvider/Main", + "title": "Gateway Telemetry Data Provider", + "properties": { + "GatewayTelemetryDataProvider": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GatewayTelemetryDataProvider" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GenerateOAuthSignatureBaseString.json b/schema/v11.2.2/assertions/GenerateOAuthSignatureBaseString.json new file mode 100644 index 0000000..9ea4265 --- /dev/null +++ b/schema/v11.2.2/assertions/GenerateOAuthSignatureBaseString.json @@ -0,0 +1,97 @@ +{ + "configName": "GenerateOAuthSignatureBaseString", + "name": "Generate OAuth Signature Base String", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GenerateOAuthSignatureBaseString", + "title": "Generate OAuth Signature Base String", + "type": "object", + "properties": { + "allowCustomOAuthQueryParams": { + "type": "boolean", + "default": false + }, + "allowEmptyCallback": { + "type": "boolean", + "default": false + }, + "authorizationHeader": { + "type": "string", + "default": "${request.http.header.Authorization}" + }, + "httpMethod": { + "type": "string", + "default": "${request.http.method}" + }, + "oauthCallback": { + "type": "string" + }, + "oauthConsumerKey": { + "type": "string" + }, + "oauthSignatureMethod": { + "type": "string", + "default": "HMAC-SHA1" + }, + "oauthToken": { + "type": "string" + }, + "oauthVerifier": { + "type": "string" + }, + "queryString": { + "type": "string", + "default": "${request.url.query}" + }, + "requestUrl": { + "type": "string", + "default": "${request.url}" + }, + "usageMode": { + "type": "string", + "enum": [ + "CLIENT", + "SERVER" + ], + "default": "CLIENT" + }, + "useAuthorizationHeader": { + "type": "boolean", + "default": true + }, + "useMessageTarget": { + "type": "boolean", + "default": true + }, + "useOAuthVersion": { + "type": "boolean", + "default": true + }, + "variablePrefix": { + "type": "string", + "default": "oauth" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GenerateOAuthSignatureBaseString/Main", + "title": "Generate OAuth Signature Base String", + "properties": { + "GenerateOAuthSignatureBaseString": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GenerateOAuthSignatureBaseString" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GeneratePassword.json b/schema/v11.2.2/assertions/GeneratePassword.json new file mode 100644 index 0000000..6cd0c46 --- /dev/null +++ b/schema/v11.2.2/assertions/GeneratePassword.json @@ -0,0 +1,33 @@ +{ + "configName": "GeneratePassword", + "name": "Portal Generate Random Password", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GeneratePassword", + "title": "Portal Generate Random Password", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GeneratePassword/Main", + "title": "Portal Generate Random Password", + "properties": { + "GeneratePassword": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GeneratePassword" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GenerateSecurityHash.json b/schema/v11.2.2/assertions/GenerateSecurityHash.json new file mode 100644 index 0000000..616668d --- /dev/null +++ b/schema/v11.2.2/assertions/GenerateSecurityHash.json @@ -0,0 +1,58 @@ +{ + "configName": "GenerateSecurityHash", + "name": "Generate Security Hash", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GenerateSecurityHash", + "title": "Generate Security Hash", + "type": "object", + "properties": { + "algorithm": { + "type": "string", + "default": "HMAC-SHA1" + }, + "base64Data": { + "type": "string" + }, + "keyText": { + "type": "string" + }, + "lineBreak": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/lineBreak" + }, + "targetOutputVariable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/lineBreak", + "enum": [ + "LF", + "CR", + "CR-LF" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GenerateSecurityHash/Main", + "title": "Generate Security Hash", + "properties": { + "GenerateSecurityHash": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GenerateSecurityHash" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GenericIdentityManagementService.json b/schema/v11.2.2/assertions/GenericIdentityManagementService.json new file mode 100644 index 0000000..e6b1b4d --- /dev/null +++ b/schema/v11.2.2/assertions/GenericIdentityManagementService.json @@ -0,0 +1,33 @@ +{ + "configName": "GenericIdentityManagementService", + "name": "Generic Identity Management Service", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GenericIdentityManagementService", + "title": "Generic Identity Management Service", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GenericIdentityManagementService/Main", + "title": "Generic Identity Management Service", + "properties": { + "GenericIdentityManagementService": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GenericIdentityManagementService" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GetApiIncrement.json b/schema/v11.2.2/assertions/GetApiIncrement.json new file mode 100644 index 0000000..f62b3c4 --- /dev/null +++ b/schema/v11.2.2/assertions/GetApiIncrement.json @@ -0,0 +1,33 @@ +{ + "configName": "GetApiIncrement", + "name": "Portal Get Api V2 Sync", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GetApiIncrement", + "title": "Portal Get Api V2 Sync", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GetApiIncrement/Main", + "title": "Portal Get Api V2 Sync", + "properties": { + "GetApiIncrement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GetApiIncrement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GetIncrement.json b/schema/v11.2.2/assertions/GetIncrement.json new file mode 100644 index 0000000..177430e --- /dev/null +++ b/schema/v11.2.2/assertions/GetIncrement.json @@ -0,0 +1,33 @@ +{ + "configName": "GetIncrement", + "name": "Portal Get Incremental Update", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GetIncrement", + "title": "Portal Get Incremental Update", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GetIncrement/Main", + "title": "Portal Get Incremental Update", + "properties": { + "GetIncrement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GetIncrement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GraphQLExtractValue.json b/schema/v11.2.2/assertions/GraphQLExtractValue.json new file mode 100644 index 0000000..e6d9eb3 --- /dev/null +++ b/schema/v11.2.2/assertions/GraphQLExtractValue.json @@ -0,0 +1,55 @@ +{ + "configName": "GraphQLExtractValue", + "name": "Extract GraphQL Argument", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GraphQLExtractValue", + "title": "Extract GraphQL Argument", + "type": "object", + "properties": { + "argumentPattern": { + "type": "string" + }, + "expression": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variable": { + "type": "string", + "default": "extractedValue" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GraphQLExtractValue/Main", + "title": "Extract GraphQL Argument", + "properties": { + "GraphQLExtractValue": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GraphQLExtractValue" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/GraphQLSchemaValidation.json b/schema/v11.2.2/assertions/GraphQLSchemaValidation.json new file mode 100644 index 0000000..db4e4d7 --- /dev/null +++ b/schema/v11.2.2/assertions/GraphQLSchemaValidation.json @@ -0,0 +1,108 @@ +{ + "configName": "GraphQLSchemaValidation", + "name": "Validate GraphQL Schema", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/GraphQLSchemaValidation", + "title": "Validate GraphQL Schema", + "type": "object", + "properties": { + "allowMutationsEnabled": { + "type": "boolean", + "default": true + }, + "maxNestingDepth": { + "type": "string", + "default": "100" + }, + "maxNestingDepthEnabled": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "resourceInfo": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo", + "anyOf": [ + { + "type": "object", + "properties": { + "document": { + "type": "string" + }, + "originalUrl": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "url": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "id": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "allowMessagesWithoutUrl": { + "type": "boolean", + "default": false + }, + "urlRegexes": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/GraphQLSchemaValidation/Main", + "title": "Validate GraphQL Schema", + "properties": { + "GraphQLSchemaValidation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/GraphQLSchemaValidation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HandleErrors.json b/schema/v11.2.2/assertions/HandleErrors.json new file mode 100644 index 0000000..7639755 --- /dev/null +++ b/schema/v11.2.2/assertions/HandleErrors.json @@ -0,0 +1,47 @@ +{ + "configName": "HandleErrors", + "name": "Handle Errors", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HandleErrors", + "title": "Handle Errors", + "type": "object", + "properties": { + "includeIOException": { + "type": "boolean", + "default": false + }, + "variablePrefix": { + "type": "string", + "default": "handleError" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HandleErrors/Main", + "title": "Handle Errors", + "properties": { + "HandleErrors": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HandleErrors" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HardcodedResponse.json b/schema/v11.2.2/assertions/HardcodedResponse.json new file mode 100644 index 0000000..d282ffb --- /dev/null +++ b/schema/v11.2.2/assertions/HardcodedResponse.json @@ -0,0 +1,71 @@ +{ + "configName": "HardcodedResponse", + "name": "Return Template Response to Requestor", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HardcodedResponse", + "title": "Return Template Response to Requestor", + "type": "object", + "properties": { + "body": { + "type": "string", + "default": "" + }, + "contentType": { + "type": "string", + "default": "text/xml; charset=UTF-8" + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "earlyResponse": { + "type": "boolean", + "default": false + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "status": { + "type": "string", + "default": "200" + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HardcodedResponse/Main", + "title": "Return Template Response to Requestor", + "properties": { + "HardcodedResponse": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HardcodedResponse" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HtmlFormData.json b/schema/v11.2.2/assertions/HtmlFormData.json new file mode 100644 index 0000000..1c3b6c3 --- /dev/null +++ b/schema/v11.2.2/assertions/HtmlFormData.json @@ -0,0 +1,97 @@ +{ + "configName": "HtmlFormData", + "name": "Validate HTML Form Data", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HtmlFormData", + "title": "Validate HTML Form Data", + "type": "object", + "properties": { + "allowGet": { + "type": "boolean", + "default": false + }, + "allowPost": { + "type": "boolean", + "default": false + }, + "disallowOtherFields": { + "type": "boolean", + "default": false + }, + "fieldSpecs": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/htmlFormDataAssertion$FieldSpec" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/htmlFormDataAssertion$FieldSpec", + "properties": { + "allowEmpty": { + "type": "boolean" + }, + "allowedLocation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/htmlFormDataLocation", + "default": "anywhere" + }, + "dataType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/htmlFormDataType" + }, + "maxOccurs": { + "type": "integer", + "default": 0 + }, + "minOccurs": { + "type": "integer", + "default": 0 + }, + "name": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/htmlFormDataLocation", + "enum": [ + "anywhere", + "requestUrl", + "requestBody" + ] + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/htmlFormDataType", + "enum": [ + "any", + "number", + "file", + "string" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HtmlFormData/Main", + "title": "Validate HTML Form Data", + "properties": { + "HtmlFormData": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HtmlFormData" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Http2Routing.json b/schema/v11.2.2/assertions/Http2Routing.json new file mode 100644 index 0000000..bd83d37 --- /dev/null +++ b/schema/v11.2.2/assertions/Http2Routing.json @@ -0,0 +1,145 @@ +{ + "configName": "Http2Routing", + "name": "Route via HTTP/2", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Http2Routing", + "title": "Route via HTTP/2", + "type": "object", + "properties": { + "authenticationType": { + "type": "string", + "default": "Passthrough" + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "failOnErrorStatus": { + "type": "boolean", + "default": true + }, + "forceIncludeRequestBody": { + "type": "boolean", + "default": false + }, + "gzipEncodeDownstream": { + "type": "boolean", + "default": false + }, + "http2ClientConfigGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "http2ClientConfigName": { + "type": "string" + }, + "httpMethod": { + "type": "string", + "enum": [ + "GET", + "POST", + "PUT", + "PATCH", + "DELETE", + "HEAD", + "OPTIONS", + "OTHER" + ] + }, + "httpMethodAsString": { + "type": "string" + }, + "keyAlias": { + "type": "string" + }, + "login": { + "type": "string" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "overrideContentType": { + "type": "boolean", + "default": false + }, + "password": { + "type": "string" + }, + "protectedServiceUrl": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestMsgSrc": { + "type": "string" + }, + "responseMsgDest": { + "type": "string" + }, + "responseSize": { + "type": "string" + }, + "userAgent": { + "type": "string" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "usesNoKey": { + "type": "boolean", + "default": false + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Http2Routing/Main", + "title": "Route via HTTP/2", + "properties": { + "Http2Routing": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Http2Routing" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Http2Transport.json b/schema/v11.2.2/assertions/Http2Transport.json new file mode 100644 index 0000000..5b7d6d1 --- /dev/null +++ b/schema/v11.2.2/assertions/Http2Transport.json @@ -0,0 +1,33 @@ +{ + "configName": "Http2Transport", + "name": "Http2Transport", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Http2Transport", + "title": "Http2Transport", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Http2Transport/Main", + "title": "Http2Transport", + "properties": { + "Http2Transport": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Http2Transport" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HttpBasic.json b/schema/v11.2.2/assertions/HttpBasic.json new file mode 100644 index 0000000..b40b637 --- /dev/null +++ b/schema/v11.2.2/assertions/HttpBasic.json @@ -0,0 +1,36 @@ +{ + "configName": "HttpBasic", + "name": "Require HTTP Basic Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpBasic", + "title": "Require HTTP Basic Credentials", + "type": "object", + "properties": { + "realm": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpBasic/Main", + "title": "Require HTTP Basic Credentials", + "properties": { + "HttpBasic": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HttpBasic" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HttpDigest.json b/schema/v11.2.2/assertions/HttpDigest.json new file mode 100644 index 0000000..ea02421 --- /dev/null +++ b/schema/v11.2.2/assertions/HttpDigest.json @@ -0,0 +1,44 @@ +{ + "configName": "HttpDigest", + "name": "Require HTTP Digest Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpDigest", + "title": "Require HTTP Digest Credentials", + "type": "object", + "properties": { + "maxNonceCount": { + "type": "integer", + "default": 30 + }, + "nonceTimeout": { + "type": "integer", + "default": 1800000 + }, + "realm": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpDigest/Main", + "title": "Require HTTP Digest Credentials", + "properties": { + "HttpDigest": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HttpDigest" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HttpFormPost.json b/schema/v11.2.2/assertions/HttpFormPost.json new file mode 100644 index 0000000..90b4ec3 --- /dev/null +++ b/schema/v11.2.2/assertions/HttpFormPost.json @@ -0,0 +1,51 @@ +{ + "configName": "HttpFormPost", + "name": "Translate HTTP Form to MIME", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpFormPost", + "title": "Translate HTTP Form to MIME", + "type": "object", + "properties": { + "fieldInfos": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpFormPost$FieldInfo" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpFormPost$FieldInfo", + "properties": { + "contentType": { + "type": "string" + }, + "fieldname": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpFormPost/Main", + "title": "Translate HTTP Form to MIME", + "properties": { + "HttpFormPost": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HttpFormPost" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HttpNegotiate.json b/schema/v11.2.2/assertions/HttpNegotiate.json new file mode 100644 index 0000000..621612e --- /dev/null +++ b/schema/v11.2.2/assertions/HttpNegotiate.json @@ -0,0 +1,36 @@ +{ + "configName": "HttpNegotiate", + "name": "Require Windows Integrated Authentication Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpNegotiate", + "title": "Require Windows Integrated Authentication Credentials", + "type": "object", + "properties": { + "realm": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpNegotiate/Main", + "title": "Require Windows Integrated Authentication Credentials", + "properties": { + "HttpNegotiate": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HttpNegotiate" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/HttpRouting.json b/schema/v11.2.2/assertions/HttpRouting.json new file mode 100644 index 0000000..190e9b1 --- /dev/null +++ b/schema/v11.2.2/assertions/HttpRouting.json @@ -0,0 +1,335 @@ +{ + "configName": "HttpRouting", + "name": "Route via HTTP(S)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpRouting", + "title": "Route via HTTP(S)", + "type": "object", + "properties": { + "attachSamlSenderVouches": { + "type": "boolean", + "default": false + }, + "authOauthTokenVar": { + "type": "string" + }, + "authOauthVersion": { + "type": "string" + }, + "bufferDisabled": { + "type": "boolean", + "default": false + }, + "connectionTimeout": { + "type": "string" + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "customIpAddresses": { + "type": "array", + "items": { + "type": "string" + } + }, + "customURLs": { + "type": "array", + "items": { + "type": "string" + } + }, + "dynamicCertificateVariable": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string" + }, + "failOnErrorStatus": { + "type": "boolean", + "default": true + }, + "failoverStrategyName": { + "type": "string", + "default": "ordered" + }, + "followRedirects": { + "type": "boolean", + "default": false + }, + "forceIncludeRequestBody": { + "type": "boolean", + "default": false + }, + "gzipEncodeDownstream": { + "type": "boolean", + "default": false + }, + "httpMethod": { + "type": "string", + "enum": [ + "GET", + "POST", + "PUT", + "PATCH", + "DELETE", + "HEAD", + "OPTIONS", + "OTHER" + ] + }, + "httpMethodAsString": { + "type": "string" + }, + "httpVersion": { + "type": "string", + "enum": [ + "HTTP_VERSION_1_0", + "HTTP_VERSION_1_1" + ] + }, + "keyAlias": { + "type": "string" + }, + "krbConfiguredAccount": { + "type": "string" + }, + "krbConfiguredPassword": { + "type": "string" + }, + "krbDelegatedAuthentication": { + "type": "boolean", + "default": false + }, + "krbUseGatewayKeytab": { + "type": "boolean", + "default": false + }, + "login": { + "type": "string" + }, + "maxConnections": { + "type": "integer", + "default": -1 + }, + "maxDurationEnabled": { + "type": "boolean", + "default": false + }, + "maxDurationTimeout": { + "type": "string" + }, + "maxRetries": { + "type": "integer", + "default": -1 + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "ntlmHost": { + "type": "string" + }, + "omitAuthHeaderConnectReuse": { + "type": "boolean", + "default": false + }, + "omitAuthHeaderConnectReuseSystemDefault": { + "type": "boolean" + }, + "omitHostHeader": { + "type": "boolean", + "default": false + }, + "overrideContentType": { + "type": "boolean", + "default": false + }, + "passThroughSoapFaults": { + "type": "boolean", + "default": true + }, + "passthroughHttpAuthentication": { + "type": "boolean", + "default": false + }, + "password": { + "type": "string" + }, + "protectedServiceUrl": { + "type": "string" + }, + "proxyHost": { + "type": "string" + }, + "proxyPassword": { + "type": ["null", "string"], + "default": "" + }, + "proxyPort": { + "type": "string", + "default": "-1" + }, + "proxyUsername": { + "type": ["null", "string"], + "default": "" + }, + "realm": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestHeaderRules": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpPassthroughRuleSet" + }, + "requestMsgSrc": { + "type": "string" + }, + "requestParamRules": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpPassthroughRuleSet" + }, + "responseHeaderRules": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpPassthroughRuleSet" + }, + "responseMsgDest": { + "type": "string" + }, + "responseSize": { + "type": "string" + }, + "samlAssertionExpiry": { + "type": "integer", + "default": 5 + }, + "samlAssertionVersion": { + "type": "integer", + "default": 1 + }, + "taiCredentialChaining": { + "type": "boolean", + "default": false + }, + "timeout": { + "type": "string" + }, + "tlsCipherSuites": { + "type": "string" + }, + "tlsTrustedCertGoids": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + } + }, + "tlsTrustedCertNames": { + "type": "array", + "items": { + "type": "string" + } + }, + "tlsVersion": { + "type": "string" + }, + "useKeepAlives": { + "type": "boolean", + "default": true + }, + "useThumbprintInSamlSignature": { + "type": "boolean", + "default": false + }, + "useThumbprintInSamlSubject": { + "type": "boolean", + "default": false + }, + "userAgent": { + "type": "string" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "usesNoKey": { + "type": "boolean", + "default": false + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpPassthroughRuleSet", + "properties": { + "forwardAll": { + "type": "boolean", + "default": false + }, + "rules": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpPassthroughRule" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/httpPassthroughRule", + "properties": { + "customizeValue": { + "type": "string" + }, + "name": { + "type": "string" + }, + "usesCustomizedValue": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/HttpRouting/Main", + "title": "Route via HTTP(S)", + "properties": { + "HttpRouting": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/HttpRouting" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/IcapAntivirusScanner.json b/schema/v11.2.2/assertions/IcapAntivirusScanner.json new file mode 100644 index 0000000..da87208 --- /dev/null +++ b/schema/v11.2.2/assertions/IcapAntivirusScanner.json @@ -0,0 +1,131 @@ +{ + "configName": "IcapAntivirusScanner", + "name": "Scan Using ICAP-Enabled Antivirus", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/IcapAntivirusScanner", + "title": "Scan Using ICAP-Enabled Antivirus", + "type": "object", + "properties": { + "cipherSuites": { + "type": "array", + "items": { + "type": "string" + } + }, + "connectionTimeout": { + "type": "string", + "default": "30" + }, + "continueOnVirusFound": { + "type": "boolean", + "default": false + }, + "failoverStrategy": { + "type": "string" + }, + "icapMethod": { + "type": "string", + "default": "RESPMOD" + }, + "icapServers": { + "type": "array", + "items": { + "type": "string" + } + }, + "maxMimeDepth": { + "type": "integer", + "default": 1 + }, + "originResourcePath": { + "type": "string", + "default": "/" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "parameters": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/IcapAntivirusScanner:parameter" + } + }, + "readTimeout": { + "type": "string", + "default": "30" + }, + "responseReadTimeout": { + "type": "string", + "default": "30" + }, + "serviceParameters": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "tlsProtocols": { + "type": "array", + "items": { + "type": "string" + } + }, + "useTls": { + "type": "boolean", + "default": false + }, + "variablePrefix": { + "type": "string", + "default": "icap.response" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/IcapAntivirusScanner:parameter", + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/IcapAntivirusScanner/Main", + "title": "Scan Using ICAP-Enabled Antivirus", + "properties": { + "IcapAntivirusScanner": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/IcapAntivirusScanner" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/IdentityAttributes.json b/schema/v11.2.2/assertions/IdentityAttributes.json new file mode 100644 index 0000000..469b945 --- /dev/null +++ b/schema/v11.2.2/assertions/IdentityAttributes.json @@ -0,0 +1,178 @@ +{ + "configName": "IdentityAttributes", + "name": "Extract Attributes for Authenticated User", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/IdentityAttributes", + "title": "Extract Attributes for Authenticated User", + "type": "object", + "properties": { + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "lookupAttributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/IdentityAttributes:identityMapping" + } + }, + "variablePrefix": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/IdentityAttributes:identityMapping", + "properties": { + "attributeConfig": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/IdentityAttributes:attributeConfig" + }, + "customAttributeName": { + "type": "string" + }, + "goid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "id": { + "type": "string" + }, + "multivalued": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "providerOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "searchable": { + "type": "boolean" + }, + "unique": { + "type": "boolean" + }, + "validForGroups": { + "type": "boolean" + }, + "validForUsers": { + "type": "boolean" + }, + "version": { + "type": "integer" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/IdentityAttributes:attributeConfig", + "properties": { + "description": { + "type": "string" + }, + "goid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "header": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/attributeHeader" + }, + "id": { + "type": "string", + "default": "0000000000000000ffffffffffffffff" + }, + "name": { + "type": "string" + }, + "variableName": { + "type": "string" + }, + "version": { + "type": "integer", + "default": 0 + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/attributeHeader", + "properties": { + "description": { + "type": "string" + }, + "goid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "id": { + "type": "string", + "default": "0000000000000000ffffffffffffffff" + }, + "name": { + "type": "string" + }, + "type": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType" + }, + "usersOrGroups": { + "type": "string", + "enum": [ + "USERS", + "GROUPS", + "BOTH" + ] + }, + "variableName": { + "type": "string" + }, + "version": { + "type": "integer", + "default": 0 + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType", + "enum": [ + "string", + "cert", + "int", + "decimal", + "float", + "xml", + "boolean", + "binary", + "dateTime", + "message", + "blob", + "clob", + "other" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/IdentityAttributes/Main", + "title": "Extract Attributes for Authenticated User", + "properties": { + "IdentityAttributes": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/IdentityAttributes" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Include.json b/schema/v11.2.2/assertions/Include.json new file mode 100644 index 0000000..e02430c --- /dev/null +++ b/schema/v11.2.2/assertions/Include.json @@ -0,0 +1,42 @@ +{ + "configName": "Include", + "name": "Include Policy Fragment", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Include", + "title": "Include Policy Fragment", + "type": "object", + "properties": { + "policyGuid": { + "type": "string" + }, + "policyName": { + "type": "string" + }, + "policyOid": { + "type": "number" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Include/Main", + "title": "Include Policy Fragment", + "properties": { + "Include": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Include" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/IncrementPostBack.json b/schema/v11.2.2/assertions/IncrementPostBack.json new file mode 100644 index 0000000..802cb05 --- /dev/null +++ b/schema/v11.2.2/assertions/IncrementPostBack.json @@ -0,0 +1,33 @@ +{ + "configName": "IncrementPostBack", + "name": "Portal Incremental Sync Postback Update", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/IncrementPostBack", + "title": "Portal Incremental Sync Postback Update", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/IncrementPostBack/Main", + "title": "Portal Incremental Sync Postback Update", + "properties": { + "IncrementPostBack": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/IncrementPostBack" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/IndexLookupByItem.json b/schema/v11.2.2/assertions/IndexLookupByItem.json new file mode 100644 index 0000000..b9a4bfb --- /dev/null +++ b/schema/v11.2.2/assertions/IndexLookupByItem.json @@ -0,0 +1,46 @@ +{ + "configName": "IndexLookupByItem", + "name": "Look Up Item by Value", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/IndexLookupByItem", + "title": "Look Up Item by Value", + "type": "object", + "properties": { + "allowMultipleMatches": { + "type": "boolean", + "default": false + }, + "multivaluedVariableName": { + "type": "string" + }, + "outputVariableName": { + "type": "string" + }, + "valueToSearchForVariableName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/IndexLookupByItem/Main", + "title": "Look Up Item by Value", + "properties": { + "IndexLookupByItem": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/IndexLookupByItem" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/InverseHttpFormPost.json b/schema/v11.2.2/assertions/InverseHttpFormPost.json new file mode 100644 index 0000000..56a9b18 --- /dev/null +++ b/schema/v11.2.2/assertions/InverseHttpFormPost.json @@ -0,0 +1,39 @@ +{ + "configName": "InverseHttpFormPost", + "name": "Translate MIME to HTTP Form", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/InverseHttpFormPost", + "title": "Translate MIME to HTTP Form", + "type": "object", + "properties": { + "fieldNames": { + "type": "array", + "items": { + "type": "string" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/InverseHttpFormPost/Main", + "title": "Translate MIME to HTTP Form", + "properties": { + "InverseHttpFormPost": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/InverseHttpFormPost" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ItemLookupByIndex.json b/schema/v11.2.2/assertions/ItemLookupByIndex.json new file mode 100644 index 0000000..2eff6ee --- /dev/null +++ b/schema/v11.2.2/assertions/ItemLookupByIndex.json @@ -0,0 +1,48 @@ +{ + "configName": "ItemLookupByIndex", + "name": "Look Up Item by Index Position", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ItemLookupByIndex", + "title": "Look Up Item by Index Position", + "type": "object", + "properties": { + "allowMultipleMatches": { + "type": "boolean", + "default": false + }, + "indexValue": { + "type": "string", + "default": "0" + }, + "multivaluedVariableName": { + "type": "string" + }, + "outputVariableName": { + "type": "string", + "default": "output" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ItemLookupByIndex/Main", + "title": "Look Up Item by Index Position", + "properties": { + "ItemLookupByIndex": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ItemLookupByIndex" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JSONSchema.json b/schema/v11.2.2/assertions/JSONSchema.json new file mode 100644 index 0000000..8d11f3e --- /dev/null +++ b/schema/v11.2.2/assertions/JSONSchema.json @@ -0,0 +1,103 @@ +{ + "configName": "JSONSchema", + "name": "Validate JSON Schema", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JSONSchema", + "title": "Validate JSON Schema", + "type": "object", + "properties": { + "jsonSchemaVersion": { + "type": "string", + "enum": [ + "DRAFT_V4" + ], + "default": "DRAFT_V4" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "resourceInfo": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo", + "anyOf": [ + { + "type": "object", + "properties": { + "document": { + "type": "string" + }, + "originalUrl": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "url": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "id": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "allowMessagesWithoutUrl": { + "type": "boolean", + "default": false + }, + "urlRegexes": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JSONSchema/Main", + "title": "Validate JSON Schema", + "properties": { + "JSONSchema": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JSONSchema" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JavaScript.json b/schema/v11.2.2/assertions/JavaScript.json new file mode 100644 index 0000000..01dd7a4 --- /dev/null +++ b/schema/v11.2.2/assertions/JavaScript.json @@ -0,0 +1,46 @@ +{ + "configName": "JavaScript", + "name": "Execute JavaScript", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JavaScript", + "title": "Execute JavaScript", + "type": "object", + "properties": { + "executionTimeout": { + "type": "string" + }, + "name": { + "type": "string" + }, + "script": { + "type": "string" + }, + "strictModeEnabled": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JavaScript/Main", + "title": "Execute JavaScript", + "properties": { + "JavaScript": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JavaScript" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JdbcQuery.json b/schema/v11.2.2/assertions/JdbcQuery.json new file mode 100644 index 0000000..8242b73 --- /dev/null +++ b/schema/v11.2.2/assertions/JdbcQuery.json @@ -0,0 +1,87 @@ +{ + "configName": "JdbcQuery", + "name": "Perform JDBC Query", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JdbcQuery", + "title": "Perform JDBC Query", + "type": "object", + "properties": { + "assertionFailureEnabled": { + "type": "boolean", + "default": true + }, + "connectionName": { + "type": "string" + }, + "convertVariablesToStrings": { + "type": "boolean", + "default": true + }, + "generateXmlResult": { + "type": "boolean", + "default": false + }, + "maxRecords": { + "type": "integer", + "default": 10 + }, + "namingMap": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "queryName": { + "type": "string", + "default": "" + }, + "queryTimeout": { + "type": "string" + }, + "resolveAsObjectList": { + "type": "array", + "items": { + "type": "string" + } + }, + "saveResultsAsContextVariables": { + "type": "boolean", + "default": true + }, + "schema": { + "type": "string" + }, + "sqlQuery": { + "type": "string" + }, + "variablePrefix": { + "type": "string", + "default": "jdbcQuery" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JdbcQuery/Main", + "title": "Perform JDBC Query", + "properties": { + "JdbcQuery": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JdbcQuery" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JmsRouting.json b/schema/v11.2.2/assertions/JmsRouting.json new file mode 100644 index 0000000..5173c59 --- /dev/null +++ b/schema/v11.2.2/assertions/JmsRouting.json @@ -0,0 +1,210 @@ +{ + "configName": "JmsRouting", + "name": "Route via JMS", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JmsRouting", + "title": "Route via JMS", + "type": "object", + "properties": { + "attachSamlSenderVouches": { + "type": "boolean", + "default": false + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "dynamicJmsRoutingProperties": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/jmsDynamicProperties" + }, + "endpointName": { + "type": "string" + }, + "endpointOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestDeliveryMode": { + "type": "string", + "enum": [ + "PERSISTENT", + "NON_PERSISTENT" + ] + }, + "requestJmsMessagePropertyRuleSet": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/jmsMessagePropertyRuleSet" + }, + "requestPriority": { + "type": "string" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "requestTimeToLive": { + "type": "string" + }, + "responseJmsMessagePropertyRuleSet": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/jmsMessagePropertyRuleSet" + }, + "responseSize": { + "type": "string" + }, + "responseTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "responseTimeout": { + "type": "string" + }, + "samlAssertionExpiry": { + "type": "integer", + "default": 5 + }, + "samlAssertionVersion": { + "type": "integer", + "default": 1 + }, + "useThumbprintInSamlSignature": { + "type": "boolean", + "default": false + }, + "useThumbprintInSamlSubject": { + "type": "boolean", + "default": false + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/jmsDynamicProperties", + "properties": { + "destPassword": { + "type": "string" + }, + "destQName": { + "type": "string" + }, + "destUserName": { + "type": "string" + }, + "icfName": { + "type": "string" + }, + "jndiPassword": { + "type": "string" + }, + "jndiUrl": { + "type": "string" + }, + "jndiUserName": { + "type": "string" + }, + "qcfName": { + "type": "string" + }, + "replytoQName": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/jmsMessagePropertyRuleSet", + "properties": { + "passThruAll": { + "type": "boolean", + "default": true + }, + "rules": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/jmsMessagePropertyRule" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/jmsMessagePropertyRule", + "properties": { + "customPattern": { + "type": "string" + }, + "name": { + "type": "string" + }, + "passThru": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JmsRouting/Main", + "title": "Route via JMS", + "properties": { + "JmsRouting": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JmsRouting" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Join.json b/schema/v11.2.2/assertions/Join.json new file mode 100644 index 0000000..499d3ad --- /dev/null +++ b/schema/v11.2.2/assertions/Join.json @@ -0,0 +1,43 @@ +{ + "configName": "Join", + "name": "Join Variable", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Join", + "title": "Join Variable", + "type": "object", + "properties": { + "inputVariable": { + "type": "string" + }, + "joinSubstring": { + "type": "string", + "default": "," + }, + "outputVariable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Join/Main", + "title": "Join Variable", + "properties": { + "Join": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Join" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JsonDocumentStructure.json b/schema/v11.2.2/assertions/JsonDocumentStructure.json new file mode 100644 index 0000000..4fe81c5 --- /dev/null +++ b/schema/v11.2.2/assertions/JsonDocumentStructure.json @@ -0,0 +1,85 @@ +{ + "configName": "JsonDocumentStructure", + "name": "Protect Against JSON Document Structure Threats", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JsonDocumentStructure", + "title": "Protect Against JSON Document Structure Threats", + "type": "object", + "properties": { + "checkArrayEntryCount": { + "type": "boolean", + "default": false + }, + "checkContainerDepth": { + "type": "boolean", + "default": true + }, + "checkEntryNameLength": { + "type": "boolean", + "default": false + }, + "checkObjectEntryCount": { + "type": "boolean", + "default": false + }, + "checkStringValueLength": { + "type": "boolean", + "default": false + }, + "maxArrayEntryCount": { + "type": "integer", + "default": 2048 + }, + "maxContainerDepth": { + "type": "integer", + "default": 4 + }, + "maxEntryNameLength": { + "type": "integer", + "default": 128 + }, + "maxObjectEntryCount": { + "type": "integer", + "default": 2048 + }, + "maxStringValueLength": { + "type": "integer", + "default": 16384 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JsonDocumentStructure/Main", + "title": "Protect Against JSON Document Structure Threats", + "properties": { + "JsonDocumentStructure": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JsonDocumentStructure" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JsonTransformation.json b/schema/v11.2.2/assertions/JsonTransformation.json new file mode 100644 index 0000000..cdda957 --- /dev/null +++ b/schema/v11.2.2/assertions/JsonTransformation.json @@ -0,0 +1,105 @@ +{ + "configName": "JsonTransformation", + "name": "Apply JSON Transformation", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JsonTransformation", + "title": "Apply JSON Transformation", + "type": "object", + "properties": { + "arrayForm": { + "type": "boolean", + "default": false + }, + "convention": { + "type": "string", + "enum": [ + "STANDARD", + "JSONML" + ], + "default": "STANDARD" + }, + "destinationMessageTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "prettyPrint": { + "type": "boolean", + "default": false + }, + "rootTagString": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "transformation": { + "type": "string", + "enum": [ + "XML_to_JSON", + "JSON_to_XML" + ], + "default": "XML_to_JSON" + }, + "useNumbersWhenPossible": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JsonTransformation/Main", + "title": "Apply JSON Transformation", + "properties": { + "JsonTransformation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JsonTransformation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JwtDecode.json b/schema/v11.2.2/assertions/JwtDecode.json new file mode 100644 index 0000000..41f443c --- /dev/null +++ b/schema/v11.2.2/assertions/JwtDecode.json @@ -0,0 +1,46 @@ +{ + "configName": "JwtDecode", + "name": "Decode JWT", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JwtDecode", + "title": "Decode JWT", + "type": "object", + "properties": { + "algorithmSecretLocation": { + "type": "integer", + "default": 0 + }, + "algorithmSecretValue": { + "type": "string" + }, + "incomingToken": { + "type": "string" + }, + "outputVariable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JwtDecode/Main", + "title": "Decode JWT", + "properties": { + "JwtDecode": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JwtDecode" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/JwtEncode.json b/schema/v11.2.2/assertions/JwtEncode.json new file mode 100644 index 0000000..02255b5 --- /dev/null +++ b/schema/v11.2.2/assertions/JwtEncode.json @@ -0,0 +1,61 @@ +{ + "configName": "JwtEncode", + "name": "Encode JWT", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/JwtEncode", + "title": "Encode JWT", + "type": "object", + "properties": { + "algorithmSecretLocation": { + "type": "integer", + "default": 0 + }, + "algorithmSecretValue": { + "type": "string" + }, + "jsonPayload": { + "type": "string" + }, + "jwtHeaderType": { + "type": "integer", + "default": 0 + }, + "jwtHeaderVariable": { + "type": "string", + "default": "" + }, + "outputVariable": { + "type": "string" + }, + "signatureSelected": { + "type": "integer", + "default": 0 + }, + "signatureValue": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/JwtEncode/Main", + "title": "Encode JWT", + "properties": { + "JwtEncode": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/JwtEncode" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KafkaConsumer.json b/schema/v11.2.2/assertions/KafkaConsumer.json new file mode 100644 index 0000000..994eb9c --- /dev/null +++ b/schema/v11.2.2/assertions/KafkaConsumer.json @@ -0,0 +1,33 @@ +{ + "configName": "KafkaConsumer", + "name": "Kafka Consumer", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KafkaConsumer", + "title": "Kafka Consumer", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KafkaConsumer/Main", + "title": "Kafka Consumer", + "properties": { + "KafkaConsumer": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KafkaConsumer" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KafkaRouting.json b/schema/v11.2.2/assertions/KafkaRouting.json new file mode 100644 index 0000000..80cbabf --- /dev/null +++ b/schema/v11.2.2/assertions/KafkaRouting.json @@ -0,0 +1,118 @@ +{ + "configName": "KafkaRouting", + "name": "Route via Kafka", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KafkaRouting", + "title": "Route via Kafka", + "type": "object", + "properties": { + "ackTimeout": { + "type": "string" + }, + "clientConfigGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "clientConfigName": { + "type": "string" + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "key": { + "type": "string" + }, + "partition": { + "type": "string" + }, + "passthroughHeaders": { + "type": "boolean", + "default": false + }, + "prefix": { + "type": "string", + "default": "kafkaRouting" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "topic": { + "type": "string" + }, + "waitForAck": { + "type": "boolean", + "default": true + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KafkaRouting/Main", + "title": "Route via Kafka", + "properties": { + "KafkaRouting": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KafkaRouting" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KafkaTransact.json b/schema/v11.2.2/assertions/KafkaTransact.json new file mode 100644 index 0000000..69039c9 --- /dev/null +++ b/schema/v11.2.2/assertions/KafkaTransact.json @@ -0,0 +1,49 @@ +{ + "configName": "KafkaTransact", + "name": "Kafka Transact", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KafkaTransact", + "title": "Kafka Transact", + "anyOf": [ + { + "type": "array", + "items": { + "type": "object" + } + }, + { + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KafkaTransact/Main", + "title": "Kafka Transact", + "properties": { + "KafkaTransact": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KafkaTransact" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KerberosAuthentication.json b/schema/v11.2.2/assertions/KerberosAuthentication.json new file mode 100644 index 0000000..d84557f --- /dev/null +++ b/schema/v11.2.2/assertions/KerberosAuthentication.json @@ -0,0 +1,76 @@ +{ + "configName": "KerberosAuthentication", + "name": "Retrieve Kerberos Authentication Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KerberosAuthentication", + "title": "Retrieve Kerberos Authentication Credentials", + "type": "object", + "properties": { + "authenticatedUser": { + "type": "string" + }, + "krbConfiguredAccount": { + "type": "string" + }, + "krbDelegatedAuthentication": { + "type": "boolean", + "default": true + }, + "krbSecurePasswordReference": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "krbUseGatewayKeytab": { + "type": "boolean", + "default": true + }, + "lastAuthenticatedUser": { + "type": "boolean", + "default": false + }, + "realm": { + "type": "string" + }, + "s4U2Proxy": { + "type": "boolean", + "default": false + }, + "s4U2Self": { + "type": "boolean", + "default": false + }, + "servicePrincipalName": { + "type": "string" + }, + "userRealm": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KerberosAuthentication/Main", + "title": "Retrieve Kerberos Authentication Credentials", + "properties": { + "KerberosAuthentication": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KerberosAuthentication" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KeyValueLookup.json b/schema/v11.2.2/assertions/KeyValueLookup.json new file mode 100644 index 0000000..07dee56 --- /dev/null +++ b/schema/v11.2.2/assertions/KeyValueLookup.json @@ -0,0 +1,52 @@ +{ + "configName": "KeyValueLookup", + "name": "Look Up from Key Value Storage", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueLookup", + "title": "Look Up from Key Value Storage", + "type": "object", + "properties": { + "key": { + "type": "string", + "default": "${request.url}" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "storeId": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueLookup/Main", + "title": "Look Up from Key Value Storage", + "properties": { + "KeyValueLookup": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KeyValueLookup" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KeyValueRemove.json b/schema/v11.2.2/assertions/KeyValueRemove.json new file mode 100644 index 0000000..1575d96 --- /dev/null +++ b/schema/v11.2.2/assertions/KeyValueRemove.json @@ -0,0 +1,44 @@ +{ + "configName": "KeyValueRemove", + "name": "Remove from Key Value Storage", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueRemove", + "title": "Remove from Key Value Storage", + "type": "object", + "properties": { + "key": { + "type": "string", + "default": "${request.url}" + }, + "removeAllKeys": { + "type": "boolean", + "default": false + }, + "storeId": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueRemove/Main", + "title": "Remove from Key Value Storage", + "properties": { + "KeyValueRemove": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KeyValueRemove" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KeyValueStatistics.json b/schema/v11.2.2/assertions/KeyValueStatistics.json new file mode 100644 index 0000000..bf0a17b --- /dev/null +++ b/schema/v11.2.2/assertions/KeyValueStatistics.json @@ -0,0 +1,40 @@ +{ + "configName": "KeyValueStatistics", + "name": "Return Statistics of Key Value Storage", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueStatistics", + "title": "Return Statistics of Key Value Storage", + "type": "object", + "properties": { + "storeId": { + "type": "string" + }, + "targetVariableName": { + "type": "string", + "default": "response" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueStatistics/Main", + "title": "Return Statistics of Key Value Storage", + "properties": { + "KeyValueStatistics": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KeyValueStatistics" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/KeyValueStorage.json b/schema/v11.2.2/assertions/KeyValueStorage.json new file mode 100644 index 0000000..b8e2288 --- /dev/null +++ b/schema/v11.2.2/assertions/KeyValueStorage.json @@ -0,0 +1,59 @@ +{ + "configName": "KeyValueStorage", + "name": "Store to Key Value Storage", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueStorage", + "title": "Store to Key Value Storage", + "type": "object", + "properties": { + "continueOnError": { + "type": "boolean", + "default": true + }, + "key": { + "type": "string", + "default": "${request.url}" + }, + "maxAge": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "storeId": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/KeyValueStorage/Main", + "title": "Store to Key Value Storage", + "properties": { + "KeyValueStorage": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/KeyValueStorage" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/LDAPQuery.json b/schema/v11.2.2/assertions/LDAPQuery.json new file mode 100644 index 0000000..8fd7262 --- /dev/null +++ b/schema/v11.2.2/assertions/LDAPQuery.json @@ -0,0 +1,121 @@ +{ + "configName": "LDAPQuery", + "name": "Query LDAP", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/LDAPQuery", + "title": "Query LDAP", + "type": "object", + "properties": { + "allowMultipleResults": { + "type": "boolean", + "default": false + }, + "attrNames": { + "type": "array", + "items": { + "type": "string" + } + }, + "cachePeriod": { + "type": "number", + "default": 10 + }, + "cacheSize": { + "type": "integer", + "default": 0 + }, + "dnText": { + "type": "string" + }, + "enableCache": { + "type": "boolean", + "default": true + }, + "failIfNoResults": { + "type": "boolean", + "default": false + }, + "failIfTooManyResults": { + "type": "boolean", + "default": false + }, + "includeEmptyAttributes": { + "type": "boolean", + "default": false + }, + "ldapProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "maximumResults": { + "type": "integer", + "default": 0 + }, + "queryMappings": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LDAPQuery:mapping" + } + }, + "searchFilter": { + "type": "string" + }, + "searchFilterInjectionProtected": { + "type": "boolean", + "default": false + }, + "selectedScope": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LDAPQuery:mapping", + "properties": { + "attributeName": { + "type": "string" + }, + "failMultivalued": { + "type": "boolean", + "default": false + }, + "joinMultivalued": { + "type": "boolean", + "default": true + }, + "matchingContextVariableName": { + "type": "string" + }, + "multivalued": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LDAPQuery/Main", + "title": "Query LDAP", + "properties": { + "LDAPQuery": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LDAPQuery" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/LDAPUpdate.json b/schema/v11.2.2/assertions/LDAPUpdate.json new file mode 100644 index 0000000..08f3a2d --- /dev/null +++ b/schema/v11.2.2/assertions/LDAPUpdate.json @@ -0,0 +1,33 @@ +{ + "configName": "LDAPUpdate", + "name": "Manage API Portal LDAP", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/LDAPUpdate", + "title": "Manage API Portal LDAP", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LDAPUpdate/Main", + "title": "Manage API Portal LDAP", + "properties": { + "LDAPUpdate": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LDAPUpdate" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/LdapWrite.json b/schema/v11.2.2/assertions/LdapWrite.json new file mode 100644 index 0000000..df4da44 --- /dev/null +++ b/schema/v11.2.2/assertions/LdapWrite.json @@ -0,0 +1,75 @@ +{ + "configName": "LdapWrite", + "name": "Write LDAP", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/LdapWrite", + "title": "Write LDAP", + "type": "object", + "properties": { + "attributeList": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LdapWrite:attributeType" + } + }, + "changetype": { + "type": "string", + "enum": [ + "ADD", + "DELETE", + "MODIFY", + "MODRDN" + ] + }, + "dn": { + "type": "string" + }, + "ldapProviderId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "variablePrefix": { + "type": "string", + "default": "ldapWrite" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LdapWrite:attributeType", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LdapWrite/Main", + "title": "Write LDAP", + "properties": { + "LdapWrite": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LdapWrite" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/LookupApiKey.json b/schema/v11.2.2/assertions/LookupApiKey.json new file mode 100644 index 0000000..9cf4007 --- /dev/null +++ b/schema/v11.2.2/assertions/LookupApiKey.json @@ -0,0 +1,44 @@ +{ + "configName": "LookupApiKey", + "name": "Look Up API Key", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupApiKey", + "title": "Look Up API Key", + "type": "object", + "properties": { + "apiKey": { + "type": "string" + }, + "serviceId": { + "type": "string", + "default": "${service.oid}" + }, + "variablePrefix": { + "type": "string", + "default": "apiKeyRecord" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupApiKey/Main", + "title": "Look Up API Key", + "properties": { + "LookupApiKey": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LookupApiKey" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/LookupDynamicContextVariables.json b/schema/v11.2.2/assertions/LookupDynamicContextVariables.json new file mode 100644 index 0000000..086de50 --- /dev/null +++ b/schema/v11.2.2/assertions/LookupDynamicContextVariables.json @@ -0,0 +1,66 @@ +{ + "configName": "LookupDynamicContextVariables", + "name": "Look Up Context Variable", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupDynamicContextVariables", + "title": "Look Up Context Variable", + "type": "object", + "properties": { + "failOnNotFound": { + "type": "boolean", + "default": true + }, + "sourceVariable": { + "type": "string" + }, + "targetDataType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType" + }, + "targetOutputVariablePrefix": { + "type": "string", + "default": "lookup" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType", + "enum": [ + "string", + "cert", + "int", + "decimal", + "float", + "xml", + "boolean", + "binary", + "dateTime", + "message", + "blob", + "clob", + "other" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupDynamicContextVariables/Main", + "title": "Look Up Context Variable", + "properties": { + "LookupDynamicContextVariables": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LookupDynamicContextVariables" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/LookupOutboundSecureConversationSession.json b/schema/v11.2.2/assertions/LookupOutboundSecureConversationSession.json new file mode 100644 index 0000000..8bc586f --- /dev/null +++ b/schema/v11.2.2/assertions/LookupOutboundSecureConversationSession.json @@ -0,0 +1,52 @@ +{ + "configName": "LookupOutboundSecureConversationSession", + "name": "Look Up Outbound Secure Conversation Session", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupOutboundSecureConversationSession", + "title": "Look Up Outbound Secure Conversation Session", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "serviceUrl": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "scLookup" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupOutboundSecureConversationSession/Main", + "title": "Look Up Outbound Secure Conversation Session", + "properties": { + "LookupOutboundSecureConversationSession": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LookupOutboundSecureConversationSession" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/LookupTrustedCertificate.json b/schema/v11.2.2/assertions/LookupTrustedCertificate.json new file mode 100644 index 0000000..e909595 --- /dev/null +++ b/schema/v11.2.2/assertions/LookupTrustedCertificate.json @@ -0,0 +1,70 @@ +{ + "configName": "LookupTrustedCertificate", + "name": "Look Up Certificate", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupTrustedCertificate", + "title": "Look Up Certificate", + "type": "object", + "properties": { + "allowMultipleCertificates": { + "type": "boolean", + "default": true + }, + "certIssuerDn": { + "type": "string" + }, + "certSerialNumber": { + "type": "string" + }, + "certSubjectDn": { + "type": "string" + }, + "certSubjectKeyIdentifier": { + "type": "string" + }, + "certThumbprintSha1": { + "type": "string" + }, + "lookupType": { + "type": "string", + "enum": [ + "TRUSTED_CERT_NAME", + "CERT_SKI", + "CERT_THUMBPRINT_SHA1", + "CERT_ISSUER_SERIAL", + "CERT_SUBJECT_DN" + ], + "default": "TRUSTED_CERT_NAME" + }, + "trustedCertificateName": { + "type": "string" + }, + "variableName": { + "type": "string", + "default": "certificates" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/LookupTrustedCertificate/Main", + "title": "Look Up Certificate", + "properties": { + "LookupTrustedCertificate": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/LookupTrustedCertificate" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MTOMDecodeAssertion.json b/schema/v11.2.2/assertions/MTOMDecodeAssertion.json new file mode 100644 index 0000000..d8a7868 --- /dev/null +++ b/schema/v11.2.2/assertions/MTOMDecodeAssertion.json @@ -0,0 +1,86 @@ +{ + "configName": "MTOMDecodeAssertion", + "name": "Decode MTOM Message", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MTOMDecodeAssertion", + "title": "Decode MTOM Message", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "outputTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "processSecuredOnly": { + "type": "boolean", + "default": false + }, + "removePackaging": { + "type": "boolean", + "default": true + }, + "requireEncoded": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MTOMDecodeAssertion/Main", + "title": "Decode MTOM Message", + "properties": { + "MTOMDecodeAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MTOMDecodeAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MTOMEncodeAssertion.json b/schema/v11.2.2/assertions/MTOMEncodeAssertion.json new file mode 100644 index 0000000..a033387 --- /dev/null +++ b/schema/v11.2.2/assertions/MTOMEncodeAssertion.json @@ -0,0 +1,118 @@ +{ + "configName": "MTOMEncodeAssertion", + "name": "Encode to MTOM Format", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MTOMEncodeAssertion", + "title": "Encode to MTOM Format", + "type": "object", + "properties": { + "alwaysEncode": { + "type": "boolean", + "default": true + }, + "failIfNotFound": { + "type": "boolean", + "default": false + }, + "optimizationThreshold": { + "type": "integer", + "default": 0 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "outputTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "xpathExpressions": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MTOMEncodeAssertion/Main", + "title": "Encode to MTOM Format", + "properties": { + "MTOMEncodeAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MTOMEncodeAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MTOMValidateAssertion.json b/schema/v11.2.2/assertions/MTOMValidateAssertion.json new file mode 100644 index 0000000..5fca2e3 --- /dev/null +++ b/schema/v11.2.2/assertions/MTOMValidateAssertion.json @@ -0,0 +1,98 @@ +{ + "configName": "MTOMValidateAssertion", + "name": "Validate MTOM Message", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MTOMValidateAssertion", + "title": "Validate MTOM Message", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "requireEncoded": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "validationRules": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MTOMValidateAssertion:MTOMValidationRule" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MTOMValidateAssertion:MTOMValidationRule", + "properties": { + "count": { + "type": "integer", + "default": 0 + }, + "size": { + "type": "number", + "default": 0 + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MTOMValidateAssertion/Main", + "title": "Validate MTOM Message", + "properties": { + "MTOMValidateAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MTOMValidateAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ManageApiKey.json b/schema/v11.2.2/assertions/ManageApiKey.json new file mode 100644 index 0000000..3882182 --- /dev/null +++ b/schema/v11.2.2/assertions/ManageApiKey.json @@ -0,0 +1,48 @@ +{ + "configName": "ManageApiKey", + "name": "Manage API Keys", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ManageApiKey", + "title": "Manage API Keys", + "type": "object", + "properties": { + "action": { + "type": "string" + }, + "apiKey": { + "type": "string", + "default": "" + }, + "apiKeyElement": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "apikey" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ManageApiKey/Main", + "title": "Manage API Keys", + "properties": { + "ManageApiKey": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ManageApiKey" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ManageCookie.json b/schema/v11.2.2/assertions/ManageCookie.json new file mode 100644 index 0000000..d787f13 --- /dev/null +++ b/schema/v11.2.2/assertions/ManageCookie.json @@ -0,0 +1,99 @@ +{ + "configName": "ManageCookie", + "name": "Manage Cookie", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ManageCookie", + "title": "Manage Cookie", + "type": "object", + "properties": { + "cookieAttributes": { + "type": "object", + "patternProperties": { + ".*": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair" + } + } + }, + "cookieCriteria": { + "type": "object", + "patternProperties": { + ".*": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ManageCookie:cookieCriteria" + } + } + }, + "operation": { + "type": "string", + "enum": [ + "ADD", + "REMOVE", + "UPDATE", + "ADD_OR_REPLACE" + ], + "default": "ADD" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ManageCookie:cookieCriteria", + "properties": { + "key": { + "type": "string" + }, + "regex": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ManageCookie/Main", + "title": "Manage Cookie", + "properties": { + "ManageCookie": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ManageCookie" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ManagePortalResource.json b/schema/v11.2.2/assertions/ManagePortalResource.json new file mode 100644 index 0000000..bf59cdf --- /dev/null +++ b/schema/v11.2.2/assertions/ManagePortalResource.json @@ -0,0 +1,33 @@ +{ + "configName": "ManagePortalResource", + "name": "Manage API Portal Resources", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ManagePortalResource", + "title": "Manage API Portal Resources", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ManagePortalResource/Main", + "title": "Manage API Portal Resources", + "properties": { + "ManagePortalResource": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ManagePortalResource" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ManipulateMultiValuedVariable.json b/schema/v11.2.2/assertions/ManipulateMultiValuedVariable.json new file mode 100644 index 0000000..edbdeb6 --- /dev/null +++ b/schema/v11.2.2/assertions/ManipulateMultiValuedVariable.json @@ -0,0 +1,39 @@ +{ + "configName": "ManipulateMultiValuedVariable", + "name": "Manipulate Multivalued Variable", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ManipulateMultiValuedVariable", + "title": "Manipulate Multivalued Variable", + "type": "object", + "properties": { + "sourceVariableName": { + "type": "string" + }, + "targetVariableName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ManipulateMultiValuedVariable/Main", + "title": "Manipulate Multivalued Variable", + "properties": { + "ManipulateMultiValuedVariable": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ManipulateMultiValuedVariable" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MapValue.json b/schema/v11.2.2/assertions/MapValue.json new file mode 100644 index 0000000..002807d --- /dev/null +++ b/schema/v11.2.2/assertions/MapValue.json @@ -0,0 +1,57 @@ +{ + "configName": "MapValue", + "name": "Map Value", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MapValue", + "title": "Map Value", + "type": "object", + "properties": { + "inputExpr": { + "type": "string" + }, + "mappings": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair" + } + }, + "outputVar": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/nameValuePair", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MapValue/Main", + "title": "Map Value", + "properties": { + "MapValue": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MapValue" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MemberOfGroup.json b/schema/v11.2.2/assertions/MemberOfGroup.json new file mode 100644 index 0000000..9c99edf --- /dev/null +++ b/schema/v11.2.2/assertions/MemberOfGroup.json @@ -0,0 +1,62 @@ +{ + "configName": "MemberOfGroup", + "name": "Authenticate Group", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MemberOfGroup", + "title": "Authenticate User or Group", + "type": "object", + "properties": { + "groupId": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "identityTag": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MemberOfGroup/Main", + "title": "Authenticate User or Group", + "properties": { + "MemberOfGroup": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MemberOfGroup" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MessageBuffering.json b/schema/v11.2.2/assertions/MessageBuffering.json new file mode 100644 index 0000000..ae272cb --- /dev/null +++ b/schema/v11.2.2/assertions/MessageBuffering.json @@ -0,0 +1,53 @@ +{ + "configName": "MessageBuffering", + "name": "Configure Message Streaming", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MessageBuffering", + "title": "Configure Message Streaming", + "type": "object", + "properties": { + "alwaysBuffer": { + "type": "boolean", + "default": false + }, + "neverBuffer": { + "type": "boolean", + "default": true + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MessageBuffering/Main", + "title": "Configure Message Streaming", + "properties": { + "MessageBuffering": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MessageBuffering" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MessageContextAssertion.json b/schema/v11.2.2/assertions/MessageContextAssertion.json new file mode 100644 index 0000000..504be26 --- /dev/null +++ b/schema/v11.2.2/assertions/MessageContextAssertion.json @@ -0,0 +1,59 @@ +{ + "configName": "MessageContextAssertion", + "name": "Capture Identity of Requestor", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MessageContextAssertion", + "title": "Capture Identity of Requestor", + "type": "object", + "properties": { + "mappings": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MessageContextAssertion:mappingInfo" + } + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MessageContextAssertion:mappingInfo", + "properties": { + "key": { + "type": "string" + }, + "mappingType": { + "type": "string", + "enum": [ + "IP_ADDRESS", + "AUTH_USER", + "CUSTOM_MAPPING" + ] + }, + "value": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MessageContextAssertion/Main", + "title": "Capture Identity of Requestor", + "properties": { + "MessageContextAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MessageContextAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MqNativeRouting.json b/schema/v11.2.2/assertions/MqNativeRouting.json new file mode 100644 index 0000000..503cf6a --- /dev/null +++ b/schema/v11.2.2/assertions/MqNativeRouting.json @@ -0,0 +1,216 @@ +{ + "configName": "MqNativeRouting", + "name": "Route via MQ Native", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting", + "title": "Route via MQ Native", + "type": "object", + "properties": { + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "dynamicMqRoutingProperties": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting:mqDynamicProperties" + }, + "messageOptions": { + "type": "string" + }, + "messageOptionsUsed": { + "type": "boolean", + "default": false + }, + "openOptions": { + "type": "string" + }, + "openOptionsUsed": { + "type": "boolean", + "default": false + }, + "putMessageTimeout": { + "type": "string" + }, + "putToQueue": { + "type": "boolean", + "default": true + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestCopyHeaderToProperty": { + "type": "boolean", + "default": false + }, + "requestCopyPropertyToHeader": { + "type": "boolean", + "default": false + }, + "requestMessageAdvancedProperties": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "requestMqHeaderType": { + "type": "string", + "enum": [ + "ORIGINAL", + "MQRFH2", + "MQRFH1" + ], + "default": "ORIGINAL" + }, + "requestMqNativeMessagePropertyRuleSet": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting:mappingRuleSet" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "responseCopyHeaderToProperty": { + "type": "boolean", + "default": false + }, + "responseCopyPropertyToHeader": { + "type": "boolean", + "default": false + }, + "responseMessageAdvancedProperties": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "responseMqHeaderType": { + "type": "string", + "enum": [ + "ORIGINAL", + "MQRFH2", + "MQRFH1" + ], + "default": "ORIGINAL" + }, + "responseMqNativeMessagePropertyRuleSet": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting:mappingRuleSet" + }, + "responseSize": { + "type": "string" + }, + "responseTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "responseTimeout": { + "type": "string" + }, + "ssgActiveConnectorGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "ssgActiveConnectorId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "ssgActiveConnectorName": { + "type": "string" + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting:mqDynamicProperties", + "properties": { + "queueName": { + "type": "string" + }, + "replyToQueue": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting:mappingRuleSet", + "properties": { + "passThroughHeaders": { + "type": "boolean", + "default": true + }, + "passThroughMqMessageHeaders": { + "type": "boolean", + "default": true + }, + "passThroughMqMessageProperties": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting/Main", + "title": "Route via MQ Native", + "properties": { + "MqNativeRouting": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MqNativeRouting" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MqNativeSupport.json b/schema/v11.2.2/assertions/MqNativeSupport.json new file mode 100644 index 0000000..c2d15c8 --- /dev/null +++ b/schema/v11.2.2/assertions/MqNativeSupport.json @@ -0,0 +1,33 @@ +{ + "configName": "MqNativeSupport", + "name": "Mq Native Support", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MqNativeSupport", + "title": "Mq Native Support", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MqNativeSupport/Main", + "title": "Mq Native Support", + "properties": { + "MqNativeSupport": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MqNativeSupport" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MysqlClusterInfo.json b/schema/v11.2.2/assertions/MysqlClusterInfo.json new file mode 100644 index 0000000..3c596ec --- /dev/null +++ b/schema/v11.2.2/assertions/MysqlClusterInfo.json @@ -0,0 +1,33 @@ +{ + "configName": "MysqlClusterInfo", + "name": "Mysql Cluster Info", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MysqlClusterInfo", + "title": "Mysql Cluster Info", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MysqlClusterInfo/Main", + "title": "Mysql Cluster Info", + "properties": { + "MysqlClusterInfo": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MysqlClusterInfo" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/MysqlCounter.json b/schema/v11.2.2/assertions/MysqlCounter.json new file mode 100644 index 0000000..8489e1b --- /dev/null +++ b/schema/v11.2.2/assertions/MysqlCounter.json @@ -0,0 +1,33 @@ +{ + "configName": "MysqlCounter", + "name": "Mysql Counter", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/MysqlCounter", + "title": "Mysql Counter", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/MysqlCounter/Main", + "title": "Mysql Counter", + "properties": { + "MysqlCounter": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/MysqlCounter" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/NonSoapCheckVerifyResults.json b/schema/v11.2.2/assertions/NonSoapCheckVerifyResults.json new file mode 100644 index 0000000..c839c50 --- /dev/null +++ b/schema/v11.2.2/assertions/NonSoapCheckVerifyResults.json @@ -0,0 +1,98 @@ +{ + "configName": "NonSoapCheckVerifyResults", + "name": "(Non-SOAP) Check Results from XML Verification", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapCheckVerifyResults", + "title": "(Non-SOAP) Check Results from XML Verification", + "type": "object", + "properties": { + "allowMultipleSigners": { + "type": "boolean", + "default": false + }, + "gatherCertificateCredentials": { + "type": "boolean", + "default": true + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "permittedDigestMethodUris": { + "type": "array", + "items": { + "type": "string" + } + }, + "permittedSignatureMethodUris": { + "type": "array", + "items": { + "type": "string" + } + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapCheckVerifyResults/Main", + "title": "(Non-SOAP) Check Results from XML Verification", + "properties": { + "NonSoapCheckVerifyResults": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/NonSoapCheckVerifyResults" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/NonSoapDecryptElement.json b/schema/v11.2.2/assertions/NonSoapDecryptElement.json new file mode 100644 index 0000000..5e09236 --- /dev/null +++ b/schema/v11.2.2/assertions/NonSoapDecryptElement.json @@ -0,0 +1,82 @@ +{ + "configName": "NonSoapDecryptElement", + "name": "(Non-SOAP) Decrypt XML Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapDecryptElement", + "title": "(Non-SOAP) Decrypt XML Element", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "reportContentsOnly": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapDecryptElement/Main", + "title": "(Non-SOAP) Decrypt XML Element", + "properties": { + "NonSoapDecryptElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/NonSoapDecryptElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/NonSoapEncryptElement.json b/schema/v11.2.2/assertions/NonSoapEncryptElement.json new file mode 100644 index 0000000..17aff83 --- /dev/null +++ b/schema/v11.2.2/assertions/NonSoapEncryptElement.json @@ -0,0 +1,103 @@ +{ + "configName": "NonSoapEncryptElement", + "name": "(Non-SOAP) Encrypt XML Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapEncryptElement", + "title": "(Non-SOAP) Encrypt XML Element", + "type": "object", + "properties": { + "encryptContentsOnly": { + "type": "boolean", + "default": false + }, + "encryptedDataTypeAttribute": { + "type": "string", + "default": "http://www.w3.org/2001/04/xmlenc#Element" + }, + "encryptedKeyRecipientAttribute": { + "type": "string" + }, + "includeEncryptedDataTypeAttribute": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientCertContextVariableName": { + "type": "string" + }, + "recipientCertificateBase64": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "useOaep": { + "type": "boolean", + "default": false + }, + "xencAlgorithm": { + "type": "string", + "default": "http://www.w3.org/2001/04/xmlenc#aes128-cbc" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapEncryptElement/Main", + "title": "(Non-SOAP) Encrypt XML Element", + "properties": { + "NonSoapEncryptElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/NonSoapEncryptElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/NonSoapSignElement.json b/schema/v11.2.2/assertions/NonSoapSignElement.json new file mode 100644 index 0000000..b749d65 --- /dev/null +++ b/schema/v11.2.2/assertions/NonSoapSignElement.json @@ -0,0 +1,127 @@ +{ + "configName": "NonSoapSignElement", + "name": "(Non-SOAP) Sign XML Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapSignElement", + "title": "(Non-SOAP) Sign XML Element", + "type": "object", + "properties": { + "certificateDigestAlgName": { + "type": "string" + }, + "customIdAttributeQname": { + "type": "string" + }, + "detachedSignatureVariableName": { + "type": "string" + }, + "digestAlgName": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "forceEnvelopedTransform": { + "type": "boolean", + "default": false + }, + "keyAlias": { + "type": "string" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "refDigestAlgName": { + "type": "string" + }, + "signatureLocation": { + "type": "string", + "enum": [ + "FIRST_CHILD", + "LAST_CHILD" + ], + "default": "LAST_CHILD" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "xAdESEnabled": { + "type": "boolean", + "default": false + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapSignElement/Main", + "title": "(Non-SOAP) Sign XML Element", + "properties": { + "NonSoapSignElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/NonSoapSignElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/NonSoapVerifyElement.json b/schema/v11.2.2/assertions/NonSoapVerifyElement.json new file mode 100644 index 0000000..27dae71 --- /dev/null +++ b/schema/v11.2.2/assertions/NonSoapVerifyElement.json @@ -0,0 +1,109 @@ +{ + "configName": "NonSoapVerifyElement", + "name": "(Non-SOAP) Verify XML Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapVerifyElement", + "title": "(Non-SOAP) Verify XML Element", + "type": "object", + "properties": { + "customIdAttrs": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/fullQName" + } + }, + "ignoreKeyInfo": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "" + }, + "verifyCertificateGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "verifyCertificateName": { + "type": "string" + }, + "verifyCertificateVariableName": { + "type": "string" + }, + "xAdESEnabled": { + "type": "boolean", + "default": false + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/fullQName" + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/NonSoapVerifyElement/Main", + "title": "(Non-SOAP) Verify XML Element", + "properties": { + "NonSoapVerifyElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/NonSoapVerifyElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/NtlmAuthentication.json b/schema/v11.2.2/assertions/NtlmAuthentication.json new file mode 100644 index 0000000..a294d7f --- /dev/null +++ b/schema/v11.2.2/assertions/NtlmAuthentication.json @@ -0,0 +1,58 @@ +{ + "configName": "NtlmAuthentication", + "name": "Require NTLM Authentication Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/NtlmAuthentication", + "title": "Require NTLM Authentication Credentials", + "type": "object", + "properties": { + "ldapProviderName": { + "type": "string" + }, + "ldapProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "maxConnectionDuration": { + "type": "number", + "default": 0 + }, + "maxConnectionIdleTime": { + "type": "number", + "default": 0 + }, + "realm": { + "type": "string" + }, + "variablePrefix": { + "type": "string", + "default": "ntlm" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/NtlmAuthentication/Main", + "title": "Require NTLM Authentication Credentials", + "properties": { + "NtlmAuthentication": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/NtlmAuthentication" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/OAuth2Introspection.json b/schema/v11.2.2/assertions/OAuth2Introspection.json new file mode 100644 index 0000000..ccbc155 --- /dev/null +++ b/schema/v11.2.2/assertions/OAuth2Introspection.json @@ -0,0 +1,65 @@ +{ + "configName": "OAuth2Introspection", + "name": "Require and Introspect OAuth2.0 Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/OAuth2Introspection", + "title": "Require and Introspect OAuth2.0 Token", + "type": "object", + "properties": { + "atLeastOneAudience": { + "type": "boolean", + "default": false + }, + "atLeastOneScope": { + "type": "boolean", + "default": false + }, + "audience": { + "type": "string" + }, + "includeFullResponseDetails": { + "type": "boolean", + "default": false + }, + "scope": { + "type": "string" + }, + "token": { + "type": "string" + }, + "tokenIssuerHint": { + "type": "string" + }, + "trustGatewayAsIssuer": { + "type": "boolean", + "default": false + }, + "varPrefix": { + "type": "string", + "default": "oauth2i" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/OAuth2Introspection/Main", + "title": "Require and Introspect OAuth2.0 Token", + "properties": { + "OAuth2Introspection": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/OAuth2Introspection" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/OdataValidation.json b/schema/v11.2.2/assertions/OdataValidation.json new file mode 100644 index 0000000..9f2f9d3 --- /dev/null +++ b/schema/v11.2.2/assertions/OdataValidation.json @@ -0,0 +1,96 @@ +{ + "configName": "OdataValidation", + "name": "Validate OData Request", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/OdataValidation", + "title": "Validate OData Request", + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "ALLOW_METADATA", + "ALLOW_RAW_VALUE" + ] + } + }, + "createOperation": { + "type": "boolean", + "default": true + }, + "deleteOperation": { + "type": "boolean", + "default": false + }, + "httpMethod": { + "type": "string" + }, + "mergeOperation": { + "type": "boolean", + "default": false + }, + "odataMetadataSource": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "partialUpdateOperation": { + "type": "boolean", + "default": false + }, + "readOperation": { + "type": "boolean", + "default": true + }, + "resourceUrl": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "updateOperation": { + "type": "boolean", + "default": true + }, + "validatePayload": { + "type": "boolean", + "default": true + }, + "variablePrefix": { + "type": "string", + "default": "odata" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/OdataValidation/Main", + "title": "Validate OData Request", + "properties": { + "OdataValidation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/OdataValidation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/OneOrMore.json b/schema/v11.2.2/assertions/OneOrMore.json new file mode 100644 index 0000000..5c64a89 --- /dev/null +++ b/schema/v11.2.2/assertions/OneOrMore.json @@ -0,0 +1,49 @@ +{ + "configName": "OneOrMore", + "name": "At least one assertion must evaluate to true", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/OneOrMore", + "title": "At least one assertion must evaluate to true", + "anyOf": [ + { + "type": "array", + "items": { + "type": "object" + } + }, + { + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/OneOrMore/Main", + "title": "At least one assertion must evaluate to true", + "properties": { + "OneOrMore": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/OneOrMore" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/OpenApi.json b/schema/v11.2.2/assertions/OpenApi.json new file mode 100644 index 0000000..fe372ad --- /dev/null +++ b/schema/v11.2.2/assertions/OpenApi.json @@ -0,0 +1,108 @@ +{ + "configName": "OpenApi", + "name": "Validate Against OpenAPI Document", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/OpenApi", + "title": "Validate Against OpenAPI Document", + "type": "object", + "properties": { + "methodName": { + "type": "string" + }, + "nonHttpMessage": { + "type": "boolean", + "default": false + }, + "openApiDoc": { + "type": "string" + }, + "otherMessageType": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "prefix": { + "type": "string", + "default": "openapi" + }, + "requireSecurityCredentials": { + "type": "boolean", + "default": true + }, + "resourceUri": { + "type": "string" + }, + "serviceBase": { + "type": "string", + "default": "" + }, + "statusCode": { + "type": "string" + }, + "strictValidation": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "useOpenApiDocAsUrl": { + "type": "boolean", + "default": false + }, + "validateBody": { + "type": "boolean", + "default": false + }, + "validateHeaders": { + "type": "boolean", + "default": false + }, + "validateMethod": { + "type": "boolean", + "default": true + }, + "validatePath": { + "type": "boolean", + "default": true + }, + "validateQueryParameters": { + "type": "boolean", + "default": false + }, + "validateResponseStatus": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/OpenApi/Main", + "title": "Validate Against OpenAPI Document", + "properties": { + "OpenApi": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/OpenApi" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Operation.json b/schema/v11.2.2/assertions/Operation.json new file mode 100644 index 0000000..7f109aa --- /dev/null +++ b/schema/v11.2.2/assertions/Operation.json @@ -0,0 +1,36 @@ +{ + "configName": "Operation", + "name": "Evaluate WSDL Operation", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Operation", + "title": "Evaluate WSDL Operation", + "type": "object", + "properties": { + "operationName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Operation/Main", + "title": "Evaluate WSDL Operation", + "properties": { + "Operation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Operation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/OtelMeter.json b/schema/v11.2.2/assertions/OtelMeter.json new file mode 100644 index 0000000..706a41d --- /dev/null +++ b/schema/v11.2.2/assertions/OtelMeter.json @@ -0,0 +1,65 @@ +{ + "configName": "OtelMeter", + "name": "Telemetry Metric", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/OtelMeter", + "title": "Telemetry Metric", + "type": "object", + "properties": { + "attributes": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "description": { + "type": "string" + }, + "measure": { + "type": "string", + "default": "1" + }, + "name": { + "type": "string", + "default": "" + }, + "type": { + "type": "string", + "enum": [ + "COUNTER", + "UP_DOWN_COUNTER", + "GAUGE", + "HISTOGRAM" + ] + }, + "unit": { + "type": "string", + "default": "no" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/OtelMeter/Main", + "title": "Telemetry Metric", + "properties": { + "OtelMeter": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/OtelMeter" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/OversizedText.json b/schema/v11.2.2/assertions/OversizedText.json new file mode 100644 index 0000000..b0bdcdf --- /dev/null +++ b/schema/v11.2.2/assertions/OversizedText.json @@ -0,0 +1,101 @@ +{ + "configName": "OversizedText", + "name": "Protect Against XML Document Structure Threats", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/OversizedText", + "title": "Protect Against XML Document Structure Threats", + "type": "object", + "properties": { + "limitAttrChars": { + "type": "boolean", + "default": true + }, + "limitAttrNameChars": { + "type": "boolean", + "default": true + }, + "limitNamespaceCount": { + "type": "boolean", + "default": false + }, + "limitNamespacePrefixCount": { + "type": "boolean", + "default": false + }, + "limitNestingDepth": { + "type": "boolean", + "default": true + }, + "limitTextChars": { + "type": "boolean", + "default": true + }, + "maxAttrChars": { + "type": "number", + "default": 2048 + }, + "maxAttrNameChars": { + "type": "integer", + "default": 128 + }, + "maxNamespaceCount": { + "type": "integer", + "default": 0 + }, + "maxNamespacePrefixCount": { + "type": "integer", + "default": 0 + }, + "maxNestingDepth": { + "type": "integer", + "default": 32 + }, + "maxPayloadElements": { + "type": "integer", + "default": 0 + }, + "maxTextChars": { + "type": "number", + "default": 16384 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "requireValidSoapEnvelope": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/OversizedText/Main", + "title": "Protect Against XML Document Structure Threats", + "properties": { + "OversizedText": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/OversizedText" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/PolicyBundleInstaller.json b/schema/v11.2.2/assertions/PolicyBundleInstaller.json new file mode 100644 index 0000000..8de2a44 --- /dev/null +++ b/schema/v11.2.2/assertions/PolicyBundleInstaller.json @@ -0,0 +1,33 @@ +{ + "configName": "PolicyBundleInstaller", + "name": "Policy Bundle Installer", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/PolicyBundleInstaller", + "title": "Policy Bundle Installer", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/PolicyBundleInstaller/Main", + "title": "Policy Bundle Installer", + "properties": { + "PolicyBundleInstaller": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/PolicyBundleInstaller" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/PortalBootstrap.json b/schema/v11.2.2/assertions/PortalBootstrap.json new file mode 100644 index 0000000..06a2fb0 --- /dev/null +++ b/schema/v11.2.2/assertions/PortalBootstrap.json @@ -0,0 +1,40 @@ +{ + "configName": "PortalBootstrap", + "name": "Portal Bootstrap", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/PortalBootstrap", + "title": "Portal Bootstrap", + "type": "object", + "properties": { + "doUpgrade": { + "type": "boolean", + "default": false + }, + "enrollmentUrl": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/PortalBootstrap/Main", + "title": "Portal Bootstrap", + "properties": { + "PortalBootstrap": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/PortalBootstrap" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/PortalUpgrade.json b/schema/v11.2.2/assertions/PortalUpgrade.json new file mode 100644 index 0000000..2a7df39 --- /dev/null +++ b/schema/v11.2.2/assertions/PortalUpgrade.json @@ -0,0 +1,33 @@ +{ + "configName": "PortalUpgrade", + "name": "Portal Upgrade", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/PortalUpgrade", + "title": "Portal Upgrade", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/PortalUpgrade/Main", + "title": "Portal Upgrade", + "properties": { + "PortalUpgrade": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/PortalUpgrade" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ProcessIncrement.json b/schema/v11.2.2/assertions/ProcessIncrement.json new file mode 100644 index 0000000..7b2eaf2 --- /dev/null +++ b/schema/v11.2.2/assertions/ProcessIncrement.json @@ -0,0 +1,33 @@ +{ + "configName": "ProcessIncrement", + "name": "Portal Process Incremental Update", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessIncrement", + "title": "Portal Process Incremental Update", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessIncrement/Main", + "title": "Portal Process Incremental Update", + "properties": { + "ProcessIncrement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ProcessIncrement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ProcessRoutingStrategyResult.json b/schema/v11.2.2/assertions/ProcessRoutingStrategyResult.json new file mode 100644 index 0000000..c802a4b --- /dev/null +++ b/schema/v11.2.2/assertions/ProcessRoutingStrategyResult.json @@ -0,0 +1,41 @@ +{ + "configName": "ProcessRoutingStrategyResult", + "name": "Process Routing Strategy Result", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessRoutingStrategyResult", + "title": "Process Routing Strategy Result", + "type": "object", + "properties": { + "feedback": { + "type": "string", + "default": "feedback" + }, + "strategy": { + "type": "string", + "default": "strategy" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessRoutingStrategyResult/Main", + "title": "Process Routing Strategy Result", + "properties": { + "ProcessRoutingStrategyResult": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ProcessRoutingStrategyResult" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ProcessRstrSoapResponse.json b/schema/v11.2.2/assertions/ProcessRstrSoapResponse.json new file mode 100644 index 0000000..7261030 --- /dev/null +++ b/schema/v11.2.2/assertions/ProcessRstrSoapResponse.json @@ -0,0 +1,57 @@ +{ + "configName": "ProcessRstrSoapResponse", + "name": "Process RSTR Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessRstrSoapResponse", + "title": "Process RSTR Response", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "tokenType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/securityTokenType", + "default": "Unknown" + }, + "variablePrefix": { + "type": "string", + "default": "rstrResponseProcessor" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/securityTokenType" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessRstrSoapResponse/Main", + "title": "Process RSTR Response", + "properties": { + "ProcessRstrSoapResponse": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ProcessRstrSoapResponse" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ProcessSamlAttributeQueryRequest.json b/schema/v11.2.2/assertions/ProcessSamlAttributeQueryRequest.json new file mode 100644 index 0000000..3c354b0 --- /dev/null +++ b/schema/v11.2.2/assertions/ProcessSamlAttributeQueryRequest.json @@ -0,0 +1,134 @@ +{ + "configName": "ProcessSamlAttributeQueryRequest", + "name": "Process SAML Attribute Query Request", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessSamlAttributeQueryRequest", + "title": "Process SAML Attribute Query Request", + "type": "object", + "properties": { + "allowEncryptedId": { + "type": "boolean", + "default": false + }, + "allowNameId": { + "type": "boolean", + "default": true + }, + "attributeNameFormats": { + "type": "string", + "default": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" + }, + "customAttributeNameFormats": { + "type": "string" + }, + "customSubjectFormats": { + "type": "string" + }, + "decryptEncryptedId": { + "type": "boolean", + "default": false + }, + "destination": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "requireAttributeNameFormat": { + "type": "boolean", + "default": false + }, + "requireAttributes": { + "type": "boolean", + "default": false + }, + "requireConsent": { + "type": "boolean", + "default": false + }, + "requireDestination": { + "type": "boolean", + "default": false + }, + "requireId": { + "type": "boolean", + "default": true + }, + "requireIssueInstant": { + "type": "boolean", + "default": true + }, + "requireIssuer": { + "type": "boolean", + "default": true + }, + "requireSignature": { + "type": "boolean", + "default": false + }, + "requireSubjectFormat": { + "type": "boolean", + "default": false + }, + "requireVersion": { + "type": "boolean", + "default": true + }, + "samlVersion": { + "type": "string", + "enum": [ + "SAML2", + "SAML1_1" + ], + "default": "SAML2" + }, + "soapEncapsulated": { + "type": "boolean", + "default": false + }, + "subjectFormats": { + "type": "string", + "default": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "attrQuery" + }, + "verifyAttributesAreUnique": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessSamlAttributeQueryRequest/Main", + "title": "Process SAML Attribute Query Request", + "properties": { + "ProcessSamlAttributeQueryRequest": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ProcessSamlAttributeQueryRequest" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ProcessSamlAuthnRequest.json b/schema/v11.2.2/assertions/ProcessSamlAuthnRequest.json new file mode 100644 index 0000000..bcac7ad --- /dev/null +++ b/schema/v11.2.2/assertions/ProcessSamlAuthnRequest.json @@ -0,0 +1,80 @@ +{ + "configName": "ProcessSamlAuthnRequest", + "name": "Process SAML Authentication Request", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessSamlAuthnRequest", + "title": "Process SAML Authentication Request", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "requiredAssertionConsumerServiceIndex": { + "type": "boolean", + "default": false + }, + "requiredAssertionConsumerServiceURL": { + "type": "boolean", + "default": true + }, + "requiredAttributeConsumingServiceIndex": { + "type": "boolean", + "default": false + }, + "requiredProtocolBinding": { + "type": "boolean", + "default": false + }, + "requiredProviderName": { + "type": "boolean", + "default": false + }, + "samlProtocolBinding": { + "type": "string", + "enum": [ + "HttpPost", + "HttpRedirect" + ] + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "authnRequest" + }, + "verifySignature": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ProcessSamlAuthnRequest/Main", + "title": "Process SAML Authentication Request", + "properties": { + "ProcessSamlAuthnRequest": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ProcessSamlAuthnRequest" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RESTGatewayManagement.json b/schema/v11.2.2/assertions/RESTGatewayManagement.json new file mode 100644 index 0000000..6d126ed --- /dev/null +++ b/schema/v11.2.2/assertions/RESTGatewayManagement.json @@ -0,0 +1,49 @@ +{ + "configName": "RESTGatewayManagement", + "name": "REST Manage Gateway", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RESTGatewayManagement", + "title": "REST Manage Gateway", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string", + "default": "restGatewayMan" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RESTGatewayManagement/Main", + "title": "REST Manage Gateway", + "properties": { + "RESTGatewayManagement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RESTGatewayManagement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Radius.json b/schema/v11.2.2/assertions/Radius.json new file mode 100644 index 0000000..d38e5ef --- /dev/null +++ b/schema/v11.2.2/assertions/Radius.json @@ -0,0 +1,33 @@ +{ + "configName": "Radius", + "name": "Radius", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Radius", + "title": "Radius", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Radius/Main", + "title": "Radius", + "properties": { + "Radius": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Radius" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RadiusAuthenticate.json b/schema/v11.2.2/assertions/RadiusAuthenticate.json new file mode 100644 index 0000000..1547dda --- /dev/null +++ b/schema/v11.2.2/assertions/RadiusAuthenticate.json @@ -0,0 +1,78 @@ +{ + "configName": "RadiusAuthenticate", + "name": "Authenticate Against Radius Server", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RadiusAuthenticate", + "title": "Authenticate Against Radius Server", + "type": "object", + "properties": { + "acctPort": { + "type": "string" + }, + "attributes": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "authPort": { + "type": "string" + }, + "authenticator": { + "type": "string" + }, + "host": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "secretGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeout": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RadiusAuthenticate/Main", + "title": "Authenticate Against Radius Server", + "properties": { + "RadiusAuthenticate": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RadiusAuthenticate" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RaiseError.json b/schema/v11.2.2/assertions/RaiseError.json new file mode 100644 index 0000000..ce59f3f --- /dev/null +++ b/schema/v11.2.2/assertions/RaiseError.json @@ -0,0 +1,33 @@ +{ + "configName": "RaiseError", + "name": "Raise Error", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RaiseError", + "title": "Raise Error", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RaiseError/Main", + "title": "Raise Error", + "properties": { + "RaiseError": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RaiseError" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RateLimit.json b/schema/v11.2.2/assertions/RateLimit.json new file mode 100644 index 0000000..1217d29 --- /dev/null +++ b/schema/v11.2.2/assertions/RateLimit.json @@ -0,0 +1,72 @@ +{ + "configName": "RateLimit", + "name": "Apply Rate Limit", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RateLimit", + "title": "Apply Rate Limit", + "type": "object", + "properties": { + "blackoutPeriodInSeconds": { + "type": "string" + }, + "counterName": { + "type": "string", + "default": "RateLimit-${request.clientid}" + }, + "hardLimit": { + "type": "boolean", + "default": false + }, + "logOnly": { + "type": "boolean", + "default": false + }, + "maxConcurrency": { + "type": "string", + "default": "0" + }, + "maxRequestsPerSecond": { + "type": "string", + "default": "100" + }, + "shapeRequests": { + "type": "boolean", + "default": false + }, + "splitConcurrencyLimitAcrossNodes": { + "type": "boolean", + "default": true + }, + "splitRateLimitAcrossNodes": { + "type": "boolean", + "default": true + }, + "windowSizeInSeconds": { + "type": "string", + "default": "1" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RateLimit/Main", + "title": "Apply Rate Limit", + "properties": { + "RateLimit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RateLimit" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RateLimitQuery.json b/schema/v11.2.2/assertions/RateLimitQuery.json new file mode 100644 index 0000000..3ac95e6 --- /dev/null +++ b/schema/v11.2.2/assertions/RateLimitQuery.json @@ -0,0 +1,39 @@ +{ + "configName": "RateLimitQuery", + "name": "Query Rate Limit", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RateLimitQuery", + "title": "Query Rate Limit", + "type": "object", + "properties": { + "counterName": { + "type": "string" + }, + "variablePrefix": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RateLimitQuery/Main", + "title": "Query Rate Limit", + "properties": { + "RateLimitQuery": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RateLimitQuery" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RedisSharedStateProvider.json b/schema/v11.2.2/assertions/RedisSharedStateProvider.json new file mode 100644 index 0000000..26d4d9c --- /dev/null +++ b/schema/v11.2.2/assertions/RedisSharedStateProvider.json @@ -0,0 +1,33 @@ +{ + "configName": "RedisSharedStateProvider", + "name": "Redis Shared State Provider", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RedisSharedStateProvider", + "title": "Redis Shared State Provider", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RedisSharedStateProvider/Main", + "title": "Redis Shared State Provider", + "properties": { + "RedisSharedStateProvider": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RedisSharedStateProvider" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Regex.json b/schema/v11.2.2/assertions/Regex.json new file mode 100644 index 0000000..6274ef5 --- /dev/null +++ b/schema/v11.2.2/assertions/Regex.json @@ -0,0 +1,99 @@ +{ + "configName": "Regex", + "name": "Evaluate Regular Expression", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Regex", + "title": "Evaluate Regular Expression", + "type": "object", + "properties": { + "autoTarget": { + "type": "boolean", + "default": true + }, + "captureVar": { + "type": "string" + }, + "caseInsensitive": { + "type": "boolean", + "default": false + }, + "encoding": { + "type": "string" + }, + "findAll": { + "type": "boolean", + "default": false + }, + "includeEntireExpressionCapture": { + "type": "boolean", + "default": true + }, + "mimePart": { + "type": "integer", + "default": 0 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "patternContainsVariables": { + "type": "boolean", + "default": false + }, + "proceedIfPatternMatches": { + "type": "boolean", + "default": true + }, + "regex": { + "type": "string" + }, + "regexName": { + "type": "string" + }, + "regexVar": { + "type": "string" + }, + "replace": { + "type": "boolean", + "default": false + }, + "replaceRepeatCount": { + "type": "integer", + "default": 0 + }, + "replacement": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Regex/Main", + "title": "Evaluate Regular Expression", + "properties": { + "Regex": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Regex" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RemoteIpRange.json b/schema/v11.2.2/assertions/RemoteIpRange.json new file mode 100644 index 0000000..97616b0 --- /dev/null +++ b/schema/v11.2.2/assertions/RemoteIpRange.json @@ -0,0 +1,48 @@ +{ + "configName": "RemoteIpRange", + "name": "Restrict Access to IP Address Range", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RemoteIpRange", + "title": "Restrict Access to IP Address Range", + "type": "object", + "properties": { + "allowRange": { + "type": "boolean", + "default": true + }, + "ipSourceContextVariable": { + "type": "string" + }, + "networkMask": { + "type": "string", + "default": "24" + }, + "startIp": { + "type": "string", + "default": "192.168.1.0" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RemoteIpRange/Main", + "title": "Restrict Access to IP Address Range", + "properties": { + "RemoteIpRange": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RemoteIpRange" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RemoveElement.json b/schema/v11.2.2/assertions/RemoveElement.json new file mode 100644 index 0000000..a6d3ab6 --- /dev/null +++ b/schema/v11.2.2/assertions/RemoveElement.json @@ -0,0 +1,60 @@ +{ + "configName": "RemoveElement", + "name": "Add or Remove XML Element(s)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RemoveElement", + "title": "Add or Remove XML Element(s)", + "type": "object", + "properties": { + "elementFromVariable": { + "type": "string" + }, + "elementToInsertVariable": { + "type": "string" + }, + "insertedElementLocation": { + "type": "string", + "enum": [ + "FIRST_CHILD", + "LAST_CHILD", + "PREVIOUS_SIBLING", + "NEXT_SIBLING" + ] + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RemoveElement/Main", + "title": "Add or Remove XML Element(s)", + "properties": { + "RemoveElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RemoveElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ReplaceTagContent.json b/schema/v11.2.2/assertions/ReplaceTagContent.json new file mode 100644 index 0000000..89f035b --- /dev/null +++ b/schema/v11.2.2/assertions/ReplaceTagContent.json @@ -0,0 +1,58 @@ +{ + "configName": "ReplaceTagContent", + "name": "Replace Tag Content", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ReplaceTagContent", + "title": "Replace Tag Content", + "type": "object", + "properties": { + "caseSensitive": { + "type": "boolean", + "default": true + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "replaceWith": { + "type": "string" + }, + "searchFor": { + "type": "string" + }, + "tagsToSearch": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ReplaceTagContent/Main", + "title": "Replace Tag Content", + "properties": { + "ReplaceTagContent": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ReplaceTagContent" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequestSizeLimit.json b/schema/v11.2.2/assertions/RequestSizeLimit.json new file mode 100644 index 0000000..f86e7cc --- /dev/null +++ b/schema/v11.2.2/assertions/RequestSizeLimit.json @@ -0,0 +1,53 @@ +{ + "configName": "RequestSizeLimit", + "name": "Limit Message Size", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestSizeLimit", + "title": "Limit Message Size", + "type": "object", + "properties": { + "entireMessage": { + "type": "boolean", + "default": true + }, + "limit": { + "type": "string", + "default": "128" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestSizeLimit/Main", + "title": "Limit Message Size", + "properties": { + "RequestSizeLimit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequestSizeLimit" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequestSwA.json b/schema/v11.2.2/assertions/RequestSwA.json new file mode 100644 index 0000000..e00537a --- /dev/null +++ b/schema/v11.2.2/assertions/RequestSwA.json @@ -0,0 +1,89 @@ +{ + "configName": "RequestSwA", + "name": "Validate SOAP Attachments", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestSwA", + "title": "Validate SOAP Attachments", + "type": "object", + "properties": { + "bindings": { + "type": "object", + "patternProperties": { + ".*": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/bindingInfo" + } + } + }, + "namespaceMap": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "unboundAttachmentPolicy": { + "type": "integer", + "default": 0 + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/bindingInfo", + "properties": { + "bindingName": { + "type": "string", + "default": "" + }, + "bindingOperations": { + "type": "object", + "patternProperties": { + ".*": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/bindingOperationInfo" + } + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/bindingOperationInfo", + "properties": { + "extraMultipart": { + "type": "object" + }, + "multipart": { + "type": "object" + }, + "name": { + "type": "string" + }, + "xpath": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestSwA/Main", + "title": "Validate SOAP Attachments", + "properties": { + "RequestSwA": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequestSwA" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequestWssKerberos.json b/schema/v11.2.2/assertions/RequestWssKerberos.json new file mode 100644 index 0000000..19e0be9 --- /dev/null +++ b/schema/v11.2.2/assertions/RequestWssKerberos.json @@ -0,0 +1,51 @@ +{ + "configName": "RequestWssKerberos", + "name": "Require WS-Security Kerberos Token Profile Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestWssKerberos", + "title": "Require WS-Security Kerberos Token Profile Credentials", + "type": "object", + "properties": { + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "servicePrincipalName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestWssKerberos/Main", + "title": "Require WS-Security Kerberos Token Profile Credentials", + "properties": { + "RequestWssKerberos": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequestWssKerberos" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequestXpath.json b/schema/v11.2.2/assertions/RequestXpath.json new file mode 100644 index 0000000..93a76a5 --- /dev/null +++ b/schema/v11.2.2/assertions/RequestXpath.json @@ -0,0 +1,65 @@ +{ + "configName": "RequestXpath", + "name": "Evaluate Request XPath", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestXpath", + "title": "Evaluate Request XPath", + "type": "object", + "properties": { + "variablePrefix": { + "type": "string" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequestXpath/Main", + "title": "Evaluate Request XPath", + "properties": { + "RequestXpath": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequestXpath" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequireWssEncryptedElement.json b/schema/v11.2.2/assertions/RequireWssEncryptedElement.json new file mode 100644 index 0000000..6312f40 --- /dev/null +++ b/schema/v11.2.2/assertions/RequireWssEncryptedElement.json @@ -0,0 +1,106 @@ +{ + "configName": "RequireWssEncryptedElement", + "name": "Require Encrypted Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssEncryptedElement", + "title": "Require Encrypted Element", + "type": "object", + "properties": { + "encryptContentsOnly": { + "type": "boolean", + "default": true + }, + "keyEncryptionAlgorithm": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "xEncAlgorithm": { + "type": "string", + "default": "http://www.w3.org/2001/04/xmlenc#aes128-cbc" + }, + "xEncAlgorithmList": { + "type": "array", + "items": { + "type": "string" + } + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssEncryptedElement/Main", + "title": "Require Encrypted Element", + "properties": { + "RequireWssEncryptedElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequireWssEncryptedElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequireWssSaml.json b/schema/v11.2.2/assertions/RequireWssSaml.json new file mode 100644 index 0000000..9167fc2 --- /dev/null +++ b/schema/v11.2.2/assertions/RequireWssSaml.json @@ -0,0 +1,273 @@ +{ + "configName": "RequireWssSaml", + "name": "Require SAML Token Profile (v1)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssSaml", + "title": "Require SAML Token Profile", + "type": "object", + "properties": { + "attributeStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement" + }, + "audienceRestriction": { + "type": "string" + }, + "authenticationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement" + }, + "authorizationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement" + }, + "checkAssertionValidity": { + "type": "boolean", + "default": true + }, + "maxExpiry": { + "type": "number", + "default": 0 + }, + "nameFormats": { + "type": "array", + "items": { + "type": "string" + } + }, + "nameQualifier": { + "type": "string" + }, + "noSubjectConfirmation": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requireHolderOfKeyWithMessageSignature": { + "type": "boolean", + "default": false + }, + "requireSenderVouchesWithMessageSignature": { + "type": "boolean", + "default": false + }, + "subjectConfirmationDataCheckAddress": { + "type": "boolean", + "default": false + }, + "subjectConfirmationDataCheckValidity": { + "type": "boolean", + "default": true + }, + "subjectConfirmationDataRecipient": { + "type": "string" + }, + "subjectConfirmations": { + "type": "array", + "items": { + "type": "string" + } + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "version": { + "type": "integer" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute" + } + }, + "failIfAnyAttributeIsMissing": { + "type": "boolean", + "default": false + }, + "failIfAttributeValueExcludesAttribute": { + "type": "boolean", + "default": false + }, + "failIfNoAttributesAdded": { + "type": "boolean", + "default": true + }, + "failIfUnknownAttributeInFilter": { + "type": "boolean", + "default": false + }, + "filterExpression": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "attrStatement" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute", + "properties": { + "addBehavior": { + "type": "string", + "enum": [ + "STRING_CONVERT", + "ADD_AS_XML" + ], + "default": "STRING_CONVERT" + }, + "anyValue": { + "type": "boolean", + "default": false + }, + "emptyBehavior": { + "type": "string", + "enum": [ + "EMPTY_STRING", + "EXISTS_NO_VALUE", + "NULL_VALUE" + ], + "default": "EMPTY_STRING" + }, + "friendlyName": { + "type": "string" + }, + "missingWhenEmpty": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "nameFormat": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "repeatIfMulti": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + }, + "valueComparison": { + "type": "string", + "enum": [ + "STRING_COMPARE", + "CANONICALIZE" + ], + "default": "STRING_COMPARE" + }, + "variableNotFoundBehavior": { + "type": "string", + "enum": [ + "REPLACE_EMPTY_STRING", + "REPLACE_EXPRESSION_EMPTY_STRING" + ], + "default": "REPLACE_EMPTY_STRING" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement", + "properties": { + "authenticationMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "customAuthenticationMethods": { + "type": "string", + "default": "" + }, + "includeAuthenticationContextDeclaration": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement", + "properties": { + "action": { + "type": "string" + }, + "actionNamespace": { + "type": "string" + }, + "resource": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssSaml/Main", + "title": "Require SAML Token Profile", + "properties": { + "RequireWssSaml": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequireWssSaml" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequireWssSaml2.json b/schema/v11.2.2/assertions/RequireWssSaml2.json new file mode 100644 index 0000000..cb95195 --- /dev/null +++ b/schema/v11.2.2/assertions/RequireWssSaml2.json @@ -0,0 +1,274 @@ +{ + "configName": "RequireWssSaml2", + "name": "Require SAML Token Profile (v2)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssSaml2", + "title": "Require SAML Token Profile", + "type": "object", + "properties": { + "attributeStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement" + }, + "audienceRestriction": { + "type": "string" + }, + "authenticationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement" + }, + "authorizationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement" + }, + "checkAssertionValidity": { + "type": "boolean", + "default": true + }, + "maxExpiry": { + "type": "number", + "default": 0 + }, + "nameFormats": { + "type": "array", + "items": { + "type": "string" + } + }, + "nameQualifier": { + "type": "string" + }, + "noSubjectConfirmation": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requireHolderOfKeyWithMessageSignature": { + "type": "boolean", + "default": false + }, + "requireSenderVouchesWithMessageSignature": { + "type": "boolean", + "default": false + }, + "subjectConfirmationDataCheckAddress": { + "type": "boolean", + "default": false + }, + "subjectConfirmationDataCheckValidity": { + "type": "boolean", + "default": true + }, + "subjectConfirmationDataRecipient": { + "type": "string" + }, + "subjectConfirmations": { + "type": "array", + "items": { + "type": "string" + } + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "version": { + "type": "integer", + "default": 2 + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute" + } + }, + "failIfAnyAttributeIsMissing": { + "type": "boolean", + "default": false + }, + "failIfAttributeValueExcludesAttribute": { + "type": "boolean", + "default": false + }, + "failIfNoAttributesAdded": { + "type": "boolean", + "default": true + }, + "failIfUnknownAttributeInFilter": { + "type": "boolean", + "default": false + }, + "filterExpression": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "attrStatement" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute", + "properties": { + "addBehavior": { + "type": "string", + "enum": [ + "STRING_CONVERT", + "ADD_AS_XML" + ], + "default": "STRING_CONVERT" + }, + "anyValue": { + "type": "boolean", + "default": false + }, + "emptyBehavior": { + "type": "string", + "enum": [ + "EMPTY_STRING", + "EXISTS_NO_VALUE", + "NULL_VALUE" + ], + "default": "EMPTY_STRING" + }, + "friendlyName": { + "type": "string" + }, + "missingWhenEmpty": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "nameFormat": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "repeatIfMulti": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + }, + "valueComparison": { + "type": "string", + "enum": [ + "STRING_COMPARE", + "CANONICALIZE" + ], + "default": "STRING_COMPARE" + }, + "variableNotFoundBehavior": { + "type": "string", + "enum": [ + "REPLACE_EMPTY_STRING", + "REPLACE_EXPRESSION_EMPTY_STRING" + ], + "default": "REPLACE_EMPTY_STRING" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement", + "properties": { + "authenticationMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "customAuthenticationMethods": { + "type": "string", + "default": "" + }, + "includeAuthenticationContextDeclaration": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement", + "properties": { + "action": { + "type": "string" + }, + "actionNamespace": { + "type": "string" + }, + "resource": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssSaml2/Main", + "title": "Require SAML Token Profile", + "properties": { + "RequireWssSaml2": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequireWssSaml2" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequireWssSignedElement.json b/schema/v11.2.2/assertions/RequireWssSignedElement.json new file mode 100644 index 0000000..485167c --- /dev/null +++ b/schema/v11.2.2/assertions/RequireWssSignedElement.json @@ -0,0 +1,132 @@ +{ + "configName": "RequireWssSignedElement", + "name": "Require Signed Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssSignedElement", + "title": "Require Signed Element", + "type": "object", + "properties": { + "acceptedDigestAlgorithms": { + "type": "array", + "items": { + "type": "string" + } + }, + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "signedElementsVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssSignedElement/Main", + "title": "Require Signed Element", + "properties": { + "RequireWssSignedElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequireWssSignedElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequireWssTimestamp.json b/schema/v11.2.2/assertions/RequireWssTimestamp.json new file mode 100644 index 0000000..784f5bd --- /dev/null +++ b/schema/v11.2.2/assertions/RequireWssTimestamp.json @@ -0,0 +1,114 @@ +{ + "configName": "RequireWssTimestamp", + "name": "Require Timestamp", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssTimestamp", + "title": "Require Timestamp", + "type": "object", + "properties": { + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "maxExpiryMilliseconds": { + "type": "number", + "default": 0 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "signatureRequired": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssTimestamp/Main", + "title": "Require Timestamp", + "properties": { + "RequireWssTimestamp": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequireWssTimestamp" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RequireWssX509Cert.json b/schema/v11.2.2/assertions/RequireWssX509Cert.json new file mode 100644 index 0000000..571df82 --- /dev/null +++ b/schema/v11.2.2/assertions/RequireWssX509Cert.json @@ -0,0 +1,70 @@ +{ + "configName": "RequireWssX509Cert", + "name": "Require WS-Security Signature Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssX509Cert", + "title": "Require WS-Security Signature Credentials", + "type": "object", + "properties": { + "allowMultipleSignatures": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "signatureElementVariable": { + "type": "string" + }, + "signatureReferenceElementVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RequireWssX509Cert/Main", + "title": "Require WS-Security Signature Credentials", + "properties": { + "RequireWssX509Cert": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RequireWssX509Cert" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ResolveService.json b/schema/v11.2.2/assertions/ResolveService.json new file mode 100644 index 0000000..c5b3fba --- /dev/null +++ b/schema/v11.2.2/assertions/ResolveService.json @@ -0,0 +1,40 @@ +{ + "configName": "ResolveService", + "name": "Resolve Service", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ResolveService", + "title": "Resolve Service", + "type": "object", + "properties": { + "prefix": { + "type": "string", + "default": "resolvedService" + }, + "uri": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ResolveService/Main", + "title": "Resolve Service", + "properties": { + "ResolveService": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ResolveService" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ResponseXpath.json b/schema/v11.2.2/assertions/ResponseXpath.json new file mode 100644 index 0000000..0674719 --- /dev/null +++ b/schema/v11.2.2/assertions/ResponseXpath.json @@ -0,0 +1,68 @@ +{ + "configName": "ResponseXpath", + "name": "Evaluate Response XPath", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ResponseXpath", + "title": "Evaluate Response XPath", + "type": "object", + "properties": { + "variablePrefix": { + "type": "string" + }, + "xmlMsgSrc": { + "type": "string" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ResponseXpath/Main", + "title": "Evaluate Response XPath", + "properties": { + "ResponseXpath": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ResponseXpath" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/RetrieveServiceWsdl.json b/schema/v11.2.2/assertions/RetrieveServiceWsdl.json new file mode 100644 index 0000000..fc4c33f --- /dev/null +++ b/schema/v11.2.2/assertions/RetrieveServiceWsdl.json @@ -0,0 +1,114 @@ +{ + "configName": "RetrieveServiceWsdl", + "name": "Retrieve Service WSDL", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/RetrieveServiceWsdl", + "title": "Retrieve Service WSDL", + "type": "object", + "properties": { + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "host": { + "type": "string", + "default": "${gateway.cluster.hostname}" + }, + "messageTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "port": { + "type": "string", + "default": "${request.tcp.localPort}" + }, + "protocol": { + "type": "string" + }, + "protocolVariable": { + "type": "string", + "default": "request.url.protocol" + }, + "proxyDependencies": { + "type": "boolean", + "default": false + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "retrieveDependency": { + "type": "boolean", + "default": false + }, + "serviceDocumentId": { + "type": "string" + }, + "serviceId": { + "type": "string", + "default": "${service.oid}" + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/RetrieveServiceWsdl/Main", + "title": "Retrieve Service WSDL", + "properties": { + "RetrieveServiceWsdl": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/RetrieveServiceWsdl" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SFTPResponse.json b/schema/v11.2.2/assertions/SFTPResponse.json new file mode 100644 index 0000000..7d773ef --- /dev/null +++ b/schema/v11.2.2/assertions/SFTPResponse.json @@ -0,0 +1,63 @@ +{ + "configName": "SFTPResponse", + "name": "Return SFTP Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SFTPResponse", + "title": "Return SFTP Response", + "type": "object", + "properties": { + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "earlyResponse": { + "type": "boolean", + "default": false + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "responseStatus": { + "type": "string", + "default": "0" + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SFTPResponse/Main", + "title": "Return SFTP Response", + "properties": { + "SFTPResponse": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SFTPResponse" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SamlBrowserArtifact.json b/schema/v11.2.2/assertions/SamlBrowserArtifact.json new file mode 100644 index 0000000..1e00bc0 --- /dev/null +++ b/schema/v11.2.2/assertions/SamlBrowserArtifact.json @@ -0,0 +1,94 @@ +{ + "configName": "SamlBrowserArtifact", + "name": "Retrieve SAML Browser Artifact", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlBrowserArtifact", + "title": "Retrieve SAML Browser Artifact", + "type": "object", + "properties": { + "artifactQueryParameter": { + "type": "string", + "default": "SAMLart" + }, + "authenticationProperties": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/authenticationProperties" + }, + "ssoEndpointUrl": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/authenticationProperties", + "properties": { + "additionalFields": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "copyFormFields": { + "type": "boolean", + "default": false + }, + "enableCookies": { + "type": "boolean", + "default": false + }, + "formTarget": { + "type": "string" + }, + "method": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/authenticationProperties$Method", + "default": "basic" + }, + "passwordFieldname": { + "type": "string" + }, + "redirectAfterSubmit": { + "type": "boolean", + "default": false + }, + "requestForm": { + "type": "boolean", + "default": false + }, + "usernameFieldname": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/authenticationProperties$Method", + "enum": [ + "basic", + "form" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlBrowserArtifact/Main", + "title": "Retrieve SAML Browser Artifact", + "properties": { + "SamlBrowserArtifact": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlBrowserArtifact" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SamlIssuer.json b/schema/v11.2.2/assertions/SamlIssuer.json new file mode 100644 index 0000000..0e34e07 --- /dev/null +++ b/schema/v11.2.2/assertions/SamlIssuer.json @@ -0,0 +1,312 @@ +{ + "configName": "SamlIssuer", + "name": "Create SAML Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlIssuer", + "title": "Create SAML Token", + "type": "object", + "properties": { + "attributeStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement" + }, + "audienceRestriction": { + "type": "string" + }, + "authenticationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement" + }, + "authorizationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement" + }, + "conditionsNotBeforeSecondsInPast": { + "type": "integer", + "default": -1 + }, + "conditionsNotOnOrAfterExpirySeconds": { + "type": "integer", + "default": -1 + }, + "customIssuerFormat": { + "type": "string" + }, + "customIssuerNameQualifier": { + "type": "string" + }, + "customIssuerValue": { + "type": "string" + }, + "decorationTypes": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "ADD_ASSERTION", + "SIGN_ASSERTION", + "SIGN_BODY" + ] + } + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "keyAlias": { + "type": "string", + "default": "SSL" + }, + "nameIdentifierFormat": { + "type": "string" + }, + "nameIdentifierType": { + "type": "string", + "enum": [ + "NONE", + "SPECIFIED", + "FROM_CREDS", + "FROM_USER" + ], + "default": "FROM_CREDS" + }, + "nameIdentifierValue": { + "type": "string" + }, + "nameQualifier": { + "type": "string" + }, + "noSubjectConfirmation": { + "type": "boolean", + "default": false + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "signAssertion": { + "type": "boolean", + "default": true + }, + "signatureKeyInfoType": { + "type": "string", + "enum": [ + "NONE", + "CERT", + "STR_THUMBPRINT", + "STR_SKI", + "STR_KEYID_LITERAL_X509", + "ISSUER_SERIAL", + "KEY_NAME" + ], + "default": "CERT" + }, + "subjectConfirmationDataAddress": { + "type": "string" + }, + "subjectConfirmationDataInResponseTo": { + "type": "string" + }, + "subjectConfirmationDataNotBeforeSecondsInPast": { + "type": "integer", + "default": -1 + }, + "subjectConfirmationDataNotOnOrAfterExpirySeconds": { + "type": "integer", + "default": -1 + }, + "subjectConfirmationDataRecipient": { + "type": "string" + }, + "subjectConfirmationKeyInfoType": { + "type": "string", + "enum": [ + "NONE", + "CERT", + "STR_THUMBPRINT", + "STR_SKI", + "STR_KEYID_LITERAL_X509", + "ISSUER_SERIAL", + "KEY_NAME" + ], + "default": "CERT" + }, + "subjectConfirmationMethodUri": { + "type": "string" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "version": { + "type": "integer" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute" + } + }, + "failIfAnyAttributeIsMissing": { + "type": "boolean", + "default": false + }, + "failIfAttributeValueExcludesAttribute": { + "type": "boolean", + "default": false + }, + "failIfNoAttributesAdded": { + "type": "boolean", + "default": true + }, + "failIfUnknownAttributeInFilter": { + "type": "boolean", + "default": false + }, + "filterExpression": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "attrStatement" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute", + "properties": { + "addBehavior": { + "type": "string", + "enum": [ + "STRING_CONVERT", + "ADD_AS_XML" + ], + "default": "STRING_CONVERT" + }, + "anyValue": { + "type": "boolean", + "default": false + }, + "emptyBehavior": { + "type": "string", + "enum": [ + "EMPTY_STRING", + "EXISTS_NO_VALUE", + "NULL_VALUE" + ], + "default": "EMPTY_STRING" + }, + "friendlyName": { + "type": "string" + }, + "missingWhenEmpty": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "nameFormat": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "repeatIfMulti": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + }, + "valueComparison": { + "type": "string", + "enum": [ + "STRING_COMPARE", + "CANONICALIZE" + ], + "default": "STRING_COMPARE" + }, + "variableNotFoundBehavior": { + "type": "string", + "enum": [ + "REPLACE_EMPTY_STRING", + "REPLACE_EXPRESSION_EMPTY_STRING" + ], + "default": "REPLACE_EMPTY_STRING" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement", + "properties": { + "authenticationMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "customAuthenticationMethods": { + "type": "string", + "default": "" + }, + "includeAuthenticationContextDeclaration": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement", + "properties": { + "action": { + "type": "string" + }, + "actionNamespace": { + "type": "string" + }, + "resource": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlIssuer/Main", + "title": "Create SAML Token", + "properties": { + "SamlIssuer": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlIssuer" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SamlProtocol.json b/schema/v11.2.2/assertions/SamlProtocol.json new file mode 100644 index 0000000..74d6935 --- /dev/null +++ b/schema/v11.2.2/assertions/SamlProtocol.json @@ -0,0 +1,207 @@ +{ + "configName": "SamlProtocol", + "name": "Saml Protocol", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlProtocol", + "title": "Saml Protocol", + "type": "object", + "properties": { + "attributeStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement" + }, + "audienceRestriction": { + "type": "string" + }, + "authenticationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement" + }, + "authorizationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlProtocol:samlpAuthorizationInfo" + }, + "nameQualifier": { + "type": "string" + }, + "noSubjectConfirmation": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "soapVersion": { + "type": "integer" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "version": { + "type": "integer" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlProtocol:samlpAuthorizationInfo", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + } + }, + "resource": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute" + } + }, + "failIfAnyAttributeIsMissing": { + "type": "boolean", + "default": false + }, + "failIfAttributeValueExcludesAttribute": { + "type": "boolean", + "default": false + }, + "failIfNoAttributesAdded": { + "type": "boolean", + "default": true + }, + "failIfUnknownAttributeInFilter": { + "type": "boolean", + "default": false + }, + "filterExpression": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "attrStatement" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute", + "properties": { + "addBehavior": { + "type": "string", + "enum": [ + "STRING_CONVERT", + "ADD_AS_XML" + ], + "default": "STRING_CONVERT" + }, + "anyValue": { + "type": "boolean", + "default": false + }, + "emptyBehavior": { + "type": "string", + "enum": [ + "EMPTY_STRING", + "EXISTS_NO_VALUE", + "NULL_VALUE" + ], + "default": "EMPTY_STRING" + }, + "friendlyName": { + "type": "string" + }, + "missingWhenEmpty": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "nameFormat": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "repeatIfMulti": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + }, + "valueComparison": { + "type": "string", + "enum": [ + "STRING_COMPARE", + "CANONICALIZE" + ], + "default": "STRING_COMPARE" + }, + "variableNotFoundBehavior": { + "type": "string", + "enum": [ + "REPLACE_EMPTY_STRING", + "REPLACE_EXPRESSION_EMPTY_STRING" + ], + "default": "REPLACE_EMPTY_STRING" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement", + "properties": { + "authenticationMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "customAuthenticationMethods": { + "type": "string", + "default": "" + }, + "includeAuthenticationContextDeclaration": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlProtocol/Main", + "title": "Saml Protocol", + "properties": { + "SamlProtocol": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlProtocol" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SamlpRequestBuilder.json b/schema/v11.2.2/assertions/SamlpRequestBuilder.json new file mode 100644 index 0000000..6192332 --- /dev/null +++ b/schema/v11.2.2/assertions/SamlpRequestBuilder.json @@ -0,0 +1,393 @@ +{ + "configName": "SamlpRequestBuilder", + "name": "Build SAML Protocol Request", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpRequestBuilder", + "title": "Build SAML Protocol Request", + "type": "object", + "properties": { + "addIssuer": { + "type": "boolean", + "default": true + }, + "attributeStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement" + }, + "audienceRestriction": { + "type": "string" + }, + "authenticationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement" + }, + "authorizationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlpRequestBuilder:samlpAuthorizationInfo" + }, + "conditionsNotBeforeSecondsInPast": { + "type": "integer", + "default": -1 + }, + "conditionsNotOnOrAfterExpirySeconds": { + "type": "integer", + "default": -1 + }, + "consentAttribute": { + "type": "string" + }, + "customIssuerFormat": { + "type": "string" + }, + "customIssuerNameQualifier": { + "type": "string" + }, + "customIssuerValue": { + "type": "string" + }, + "customNameIdentifierFormat": { + "type": "string" + }, + "decorationTypes": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "ADD_ASSERTION", + "SIGN_ASSERTION", + "SIGN_BODY" + ] + } + }, + "destinationAttribute": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "encryptNameIdentifier": { + "type": "boolean", + "default": false + }, + "evidence": { + "type": "integer" + }, + "evidenceVariable": { + "type": "string" + }, + "keyAlias": { + "type": "string" + }, + "nameIdentifierFormat": { + "type": "string" + }, + "nameIdentifierType": { + "type": "string", + "enum": [ + "NONE", + "SPECIFIED", + "FROM_CREDS", + "FROM_USER" + ], + "default": "FROM_CREDS" + }, + "nameIdentifierValue": { + "type": "string" + }, + "nameQualifier": { + "type": "string" + }, + "noSubjectConfirmation": { + "type": "boolean", + "default": false + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "otherTargetMessageVariable": { + "type": "string", + "default": "samlpRequest.message" + }, + "requestId": { + "type": "integer" + }, + "requestIdVariable": { + "type": "string" + }, + "signAssertion": { + "type": "boolean", + "default": true + }, + "signatureKeyInfoType": { + "type": "string", + "enum": [ + "NONE", + "CERT", + "STR_THUMBPRINT", + "STR_SKI", + "STR_KEYID_LITERAL_X509", + "ISSUER_SERIAL", + "KEY_NAME" + ], + "default": "CERT" + }, + "soapVersion": { + "type": "integer" + }, + "subjectConfirmationDataAddress": { + "type": "string" + }, + "subjectConfirmationDataInResponseTo": { + "type": "string" + }, + "subjectConfirmationDataNotBeforeSecondsInPast": { + "type": "integer", + "default": -1 + }, + "subjectConfirmationDataNotOnOrAfterExpirySeconds": { + "type": "integer", + "default": -1 + }, + "subjectConfirmationDataRecipient": { + "type": "string" + }, + "subjectConfirmationKeyInfoType": { + "type": "string", + "enum": [ + "NONE", + "CERT", + "STR_THUMBPRINT", + "STR_SKI", + "STR_KEYID_LITERAL_X509", + "ISSUER_SERIAL", + "KEY_NAME" + ], + "default": "CERT" + }, + "subjectConfirmationMethodUri": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "OTHER" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "version": { + "type": "integer" + }, + "xmlEncryptConfig": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlElementEncryptionConfig" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpRequestBuilder:samlpAuthorizationInfo", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + } + }, + "resource": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute" + } + }, + "failIfAnyAttributeIsMissing": { + "type": "boolean", + "default": false + }, + "failIfAttributeValueExcludesAttribute": { + "type": "boolean", + "default": false + }, + "failIfNoAttributesAdded": { + "type": "boolean", + "default": true + }, + "failIfUnknownAttributeInFilter": { + "type": "boolean", + "default": false + }, + "filterExpression": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "attrStatement" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute", + "properties": { + "addBehavior": { + "type": "string", + "enum": [ + "STRING_CONVERT", + "ADD_AS_XML" + ], + "default": "STRING_CONVERT" + }, + "anyValue": { + "type": "boolean", + "default": false + }, + "emptyBehavior": { + "type": "string", + "enum": [ + "EMPTY_STRING", + "EXISTS_NO_VALUE", + "NULL_VALUE" + ], + "default": "EMPTY_STRING" + }, + "friendlyName": { + "type": "string" + }, + "missingWhenEmpty": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "nameFormat": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "repeatIfMulti": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + }, + "valueComparison": { + "type": "string", + "enum": [ + "STRING_COMPARE", + "CANONICALIZE" + ], + "default": "STRING_COMPARE" + }, + "variableNotFoundBehavior": { + "type": "string", + "enum": [ + "REPLACE_EMPTY_STRING", + "REPLACE_EXPRESSION_EMPTY_STRING" + ], + "default": "REPLACE_EMPTY_STRING" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement", + "properties": { + "authenticationMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "customAuthenticationMethods": { + "type": "string", + "default": "" + }, + "includeAuthenticationContextDeclaration": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlElementEncryptionConfig", + "properties": { + "encryptContentsOnly": { + "type": "boolean", + "default": false + }, + "encryptedDataTypeAttribute": { + "type": "string", + "default": "http://www.w3.org/2001/04/xmlenc#Element" + }, + "encryptedKeyRecipientAttribute": { + "type": "string" + }, + "includeEncryptedDataTypeAttribute": { + "type": "boolean", + "default": false + }, + "recipientCertContextVariableName": { + "type": "string" + }, + "recipientCertificateBase64": { + "type": "string" + }, + "useOaep": { + "type": "boolean", + "default": false + }, + "xencAlgorithm": { + "type": "string", + "default": "http://www.w3.org/2001/04/xmlenc#aes128-cbc" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpRequestBuilder/Main", + "title": "Build SAML Protocol Request", + "properties": { + "SamlpRequestBuilder": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlpRequestBuilder" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SamlpResponseBuilder.json b/schema/v11.2.2/assertions/SamlpResponseBuilder.json new file mode 100644 index 0000000..7f439a2 --- /dev/null +++ b/schema/v11.2.2/assertions/SamlpResponseBuilder.json @@ -0,0 +1,133 @@ +{ + "configName": "SamlpResponseBuilder", + "name": "Build SAML Protocol Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseBuilder", + "title": "Build SAML Protocol Response", + "type": "object", + "properties": { + "addIssuer": { + "type": "boolean", + "default": false + }, + "consent": { + "type": "string" + }, + "customIssuerFormat": { + "type": "string" + }, + "customIssuerNameQualifier": { + "type": "string" + }, + "customIssuerValue": { + "type": "string" + }, + "destination": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "encryptedAssertions": { + "type": "string" + }, + "inResponseTo": { + "type": "string" + }, + "includeSignerCertChain": { + "type": "boolean", + "default": false + }, + "issueInstant": { + "type": "string" + }, + "keyAlias": { + "type": "string" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipient": { + "type": "string" + }, + "responseAssertions": { + "type": "string" + }, + "responseExtensions": { + "type": "string" + }, + "responseId": { + "type": "string" + }, + "samlStatusCode": { + "type": "string", + "default": "urn:oasis:names:tc:SAML:2.0:status:Success" + }, + "signResponse": { + "type": "boolean", + "default": false + }, + "statusDetail": { + "type": "string" + }, + "statusMessage": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "validateWebSsoRules": { + "type": "boolean", + "default": true + }, + "version": { + "type": "integer", + "default": 2 + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseBuilder/Main", + "title": "Build SAML Protocol Response", + "properties": { + "SamlpResponseBuilder": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseBuilder" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SamlpResponseEvaluation.json b/schema/v11.2.2/assertions/SamlpResponseEvaluation.json new file mode 100644 index 0000000..0e83605 --- /dev/null +++ b/schema/v11.2.2/assertions/SamlpResponseEvaluation.json @@ -0,0 +1,236 @@ +{ + "configName": "SamlpResponseEvaluation", + "name": "Evaluate SAML Protocol Response", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseEvaluation", + "title": "Evaluate SAML Protocol Response", + "type": "object", + "properties": { + "attributeStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement" + }, + "audienceRestriction": { + "type": "string" + }, + "authenticationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement" + }, + "authorizationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseEvaluation:samlpAuthorizationInfo" + }, + "authzDecisionFalsifyAssertion": { + "type": "boolean", + "default": true + }, + "authzDecisionOption": { + "type": "integer" + }, + "authzDecisionVariable": { + "type": "string" + }, + "keyAlias": { + "type": "string" + }, + "nameQualifier": { + "type": "string" + }, + "noSubjectConfirmation": { + "type": "boolean", + "default": false + }, + "nonDefaultKeystoreId": { + "type": "number", + "default": 0 + }, + "otherTargetMessageVariable": { + "type": "string", + "default": "samlpResponse.message" + }, + "responseStatusFalsifyAssertion": { + "type": "boolean", + "default": true + }, + "soapVersion": { + "type": "integer" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "OTHER" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "variablePrefixOverride": { + "type": "string" + }, + "version": { + "type": "integer" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseEvaluation:samlpAuthorizationInfo", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + } + }, + "resource": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute" + } + }, + "failIfAnyAttributeIsMissing": { + "type": "boolean", + "default": false + }, + "failIfAttributeValueExcludesAttribute": { + "type": "boolean", + "default": false + }, + "failIfNoAttributesAdded": { + "type": "boolean", + "default": true + }, + "failIfUnknownAttributeInFilter": { + "type": "boolean", + "default": false + }, + "filterExpression": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "attrStatement" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute", + "properties": { + "addBehavior": { + "type": "string", + "enum": [ + "STRING_CONVERT", + "ADD_AS_XML" + ], + "default": "STRING_CONVERT" + }, + "anyValue": { + "type": "boolean", + "default": false + }, + "emptyBehavior": { + "type": "string", + "enum": [ + "EMPTY_STRING", + "EXISTS_NO_VALUE", + "NULL_VALUE" + ], + "default": "EMPTY_STRING" + }, + "friendlyName": { + "type": "string" + }, + "missingWhenEmpty": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "nameFormat": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "repeatIfMulti": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + }, + "valueComparison": { + "type": "string", + "enum": [ + "STRING_COMPARE", + "CANONICALIZE" + ], + "default": "STRING_COMPARE" + }, + "variableNotFoundBehavior": { + "type": "string", + "enum": [ + "REPLACE_EMPTY_STRING", + "REPLACE_EXPRESSION_EMPTY_STRING" + ], + "default": "REPLACE_EMPTY_STRING" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement", + "properties": { + "authenticationMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "customAuthenticationMethods": { + "type": "string", + "default": "" + }, + "includeAuthenticationContextDeclaration": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseEvaluation/Main", + "title": "Evaluate SAML Protocol Response", + "properties": { + "SamlpResponseEvaluation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SamlpResponseEvaluation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SchemaValidation.json b/schema/v11.2.2/assertions/SchemaValidation.json new file mode 100644 index 0000000..b9f8199 --- /dev/null +++ b/schema/v11.2.2/assertions/SchemaValidation.json @@ -0,0 +1,108 @@ +{ + "configName": "SchemaValidation", + "name": "Validate XML Schema", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SchemaValidation", + "title": "Validate XML Schema", + "type": "object", + "properties": { + "applyToArguments": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "resourceInfo": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ] + }, + "validationTarget": { + "type": "string", + "enum": [ + "ENVELOPE", + "BODY", + "ARGUMENTS" + ], + "default": "BODY" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo", + "anyOf": [ + { + "type": "object", + "properties": { + "document": { + "type": "string" + }, + "originalUrl": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "url": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "id": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "allowMessagesWithoutUrl": { + "type": "boolean", + "default": false + }, + "urlRegexes": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SchemaValidation/Main", + "title": "Validate XML Schema", + "properties": { + "SchemaValidation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SchemaValidation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SecureConversation.json b/schema/v11.2.2/assertions/SecureConversation.json new file mode 100644 index 0000000..eb7a09f --- /dev/null +++ b/schema/v11.2.2/assertions/SecureConversation.json @@ -0,0 +1,48 @@ +{ + "configName": "SecureConversation", + "name": "Require WS-SecureConversation", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SecureConversation", + "title": "Require WS-SecureConversation", + "type": "object", + "properties": { + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SecureConversation/Main", + "title": "Require WS-SecureConversation", + "properties": { + "SecureConversation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SecureConversation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SelectElement.json b/schema/v11.2.2/assertions/SelectElement.json new file mode 100644 index 0000000..cd4c097 --- /dev/null +++ b/schema/v11.2.2/assertions/SelectElement.json @@ -0,0 +1,78 @@ +{ + "configName": "SelectElement", + "name": "Select Single Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SelectElement", + "title": "Select Single Element", + "type": "object", + "properties": { + "elementVariable": { + "type": "string", + "default": "element" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SelectElement/Main", + "title": "Select Single Element", + "properties": { + "SelectElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SelectElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ServiceMetricsEventListener.json b/schema/v11.2.2/assertions/ServiceMetricsEventListener.json new file mode 100644 index 0000000..4717ced --- /dev/null +++ b/schema/v11.2.2/assertions/ServiceMetricsEventListener.json @@ -0,0 +1,33 @@ +{ + "configName": "ServiceMetricsEventListener", + "name": "Service Metrics Event Listener", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ServiceMetricsEventListener", + "title": "Service Metrics Event Listener", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ServiceMetricsEventListener/Main", + "title": "Service Metrics Event Listener", + "properties": { + "ServiceMetricsEventListener": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ServiceMetricsEventListener" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SetSamlStatus.json b/schema/v11.2.2/assertions/SetSamlStatus.json new file mode 100644 index 0000000..a419d8e --- /dev/null +++ b/schema/v11.2.2/assertions/SetSamlStatus.json @@ -0,0 +1,75 @@ +{ + "configName": "SetSamlStatus", + "name": "Set SAML Response Status Code", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SetSamlStatus", + "title": "Set SAML Response Status Code", + "type": "object", + "properties": { + "samlStatus": { + "type": "string", + "enum": [ + "SAML_SUCCESS", + "SAML_VERSION_MISMATCH", + "SAML_REQUESTER", + "SAML_RESPONDER", + "SAML_REQUEST_VERSION_TOO_HIGH", + "SAML_REQUEST_VERSION_TOO_LOW", + "SAML_REQUEST_VERSION_DEPRECATED", + "SAML_TOO_MANY_RESPONSES", + "SAML_REQUEST_DENIED", + "SAML_RESOURCE_NOT_RECOGNIZED", + "SAML2_SUCCESS", + "SAML2_REQUESTER", + "SAML2_RESPONDER", + "SAML2_VERSION_MISMATCH", + "SAML2_AUTHN_FAILED", + "SAML2_INVALID_ATTR_NAME_OR_VALUE", + "SAML2_INVALID_NAMEID_POLICY", + "SAML2_NO_AUTHN_CONTEXT", + "SAML2_NO_AVAILABLE_IDP", + "SAML2_NO_PASSIVE", + "SAML2_NO_SUPPORTED_IDP", + "SAML2_PARTIAL_LOGOUT", + "SAML2_PROXY_COUNT_EXCEEDED", + "SAML2_REQUEST_DENIED", + "SAML2_REQUEST_UNSUPPORTED", + "SAML2_REQUEST_VERSION_DEPRECATED", + "SAML2_REQUEST_VERSION_TOO_HIGH", + "SAML2_REQUEST_VERSION_TOO_LOW", + "SAML2_RESOURCE_NOT_RECOGNIZED", + "SAML2_TOO_MANY_RESPONSES", + "SAML2_UNKNOWN_ATTR_PROFILE", + "SAML2_UNKNOWN_PRINCIPAL", + "SAML2_UNSUPPORTED_BINDING" + ] + }, + "variableName": { + "type": "string", + "default": "responseStatus" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SetSamlStatus/Main", + "title": "Set SAML Response Status Code", + "properties": { + "SetSamlStatus": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SetSamlStatus" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SetVariable.json b/schema/v11.2.2/assertions/SetVariable.json new file mode 100644 index 0000000..553bcae --- /dev/null +++ b/schema/v11.2.2/assertions/SetVariable.json @@ -0,0 +1,88 @@ +{ + "configName": "SetVariable", + "name": "Set Context Variable", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SetVariable", + "title": "Set Context Variable", + "type": "object", + "properties": { + "contentType": { + "type": "string" + }, + "dataType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType", + "default": "string" + }, + "dateFormat": { + "type": "string" + }, + "dateOffsetExpression": { + "type": "string" + }, + "dateOffsetField": { + "type": "integer", + "default": 13 + }, + "expression": { + "type": "string" + }, + "lineBreak": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/lineBreak", + "default": "CR-LF" + }, + "variable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/dataType", + "enum": [ + "string", + "cert", + "int", + "decimal", + "float", + "xml", + "boolean", + "binary", + "dateTime", + "message", + "blob", + "clob", + "other" + ] + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/lineBreak", + "enum": [ + "LF", + "CR", + "CR-LF" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SetVariable/Main", + "title": "Set Context Variable", + "properties": { + "SetVariable": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SetVariable" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SimpleRawTransport.json b/schema/v11.2.2/assertions/SimpleRawTransport.json new file mode 100644 index 0000000..2099d55 --- /dev/null +++ b/schema/v11.2.2/assertions/SimpleRawTransport.json @@ -0,0 +1,114 @@ +{ + "configName": "SimpleRawTransport", + "name": "Route via Raw TCP", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SimpleRawTransport", + "title": "Route via Raw TCP", + "type": "object", + "properties": { + "connectionTimeoutMillis": { + "type": "integer", + "default": 30000 + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "maxResponseBytesText": { + "type": "string", + "default": "-1" + }, + "readTimeoutMillis": { + "type": "integer", + "default": 2000 + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "responseContentType": { + "type": "string", + "default": "text/xml; charset=UTF-8" + }, + "responseTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "targetHost": { + "type": "string" + }, + "targetPort": { + "type": "string", + "default": "13224" + }, + "writeTimeoutMillis": { + "type": "integer", + "default": 2000 + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SimpleRawTransport/Main", + "title": "Route via Raw TCP", + "properties": { + "SimpleRawTransport": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SimpleRawTransport" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SiteMinderAuthenticate.json b/schema/v11.2.2/assertions/SiteMinderAuthenticate.json new file mode 100644 index 0000000..c9d1580 --- /dev/null +++ b/schema/v11.2.2/assertions/SiteMinderAuthenticate.json @@ -0,0 +1,90 @@ +{ + "configName": "SiteMinderAuthenticate", + "name": "Authenticate Against CA Single Sign-On", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderAuthenticate", + "title": "Authenticate Against CA Single Sign-On", + "type": "object", + "properties": { + "cookieSourceVar": { + "type": "string" + }, + "createSsoToken": { + "type": "boolean", + "default": true + }, + "lastCredential": { + "type": "boolean", + "default": true + }, + "namedCertificate": { + "type": "string" + }, + "namedJsonWebToken": { + "type": "string" + }, + "namedUser": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "passwordPolicy": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "sendJWT": { + "type": "boolean", + "default": false + }, + "sendUsernamePasswordCredential": { + "type": "boolean", + "default": true + }, + "sendX509CertificateCredential": { + "type": "boolean", + "default": false + }, + "ssoZoneName": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "useSMCookie": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderAuthenticate/Main", + "title": "Authenticate Against CA Single Sign-On", + "properties": { + "SiteMinderAuthenticate": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SiteMinderAuthenticate" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SiteMinderAuthorize.json b/schema/v11.2.2/assertions/SiteMinderAuthorize.json new file mode 100644 index 0000000..4b62715 --- /dev/null +++ b/schema/v11.2.2/assertions/SiteMinderAuthorize.json @@ -0,0 +1,84 @@ +{ + "configName": "SiteMinderAuthorize", + "name": "Authorize via CA Single Sign-On", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderAuthorize", + "title": "Authorize via CA Single Sign-On", + "type": "object", + "properties": { + "cookieComment": { + "type": "string" + }, + "cookieDomain": { + "type": "string" + }, + "cookieMaxAge": { + "type": "string" + }, + "cookieName": { + "type": "string" + }, + "cookiePath": { + "type": "string" + }, + "cookieSecure": { + "type": "string" + }, + "cookieSourceVar": { + "type": "string" + }, + "cookieVersion": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "setSMCookie": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "useCustomCookieName": { + "type": "boolean", + "default": false + }, + "useVarAsCookieSource": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderAuthorize/Main", + "title": "Authorize via CA Single Sign-On", + "properties": { + "SiteMinderAuthorize": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SiteMinderAuthorize" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SiteMinderChangePassword.json b/schema/v11.2.2/assertions/SiteMinderChangePassword.json new file mode 100644 index 0000000..fad8df6 --- /dev/null +++ b/schema/v11.2.2/assertions/SiteMinderChangePassword.json @@ -0,0 +1,67 @@ +{ + "configName": "SiteMinderChangePassword", + "name": "Change CA Single Sign-On User Password", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderChangePassword", + "title": "Change CA Single Sign-On User Password", + "type": "object", + "properties": { + "agentGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "agentId": { + "type": "string" + }, + "domOid": { + "type": "string" + }, + "newPassword": { + "type": "string" + }, + "oldPassword": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "username": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderChangePassword/Main", + "title": "Change CA Single Sign-On User Password", + "properties": { + "SiteMinderChangePassword": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SiteMinderChangePassword" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SiteMinderCheckProtected.json b/schema/v11.2.2/assertions/SiteMinderCheckProtected.json new file mode 100644 index 0000000..bb2958b --- /dev/null +++ b/schema/v11.2.2/assertions/SiteMinderCheckProtected.json @@ -0,0 +1,77 @@ +{ + "configName": "SiteMinderCheckProtected", + "name": "Check Protected Resource Against CA Single Sign-On", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderCheckProtected", + "title": "Check Protected Resource Against CA Single Sign-On", + "type": "object", + "properties": { + "acoName": { + "type": "string" + }, + "action": { + "type": "string" + }, + "agentGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "agentId": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "protectedResource": { + "type": "string" + }, + "serverName": { + "type": "string", + "default": "" + }, + "smAgentName": { + "type": "string" + }, + "sourceIpAddress": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderCheckProtected/Main", + "title": "Check Protected Resource Against CA Single Sign-On", + "properties": { + "SiteMinderCheckProtected": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SiteMinderCheckProtected" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SiteMinderEnableUser.json b/schema/v11.2.2/assertions/SiteMinderEnableUser.json new file mode 100644 index 0000000..f7ed55d --- /dev/null +++ b/schema/v11.2.2/assertions/SiteMinderEnableUser.json @@ -0,0 +1,61 @@ +{ + "configName": "SiteMinderEnableUser", + "name": "Enable CA Single Sign-On User", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderEnableUser", + "title": "Enable CA Single Sign-On User", + "type": "object", + "properties": { + "agentGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "agentId": { + "type": "string" + }, + "domOid": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "username": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SiteMinderEnableUser/Main", + "title": "Enable CA Single Sign-On User", + "properties": { + "SiteMinderEnableUser": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SiteMinderEnableUser" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SnmpTrap.json b/schema/v11.2.2/assertions/SnmpTrap.json new file mode 100644 index 0000000..9c408e5 --- /dev/null +++ b/schema/v11.2.2/assertions/SnmpTrap.json @@ -0,0 +1,53 @@ +{ + "configName": "SnmpTrap", + "name": "Send SNMP Trap", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SnmpTrap", + "title": "Send SNMP Trap", + "type": "object", + "properties": { + "community": { + "type": "string", + "default": "" + }, + "errorMessage": { + "type": "string", + "default": "Layer7 API Gateway SNMP Trap" + }, + "oid": { + "type": "string", + "default": "0" + }, + "targetHostname": { + "type": "string", + "default": "" + }, + "targetPort": { + "type": "integer", + "default": 162 + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SnmpTrap/Main", + "title": "Send SNMP Trap", + "properties": { + "SnmpTrap": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SnmpTrap" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SpecificUser.json b/schema/v11.2.2/assertions/SpecificUser.json new file mode 100644 index 0000000..1da75df --- /dev/null +++ b/schema/v11.2.2/assertions/SpecificUser.json @@ -0,0 +1,65 @@ +{ + "configName": "SpecificUser", + "name": "Authenticate User", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SpecificUser", + "title": "Authenticate User or Group", + "type": "object", + "properties": { + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid", + "default": "0000000000000000ffffffffffffffff" + }, + "identityTag": { + "type": "string" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "userLogin": { + "type": "string" + }, + "userName": { + "type": "string" + }, + "userUid": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SpecificUser/Main", + "title": "Authenticate User or Group", + "properties": { + "SpecificUser": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SpecificUser" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Split.json b/schema/v11.2.2/assertions/Split.json new file mode 100644 index 0000000..7fc596a --- /dev/null +++ b/schema/v11.2.2/assertions/Split.json @@ -0,0 +1,51 @@ +{ + "configName": "Split", + "name": "Split Variable", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Split", + "title": "Split Variable", + "type": "object", + "properties": { + "ignoreEmptyValues": { + "type": "boolean", + "default": false + }, + "inputVariable": { + "type": "string" + }, + "outputVariable": { + "type": "string" + }, + "splitPattern": { + "type": "string", + "default": "," + }, + "splitPatternRegEx": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Split/Main", + "title": "Split Variable", + "properties": { + "Split": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Split" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SqlAttack.json b/schema/v11.2.2/assertions/SqlAttack.json new file mode 100644 index 0000000..537c894 --- /dev/null +++ b/schema/v11.2.2/assertions/SqlAttack.json @@ -0,0 +1,63 @@ +{ + "configName": "SqlAttack", + "name": "Protect Against SQL Attacks", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SqlAttack", + "title": "Protect Against SQL Attacks", + "type": "object", + "properties": { + "includeBody": { + "type": "boolean", + "default": true + }, + "includeUrlPath": { + "type": "boolean", + "default": false + }, + "includeUrlQueryString": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "protections": { + "type": "array", + "items": { + "type": "string" + } + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SqlAttack/Main", + "title": "Protect Against SQL Attacks", + "properties": { + "SqlAttack": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SqlAttack" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SshCredential.json b/schema/v11.2.2/assertions/SshCredential.json new file mode 100644 index 0000000..173205a --- /dev/null +++ b/schema/v11.2.2/assertions/SshCredential.json @@ -0,0 +1,41 @@ +{ + "configName": "SshCredential", + "name": "Require SSH Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SshCredential", + "title": "Require SSH Credentials", + "type": "object", + "properties": { + "permitPasswordCredential": { + "type": "boolean", + "default": false + }, + "permitPublicKeyCredential": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SshCredential/Main", + "title": "Require SSH Credentials", + "properties": { + "SshCredential": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SshCredential" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/SshRouteAssertion.json b/schema/v11.2.2/assertions/SshRouteAssertion.json new file mode 100644 index 0000000..0d94340 --- /dev/null +++ b/schema/v11.2.2/assertions/SshRouteAssertion.json @@ -0,0 +1,206 @@ +{ + "configName": "SshRouteAssertion", + "name": "Route via SSH2", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/SshRouteAssertion", + "title": "Route via SSH2", + "type": "object", + "properties": { + "authMaxRetryCount": { + "type": "string", + "default": "" + }, + "commandType": { + "type": "string", + "enum": [ + "GET", + "PUT", + "LIST", + "DELETE", + "MKDIR", + "RMDIR", + "STAT", + "MOVE" + ], + "default": "PUT" + }, + "commandTypeVariableName": { + "type": "string" + }, + "connectTimeout": { + "type": "integer", + "default": 10 + }, + "credentialsSourceSpecified": { + "type": "boolean", + "default": false + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "directory": { + "type": "string" + }, + "downloadContentType": { + "type": "string" + }, + "failIfFileExists": { + "type": "boolean", + "default": false + }, + "fileLength": { + "type": "string", + "default": "-1" + }, + "fileName": { + "type": "string" + }, + "fileOffset": { + "type": "string", + "default": "0" + }, + "host": { + "type": "string" + }, + "kexAlgorithms": { + "type": "string", + "default": "" + }, + "newFileName": { + "type": "string" + }, + "passwordGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "port": { + "type": "string", + "default": "22" + }, + "preserveFileMetadata": { + "type": "boolean", + "default": false + }, + "privateKeyGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "readTimeout": { + "type": "integer", + "default": 60 + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "responseByteLimit": { + "type": "string" + }, + "responseTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "retrieveCommandTypeFromVariable": { + "type": "boolean", + "default": false + }, + "saveFileSizeContextVariable": { + "type": "string", + "default": "" + }, + "scpProtocol": { + "type": "boolean", + "default": false + }, + "setFileSizeToContextVariable": { + "type": "boolean", + "default": false + }, + "sshPublicKey": { + "type": "string" + }, + "useDefaultKexAlgorithms": { + "type": "boolean", + "default": true + }, + "usePrivateKey": { + "type": "boolean", + "default": false + }, + "usePublicKey": { + "type": "boolean", + "default": false + }, + "username": { + "type": "string" + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/SshRouteAssertion/Main", + "title": "Route via SSH2", + "properties": { + "SshRouteAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/SshRouteAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Ssl.json b/schema/v11.2.2/assertions/Ssl.json new file mode 100644 index 0000000..1307f9f --- /dev/null +++ b/schema/v11.2.2/assertions/Ssl.json @@ -0,0 +1,49 @@ +{ + "configName": "Ssl", + "name": "Require SSL or TLS Transport", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Ssl", + "title": "Require SSL or TLS Transport", + "type": "object", + "properties": { + "checkCertValidity": { + "type": "boolean", + "default": true + }, + "option": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Ssl:optionValue", + "default": "Required" + }, + "requireClientAuthentication": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Ssl:optionValue" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Ssl/Main", + "title": "Require SSL or TLS Transport", + "properties": { + "Ssl": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Ssl" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Swagger.json b/schema/v11.2.2/assertions/Swagger.json new file mode 100644 index 0000000..509b3fc --- /dev/null +++ b/schema/v11.2.2/assertions/Swagger.json @@ -0,0 +1,60 @@ +{ + "configName": "Swagger", + "name": "Validate Against Swagger Document", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Swagger", + "title": "Validate Against Swagger Document", + "type": "object", + "properties": { + "prefix": { + "type": "string", + "default": "sw" + }, + "requireSecurityCredentials": { + "type": "boolean", + "default": true + }, + "serviceBase": { + "type": "string", + "default": "" + }, + "swaggerDoc": { + "type": "string" + }, + "validateMethod": { + "type": "boolean", + "default": true + }, + "validatePath": { + "type": "boolean", + "default": true + }, + "validateScheme": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Swagger/Main", + "title": "Validate Against Swagger Document", + "properties": { + "Swagger": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Swagger" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ThroughputQuota.json b/schema/v11.2.2/assertions/ThroughputQuota.json new file mode 100644 index 0000000..7af8e12 --- /dev/null +++ b/schema/v11.2.2/assertions/ThroughputQuota.json @@ -0,0 +1,72 @@ +{ + "configName": "ThroughputQuota", + "name": "Apply Throughput Quota", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ThroughputQuota", + "title": "Apply Throughput Quota", + "type": "object", + "properties": { + "byValue": { + "type": "string" + }, + "counterName": { + "type": "string", + "default": "ThroughputQuota-${request.authenticateduser.id}-${request.authenticateduser.providerid}" + }, + "counterStrategy": { + "type": "integer", + "default": 2 + }, + "global": { + "type": "boolean", + "default": false + }, + "logOnly": { + "type": "boolean", + "default": false + }, + "quota": { + "type": "string", + "default": "200" + }, + "readSynchronous": { + "type": "boolean", + "default": true + }, + "synchronous": { + "type": "boolean", + "default": true + }, + "timeUnit": { + "type": "string", + "default": "month" + }, + "variablePrefix": { + "type": "string", + "default": "" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ThroughputQuota/Main", + "title": "Apply Throughput Quota", + "properties": { + "ThroughputQuota": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ThroughputQuota" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ThroughputQuotaQuery.json b/schema/v11.2.2/assertions/ThroughputQuotaQuery.json new file mode 100644 index 0000000..6132a8a --- /dev/null +++ b/schema/v11.2.2/assertions/ThroughputQuotaQuery.json @@ -0,0 +1,39 @@ +{ + "configName": "ThroughputQuotaQuery", + "name": "Query Throughput Quota", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ThroughputQuotaQuery", + "title": "Query Throughput Quota", + "type": "object", + "properties": { + "counterName": { + "type": "string" + }, + "variablePrefix": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ThroughputQuotaQuery/Main", + "title": "Query Throughput Quota", + "properties": { + "ThroughputQuotaQuery": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ThroughputQuotaQuery" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/TimeRange.json b/schema/v11.2.2/assertions/TimeRange.json new file mode 100644 index 0000000..39dd722 --- /dev/null +++ b/schema/v11.2.2/assertions/TimeRange.json @@ -0,0 +1,82 @@ +{ + "configName": "TimeRange", + "name": "Limit Availability to Time/Days", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/TimeRange", + "title": "Limit Availability to Time/Days", + "type": "object", + "properties": { + "controlDay": { + "type": "boolean", + "default": false + }, + "controlTime": { + "type": "boolean", + "default": false + }, + "endDayOfWeek": { + "type": "integer", + "default": 0 + }, + "startDayOfWeek": { + "type": "integer", + "default": 0 + }, + "timeRange": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeOfDayRange" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeOfDayRange", + "properties": { + "from": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeOfDay" + }, + "to": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeOfDay" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeOfDay", + "properties": { + "hour": { + "type": "integer", + "default": 0 + }, + "minute": { + "type": "integer", + "default": 0 + }, + "second": { + "type": "integer", + "default": 0 + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/TimeRange/Main", + "title": "Limit Availability to Time/Days", + "properties": { + "TimeRange": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/TimeRange" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Transaction.json b/schema/v11.2.2/assertions/Transaction.json new file mode 100644 index 0000000..f274931 --- /dev/null +++ b/schema/v11.2.2/assertions/Transaction.json @@ -0,0 +1,42 @@ +{ + "configName": "Transaction", + "name": "JDBC Transaction Group: All assertions must evaluate to true in a single transaction (for CA internal use)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Transaction", + "title": "JDBC Transaction Group: All assertions must evaluate to true in a single transaction (for CA internal use)", + "type": "object", + "properties": { + "connectionName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + }, + "_children": { + "type": "array", + "items": { + "type": "object" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Transaction/Main", + "title": "JDBC Transaction Group: All assertions must evaluate to true in a single transaction (for CA internal use)", + "properties": { + "Transaction": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Transaction" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/True.json b/schema/v11.2.2/assertions/True.json new file mode 100644 index 0000000..a3aef19 --- /dev/null +++ b/schema/v11.2.2/assertions/True.json @@ -0,0 +1,33 @@ +{ + "configName": "True", + "name": "Continue Processing", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/True", + "title": "Continue Processing", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/True/Main", + "title": "Continue Processing", + "properties": { + "True": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/True" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/UDDINotification.json b/schema/v11.2.2/assertions/UDDINotification.json new file mode 100644 index 0000000..2299d53 --- /dev/null +++ b/schema/v11.2.2/assertions/UDDINotification.json @@ -0,0 +1,33 @@ +{ + "configName": "UDDINotification", + "name": "Handle UDDI Subscription Notification", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/UDDINotification", + "title": "Handle UDDI Subscription Notification", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/UDDINotification/Main", + "title": "Handle UDDI Subscription Notification", + "properties": { + "UDDINotification": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/UDDINotification" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/UUIDGenerator.json b/schema/v11.2.2/assertions/UUIDGenerator.json new file mode 100644 index 0000000..b8fbc10 --- /dev/null +++ b/schema/v11.2.2/assertions/UUIDGenerator.json @@ -0,0 +1,44 @@ +{ + "configName": "UUIDGenerator", + "name": "Generate UUID", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/UUIDGenerator", + "title": "Generate UUID", + "type": "object", + "properties": { + "maximumQuantity": { + "type": "integer", + "default": 100 + }, + "quantity": { + "type": "string", + "default": "1" + }, + "targetVariable": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/UUIDGenerator/Main", + "title": "Generate UUID", + "properties": { + "UUIDGenerator": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/UUIDGenerator" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Unknown.json b/schema/v11.2.2/assertions/Unknown.json new file mode 100644 index 0000000..c480d60 --- /dev/null +++ b/schema/v11.2.2/assertions/Unknown.json @@ -0,0 +1,39 @@ +{ + "configName": "Unknown", + "name": "Unresolved assertion type", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Unknown", + "title": "Unresolved assertion type", + "type": "object", + "properties": { + "detailMessage": { + "type": "string" + }, + "originalXml": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Unknown/Main", + "title": "Unresolved assertion type", + "properties": { + "Unknown": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Unknown" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ValidateCertificate.json b/schema/v11.2.2/assertions/ValidateCertificate.json new file mode 100644 index 0000000..cc502a2 --- /dev/null +++ b/schema/v11.2.2/assertions/ValidateCertificate.json @@ -0,0 +1,53 @@ +{ + "configName": "ValidateCertificate", + "name": "Validate Certificate", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ValidateCertificate", + "title": "Validate Certificate", + "type": "object", + "properties": { + "logOnly": { + "type": "boolean", + "default": false + }, + "sourceVariable": { + "type": "string" + }, + "validationType": { + "type": "string", + "enum": [ + "CERTIFICATE_ONLY", + "PATH_VALIDATION", + "REVOCATION" + ], + "default": "CERTIFICATE_ONLY" + }, + "variablePrefix": { + "type": "string", + "default": "certificateValidation" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ValidateCertificate/Main", + "title": "Validate Certificate", + "properties": { + "ValidateCertificate": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ValidateCertificate" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/ValidateNonSoapSamlToken.json b/schema/v11.2.2/assertions/ValidateNonSoapSamlToken.json new file mode 100644 index 0000000..11831ea --- /dev/null +++ b/schema/v11.2.2/assertions/ValidateNonSoapSamlToken.json @@ -0,0 +1,254 @@ +{ + "configName": "ValidateNonSoapSamlToken", + "name": "(Non-SOAP) Validate SAML Token", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/ValidateNonSoapSamlToken", + "title": "(Non-SOAP) Validate SAML Token", + "type": "object", + "properties": { + "attributeStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement" + }, + "audienceRestriction": { + "type": "string" + }, + "authenticationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement" + }, + "authorizationStatement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement" + }, + "checkAssertionValidity": { + "type": "boolean", + "default": true + }, + "maxExpiry": { + "type": "number", + "default": 0 + }, + "nameFormats": { + "type": "array", + "items": { + "type": "string" + } + }, + "nameQualifier": { + "type": "string" + }, + "noSubjectConfirmation": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "requireDigitalSignature": { + "type": "boolean", + "default": true + }, + "subjectConfirmationDataCheckAddress": { + "type": "boolean", + "default": false + }, + "subjectConfirmationDataCheckValidity": { + "type": "boolean", + "default": true + }, + "subjectConfirmationDataRecipient": { + "type": "string" + }, + "subjectConfirmations": { + "type": "array", + "items": { + "type": "string" + } + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "timeUnit": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "default": "m" + }, + "version": { + "type": "integer" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute" + } + }, + "failIfAnyAttributeIsMissing": { + "type": "boolean", + "default": false + }, + "failIfAttributeValueExcludesAttribute": { + "type": "boolean", + "default": false + }, + "failIfNoAttributesAdded": { + "type": "boolean", + "default": true + }, + "failIfUnknownAttributeInFilter": { + "type": "boolean", + "default": false + }, + "filterExpression": { + "type": "string", + "default": "" + }, + "variablePrefix": { + "type": "string", + "default": "attrStatement" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAttributeStatement$Attribute", + "properties": { + "addBehavior": { + "type": "string", + "enum": [ + "STRING_CONVERT", + "ADD_AS_XML" + ], + "default": "STRING_CONVERT" + }, + "anyValue": { + "type": "boolean", + "default": false + }, + "emptyBehavior": { + "type": "string", + "enum": [ + "EMPTY_STRING", + "EXISTS_NO_VALUE", + "NULL_VALUE" + ], + "default": "EMPTY_STRING" + }, + "friendlyName": { + "type": "string" + }, + "missingWhenEmpty": { + "type": "boolean", + "default": false + }, + "name": { + "type": "string" + }, + "nameFormat": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "repeatIfMulti": { + "type": "boolean", + "default": false + }, + "value": { + "type": "string" + }, + "valueComparison": { + "type": "string", + "enum": [ + "STRING_COMPARE", + "CANONICALIZE" + ], + "default": "STRING_COMPARE" + }, + "variableNotFoundBehavior": { + "type": "string", + "enum": [ + "REPLACE_EMPTY_STRING", + "REPLACE_EXPRESSION_EMPTY_STRING" + ], + "default": "REPLACE_EMPTY_STRING" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthenticationStatement", + "properties": { + "authenticationMethods": { + "type": "array", + "items": { + "type": "string" + } + }, + "customAuthenticationMethods": { + "type": "string", + "default": "" + }, + "includeAuthenticationContextDeclaration": { + "type": "boolean", + "default": true + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/samlAuthorizationStatement", + "properties": { + "action": { + "type": "string" + }, + "actionNamespace": { + "type": "string" + }, + "resource": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/timeUnit", + "enum": [ + "ms", + "s", + "m", + "h", + "d" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/ValidateNonSoapSamlToken/Main", + "title": "(Non-SOAP) Validate SAML Token", + "properties": { + "ValidateNonSoapSamlToken": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/ValidateNonSoapSamlToken" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/VariableCredentialSource.json b/schema/v11.2.2/assertions/VariableCredentialSource.json new file mode 100644 index 0000000..b6bff5b --- /dev/null +++ b/schema/v11.2.2/assertions/VariableCredentialSource.json @@ -0,0 +1,48 @@ +{ + "configName": "VariableCredentialSource", + "name": "Retrieve Credentials from Context Variable", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/VariableCredentialSource", + "title": "Retrieve Credentials from Context Variable", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variableName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/VariableCredentialSource/Main", + "title": "Retrieve Credentials from Context Variable", + "properties": { + "VariableCredentialSource": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/VariableCredentialSource" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WebSocket.json b/schema/v11.2.2/assertions/WebSocket.json new file mode 100644 index 0000000..ac8d7ea --- /dev/null +++ b/schema/v11.2.2/assertions/WebSocket.json @@ -0,0 +1,33 @@ +{ + "configName": "WebSocket", + "name": "WebSocket", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocket", + "title": "WebSocket", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocket/Main", + "title": "WebSocket", + "properties": { + "WebSocket": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WebSocket" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WebSocketConnect.json b/schema/v11.2.2/assertions/WebSocketConnect.json new file mode 100644 index 0000000..7a3d99f --- /dev/null +++ b/schema/v11.2.2/assertions/WebSocketConnect.json @@ -0,0 +1,37 @@ +{ + "configName": "WebSocketConnect", + "name": "Connect To Outbound WebSocket", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketConnect", + "title": "Connect To Outbound WebSocket", + "type": "object", + "properties": { + "failOnUnsuccessfulConnectionUpgrade": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketConnect/Main", + "title": "Connect To Outbound WebSocket", + "properties": { + "WebSocketConnect": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WebSocketConnect" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WebSocketEntityManager.json b/schema/v11.2.2/assertions/WebSocketEntityManager.json new file mode 100644 index 0000000..fa792d0 --- /dev/null +++ b/schema/v11.2.2/assertions/WebSocketEntityManager.json @@ -0,0 +1,33 @@ +{ + "configName": "WebSocketEntityManager", + "name": "WebSocket Entity Manager", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketEntityManager", + "title": "WebSocket Entity Manager", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketEntityManager/Main", + "title": "WebSocket Entity Manager", + "properties": { + "WebSocketEntityManager": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WebSocketEntityManager" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WebSocketMessageInjection.json b/schema/v11.2.2/assertions/WebSocketMessageInjection.json new file mode 100644 index 0000000..bcc3c9c --- /dev/null +++ b/schema/v11.2.2/assertions/WebSocketMessageInjection.json @@ -0,0 +1,65 @@ +{ + "configName": "WebSocketMessageInjection", + "name": "WebSocket Message Injection", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketMessageInjection", + "title": "WebSocket Message Injection", + "type": "object", + "properties": { + "broadcast": { + "type": "boolean", + "default": false + }, + "clientIds": { + "type": "string" + }, + "deliveryFailure": { + "type": "boolean", + "default": false + }, + "inbound": { + "type": "boolean", + "default": true + }, + "message": { + "type": "string" + }, + "serviceOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "subprotocol": { + "type": "string" + }, + "textMessage": { + "type": "boolean", + "default": true + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketMessageInjection/Main", + "title": "WebSocket Message Injection", + "properties": { + "WebSocketMessageInjection": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WebSocketMessageInjection" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WebSocketValidation.json b/schema/v11.2.2/assertions/WebSocketValidation.json new file mode 100644 index 0000000..3aaf15d --- /dev/null +++ b/schema/v11.2.2/assertions/WebSocketValidation.json @@ -0,0 +1,48 @@ +{ + "configName": "WebSocketValidation", + "name": "Validate WebSocket Message", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketValidation", + "title": "Validate WebSocket Message", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "userVariablePrefix": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WebSocketValidation/Main", + "title": "Validate WebSocket Message", + "properties": { + "WebSocketValidation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WebSocketValidation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WsAddressing.json b/schema/v11.2.2/assertions/WsAddressing.json new file mode 100644 index 0000000..1f8cf0c --- /dev/null +++ b/schema/v11.2.2/assertions/WsAddressing.json @@ -0,0 +1,109 @@ +{ + "configName": "WsAddressing", + "name": "Require WS-Addressing", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WsAddressing", + "title": "Require WS-Addressing", + "type": "object", + "properties": { + "enableOtherNamespace": { + "type": "string" + }, + "enableWsAddressing10": { + "type": "boolean", + "default": true + }, + "enableWsAddressing200408": { + "type": "boolean", + "default": false + }, + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requireSignature": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "variablePrefix": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WsAddressing/Main", + "title": "Require WS-Addressing", + "properties": { + "WsAddressing": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WsAddressing" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WsFederationPassiveTokenExchange.json b/schema/v11.2.2/assertions/WsFederationPassiveTokenExchange.json new file mode 100644 index 0000000..779dfbf --- /dev/null +++ b/schema/v11.2.2/assertions/WsFederationPassiveTokenExchange.json @@ -0,0 +1,46 @@ +{ + "configName": "WsFederationPassiveTokenExchange", + "name": "Use WS-Federation Credential (Exchange)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WsFederationPassiveTokenExchange", + "title": "Use WS-Federation Credential", + "type": "object", + "properties": { + "authenticate": { + "type": "boolean", + "default": false + }, + "context": { + "type": "string" + }, + "ipStsUrl": { + "type": "string" + }, + "replyUrl": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WsFederationPassiveTokenExchange/Main", + "title": "Use WS-Federation Credential", + "properties": { + "WsFederationPassiveTokenExchange": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WsFederationPassiveTokenExchange" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WsFederationPassiveTokenRequest.json b/schema/v11.2.2/assertions/WsFederationPassiveTokenRequest.json new file mode 100644 index 0000000..32d1efb --- /dev/null +++ b/schema/v11.2.2/assertions/WsFederationPassiveTokenRequest.json @@ -0,0 +1,53 @@ +{ + "configName": "WsFederationPassiveTokenRequest", + "name": "Use WS-Federation Credential (Obtain)", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WsFederationPassiveTokenRequest", + "title": "Use WS-Federation Credential", + "type": "object", + "properties": { + "authenticate": { + "type": "boolean", + "default": false + }, + "context": { + "type": "string" + }, + "ipStsUrl": { + "type": "string" + }, + "realm": { + "type": "string" + }, + "replyUrl": { + "type": "string" + }, + "timestamp": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WsFederationPassiveTokenRequest/Main", + "title": "Use WS-Federation Credential", + "properties": { + "WsFederationPassiveTokenRequest": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WsFederationPassiveTokenRequest" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WsSecurity.json b/schema/v11.2.2/assertions/WsSecurity.json new file mode 100644 index 0000000..82c3f34 --- /dev/null +++ b/schema/v11.2.2/assertions/WsSecurity.json @@ -0,0 +1,89 @@ +{ + "configName": "WsSecurity", + "name": "Add or Remove WS-Security", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WsSecurity", + "title": "Add or Remove WS-Security", + "type": "object", + "properties": { + "applyWsSecurity": { + "type": "boolean", + "default": true + }, + "clearDecorationRequirements": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientTrustedCertificateGoid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "recipientTrustedCertificateName": { + "type": "string" + }, + "recipientTrustedCertificateVariable": { + "type": "string" + }, + "removeUnmatchedSecurityHeaders": { + "type": "boolean", + "default": false + }, + "replaceSecurityHeader": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "useSecureSpanActor": { + "type": "boolean", + "default": false + }, + "useSecurityHeaderMustUnderstand": { + "type": "boolean", + "default": true + }, + "wsSecurityVersion": { + "type": "string", + "enum": [ + "WSS10", + "WSS11" + ] + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WsSecurity/Main", + "title": "Add or Remove WS-Security", + "properties": { + "WsSecurity": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WsSecurity" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WsTrustCredentialExchange.json b/schema/v11.2.2/assertions/WsTrustCredentialExchange.json new file mode 100644 index 0000000..e805cf7 --- /dev/null +++ b/schema/v11.2.2/assertions/WsTrustCredentialExchange.json @@ -0,0 +1,58 @@ +{ + "configName": "WsTrustCredentialExchange", + "name": "Exchange Credentials using WS-Trust", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WsTrustCredentialExchange", + "title": "Exchange Credentials using WS-Trust", + "type": "object", + "properties": { + "appliesTo": { + "type": "string" + }, + "issuer": { + "type": "string" + }, + "requestType": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/wsTrustRequestType" + }, + "tokenServiceUrl": { + "type": "string" + }, + "wsTrustNamespace": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/wsTrustRequestType", + "enum": [ + "http://schemas.xmlsoap.org/ws/2005/02/trust/Issue", + "http://schemas.xmlsoap.org/ws/2005/02/trust/Validate", + "http://schemas.xmlsoap.org/ws/2005/02/trust/Renew", + "http://schemas.xmlsoap.org/ws/2005/02/trust/Cancel" + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WsTrustCredentialExchange/Main", + "title": "Exchange Credentials using WS-Trust", + "properties": { + "WsTrustCredentialExchange": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WsTrustCredentialExchange" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WsiBsp.json b/schema/v11.2.2/assertions/WsiBsp.json new file mode 100644 index 0000000..2af8fcc --- /dev/null +++ b/schema/v11.2.2/assertions/WsiBsp.json @@ -0,0 +1,57 @@ +{ + "configName": "WsiBsp", + "name": "Enforce WS-I BSP Compliance", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WsiBsp", + "title": "Enforce WS-I BSP Compliance", + "type": "object", + "properties": { + "auditRequestNonCompliance": { + "type": "boolean", + "default": true + }, + "auditResponseNonCompliance": { + "type": "boolean", + "default": true + }, + "checkRequestMessages": { + "type": "boolean", + "default": false + }, + "checkResponseMessages": { + "type": "boolean", + "default": false + }, + "failOnNonCompliantRequest": { + "type": "boolean", + "default": false + }, + "failOnNonCompliantResponse": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WsiBsp/Main", + "title": "Enforce WS-I BSP Compliance", + "properties": { + "WsiBsp": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WsiBsp" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WsiSaml.json b/schema/v11.2.2/assertions/WsiSaml.json new file mode 100644 index 0000000..1bc1152 --- /dev/null +++ b/schema/v11.2.2/assertions/WsiSaml.json @@ -0,0 +1,57 @@ +{ + "configName": "WsiSaml", + "name": "Enforce WS-I SAML Compliance", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WsiSaml", + "title": "Enforce WS-I SAML Compliance", + "type": "object", + "properties": { + "auditRequestNonCompliance": { + "type": "boolean", + "default": true + }, + "auditResponseNonCompliance": { + "type": "boolean", + "default": true + }, + "checkRequestMessages": { + "type": "boolean", + "default": true + }, + "checkResponseMessages": { + "type": "boolean", + "default": false + }, + "failOnNonCompliantRequest": { + "type": "boolean", + "default": false + }, + "failOnNonCompliantResponse": { + "type": "boolean", + "default": false + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WsiSaml/Main", + "title": "Enforce WS-I SAML Compliance", + "properties": { + "WsiSaml": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WsiSaml" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WssBasic.json b/schema/v11.2.2/assertions/WssBasic.json new file mode 100644 index 0000000..3a4d636 --- /dev/null +++ b/schema/v11.2.2/assertions/WssBasic.json @@ -0,0 +1,60 @@ +{ + "configName": "WssBasic", + "name": "Require WS-Security UsernameToken Profile Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WssBasic", + "title": "Require WS-Security UsernameToken Profile Credentials", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WssBasic/Main", + "title": "Require WS-Security UsernameToken Profile Credentials", + "properties": { + "WssBasic": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WssBasic" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WssConfiguration.json b/schema/v11.2.2/assertions/WssConfiguration.json new file mode 100644 index 0000000..b841ad6 --- /dev/null +++ b/schema/v11.2.2/assertions/WssConfiguration.json @@ -0,0 +1,148 @@ +{ + "configName": "WssConfiguration", + "name": "Configure WS-Security Decoration", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WssConfiguration", + "title": "Configure WS-Security Decoration", + "type": "object", + "properties": { + "addTimestamp": { + "type": "boolean", + "default": true + }, + "digestAlgorithmName": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "encryptSignature": { + "type": "boolean", + "default": false + }, + "encryptionAlgorithmUri": { + "type": "string" + }, + "encryptionKeyReference": { + "type": "string" + }, + "keyAlias": { + "type": "string" + }, + "keyReference": { + "type": "string" + }, + "keyWrappingAlgorithmUri": { + "type": "string" + }, + "neverSignTimestamp": { + "type": "boolean", + "default": false + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "omitTimestamp": { + "type": "boolean", + "default": false + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "protectTokens": { + "type": "boolean", + "default": true + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "referenceDigestAlgorithmName": { + "type": "string" + }, + "secureConversationNamespace": { + "type": "string" + }, + "signTimestamp": { + "type": "boolean", + "default": true + }, + "signTimestampValue": { + "type": "string" + }, + "signWsAddressingHeaders": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "timestampValue": { + "type": "string" + }, + "useDerivedKeys": { + "type": "boolean", + "default": false + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "wssVersion": { + "type": "string", + "enum": [ + "WSS10", + "WSS11" + ] + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WssConfiguration/Main", + "title": "Configure WS-Security Decoration", + "properties": { + "WssConfiguration": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WssConfiguration" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WssDigest.json b/schema/v11.2.2/assertions/WssDigest.json new file mode 100644 index 0000000..a34615d --- /dev/null +++ b/schema/v11.2.2/assertions/WssDigest.json @@ -0,0 +1,74 @@ +{ + "configName": "WssDigest", + "name": "Require WS-Security Password Digest Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WssDigest", + "title": "Require WS-Security Password Digest Credentials", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requireNonce": { + "type": "boolean", + "default": false + }, + "requireTimestamp": { + "type": "boolean", + "default": false + }, + "requiredPassword": { + "type": "string" + }, + "requiredUsername": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WssDigest/Main", + "title": "Require WS-Security Password Digest Credentials", + "properties": { + "WssDigest": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WssDigest" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WssEncryptElement.json b/schema/v11.2.2/assertions/WssEncryptElement.json new file mode 100644 index 0000000..5ff6d03 --- /dev/null +++ b/schema/v11.2.2/assertions/WssEncryptElement.json @@ -0,0 +1,135 @@ +{ + "configName": "WssEncryptElement", + "name": "Encrypt Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WssEncryptElement", + "title": "Encrypt Element", + "type": "object", + "properties": { + "encryptContentsOnly": { + "type": "boolean", + "default": true + }, + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "keyEncryptionAlgorithm": { + "type": "string" + }, + "keyReference": { + "type": "string", + "default": "SubjectKeyIdentifier" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "xEncAlgorithm": { + "type": "string", + "default": "http://www.w3.org/2001/04/xmlenc#aes128-cbc" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WssEncryptElement/Main", + "title": "Encrypt Element", + "properties": { + "WssEncryptElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WssEncryptElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WssReplayProtection.json b/schema/v11.2.2/assertions/WssReplayProtection.json new file mode 100644 index 0000000..146c914 --- /dev/null +++ b/schema/v11.2.2/assertions/WssReplayProtection.json @@ -0,0 +1,105 @@ +{ + "configName": "WssReplayProtection", + "name": "Protect Against Message Replay", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WssReplayProtection", + "title": "Protect Against Message Replay", + "type": "object", + "properties": { + "customExpiryTime": { + "type": "integer", + "default": 0 + }, + "customIdentifierVariable": { + "type": "string" + }, + "customProtection": { + "type": "boolean", + "default": false + }, + "customScope": { + "type": "string" + }, + "identityTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/identityTarget", + "properties": { + "identityId": { + "type": "string" + }, + "identityInfo": { + "type": "string" + }, + "identityProviderOid": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "targetIdentityType": { + "type": "string", + "enum": [ + "USER", + "GROUP", + "PROVIDER", + "TAG" + ] + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WssReplayProtection/Main", + "title": "Protect Against Message Replay", + "properties": { + "WssReplayProtection": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WssReplayProtection" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WssSignElement.json b/schema/v11.2.2/assertions/WssSignElement.json new file mode 100644 index 0000000..f8c77e7 --- /dev/null +++ b/schema/v11.2.2/assertions/WssSignElement.json @@ -0,0 +1,122 @@ +{ + "configName": "WssSignElement", + "name": "Sign Element", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WssSignElement", + "title": "Sign Element", + "type": "object", + "properties": { + "digestAlgorithmName": { + "type": "string" + }, + "dynamicPrivateKeyVariable": { + "type": "string", + "default": "" + }, + "keyAlias": { + "type": "string" + }, + "keyReference": { + "type": "string", + "default": "BinarySecurityToken" + }, + "nonDefaultKeystoreId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "protectTokens": { + "type": "boolean", + "default": false + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "RESPONSE" + }, + "usesDefaultKeyStore": { + "type": "boolean", + "default": true + }, + "usesDynamicPrivateKey": { + "type": "boolean", + "default": false + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WssSignElement/Main", + "title": "Sign Element", + "properties": { + "WssSignElement": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WssSignElement" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/WssVersion.json b/schema/v11.2.2/assertions/WssVersion.json new file mode 100644 index 0000000..f3bf187 --- /dev/null +++ b/schema/v11.2.2/assertions/WssVersion.json @@ -0,0 +1,33 @@ +{ + "configName": "WssVersion", + "name": "Use WS-Security 1.1", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/WssVersion", + "title": "Use WS-Security 1.1", + "type": "object", + "properties": { + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/WssVersion/Main", + "title": "Use WS-Security 1.1", + "properties": { + "WssVersion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/WssVersion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/Wssp.json b/schema/v11.2.2/assertions/Wssp.json new file mode 100644 index 0000000..50c4021 --- /dev/null +++ b/schema/v11.2.2/assertions/Wssp.json @@ -0,0 +1,42 @@ +{ + "configName": "Wssp", + "name": "Enforce WS-Security Policy Compliance", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/Wssp", + "title": "Enforce WS-Security Policy Compliance", + "type": "object", + "properties": { + "basePolicyXml": { + "type": "string" + }, + "inputPolicyXml": { + "type": "string" + }, + "outputPolicyXml": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/Wssp/Main", + "title": "Enforce WS-Security Policy Compliance", + "properties": { + "Wssp": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/Wssp" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPAssociateSessions.json b/schema/v11.2.2/assertions/XMPPAssociateSessions.json new file mode 100644 index 0000000..008ea5b --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPAssociateSessions.json @@ -0,0 +1,39 @@ +{ + "configName": "XMPPAssociateSessions", + "name": "XMPP Associate Sessions", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPAssociateSessions", + "title": "XMPP Associate Sessions", + "type": "object", + "properties": { + "inboundSessionId": { + "type": "string" + }, + "outboundSessionId": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPAssociateSessions/Main", + "title": "XMPP Associate Sessions", + "properties": { + "XMPPAssociateSessions": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPAssociateSessions" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPCloseSession.json b/schema/v11.2.2/assertions/XMPPCloseSession.json new file mode 100644 index 0000000..ee1d51e --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPCloseSession.json @@ -0,0 +1,40 @@ +{ + "configName": "XMPPCloseSession", + "name": "Close XMPP Session", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPCloseSession", + "title": "Close XMPP Session", + "type": "object", + "properties": { + "inbound": { + "type": "boolean", + "default": true + }, + "sessionId": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPCloseSession/Main", + "title": "Close XMPP Session", + "properties": { + "XMPPCloseSession": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPCloseSession" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPGetAssociatedSessionId.json b/schema/v11.2.2/assertions/XMPPGetAssociatedSessionId.json new file mode 100644 index 0000000..6178b02 --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPGetAssociatedSessionId.json @@ -0,0 +1,43 @@ +{ + "configName": "XMPPGetAssociatedSessionId", + "name": "XMPP Get Session ID", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPGetAssociatedSessionId", + "title": "XMPP Get Session ID", + "type": "object", + "properties": { + "inbound": { + "type": "boolean", + "default": true + }, + "sessionId": { + "type": "string" + }, + "variableName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPGetAssociatedSessionId/Main", + "title": "XMPP Get Session ID", + "properties": { + "XMPPGetAssociatedSessionId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPGetAssociatedSessionId" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPGetRemoteCertificate.json b/schema/v11.2.2/assertions/XMPPGetRemoteCertificate.json new file mode 100644 index 0000000..4975611 --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPGetRemoteCertificate.json @@ -0,0 +1,43 @@ +{ + "configName": "XMPPGetRemoteCertificate", + "name": "XMPP Get Client Certificate", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPGetRemoteCertificate", + "title": "XMPP Get Client Certificate", + "type": "object", + "properties": { + "inbound": { + "type": "boolean", + "default": false + }, + "sessionId": { + "type": "string" + }, + "variableName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPGetRemoteCertificate/Main", + "title": "XMPP Get Client Certificate", + "properties": { + "XMPPGetRemoteCertificate": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPGetRemoteCertificate" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPGetSessionAttribute.json b/schema/v11.2.2/assertions/XMPPGetSessionAttribute.json new file mode 100644 index 0000000..212d469 --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPGetSessionAttribute.json @@ -0,0 +1,46 @@ +{ + "configName": "XMPPGetSessionAttribute", + "name": "XMPP Get Session Attribute", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPGetSessionAttribute", + "title": "XMPP Get Session Attribute", + "type": "object", + "properties": { + "attributeName": { + "type": "string" + }, + "inbound": { + "type": "boolean", + "default": true + }, + "sessionId": { + "type": "string" + }, + "variableName": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPGetSessionAttribute/Main", + "title": "XMPP Get Session Attribute", + "properties": { + "XMPPGetSessionAttribute": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPGetSessionAttribute" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPOpenServerSession.json b/schema/v11.2.2/assertions/XMPPOpenServerSession.json new file mode 100644 index 0000000..e591498 --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPOpenServerSession.json @@ -0,0 +1,40 @@ +{ + "configName": "XMPPOpenServerSession", + "name": "Open XMPP Server Session", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPOpenServerSession", + "title": "Open XMPP Server Session", + "type": "object", + "properties": { + "xMPPConnectionId": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "string", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/goid" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPOpenServerSession/Main", + "title": "Open XMPP Server Session", + "properties": { + "XMPPOpenServerSession": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPOpenServerSession" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPSendToRemoteHost.json b/schema/v11.2.2/assertions/XMPPSendToRemoteHost.json new file mode 100644 index 0000000..04936a5 --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPSendToRemoteHost.json @@ -0,0 +1,103 @@ +{ + "configName": "XMPPSendToRemoteHost", + "name": "Send To Remote XMPP Host", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPSendToRemoteHost", + "title": "Send To Remote XMPP Host", + "type": "object", + "properties": { + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "sessionId": { + "type": "string" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "toOutboundConnection": { + "type": "boolean", + "default": true + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPSendToRemoteHost/Main", + "title": "Send To Remote XMPP Host", + "properties": { + "XMPPSendToRemoteHost": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPSendToRemoteHost" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPSetSessionAttribute.json b/schema/v11.2.2/assertions/XMPPSetSessionAttribute.json new file mode 100644 index 0000000..44815bb --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPSetSessionAttribute.json @@ -0,0 +1,46 @@ +{ + "configName": "XMPPSetSessionAttribute", + "name": "XMPP Set Session Attribute", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPSetSessionAttribute", + "title": "XMPP Set Session Attribute", + "type": "object", + "properties": { + "attributeName": { + "type": "string" + }, + "inbound": { + "type": "boolean", + "default": true + }, + "sessionId": { + "type": "string" + }, + "value": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPSetSessionAttribute/Main", + "title": "XMPP Set Session Attribute", + "properties": { + "XMPPSetSessionAttribute": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPSetSessionAttribute" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XMPPStartTLS.json b/schema/v11.2.2/assertions/XMPPStartTLS.json new file mode 100644 index 0000000..ddba4f9 --- /dev/null +++ b/schema/v11.2.2/assertions/XMPPStartTLS.json @@ -0,0 +1,123 @@ +{ + "configName": "XMPPStartTLS", + "name": "Start TLS On XMPP Session", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPStartTLS", + "title": "Start TLS On XMPP Session", + "type": "object", + "properties": { + "clientAuthType": { + "type": "string", + "enum": [ + "NONE", + "OPTIONAL", + "REQUIRED" + ], + "default": "NONE" + }, + "currentSecurityHeaderHandling": { + "type": "integer", + "default": 0 + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "privateKeyId": { + "type": "string" + }, + "provideClientCert": { + "type": "boolean", + "default": false + }, + "recipientContext": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext" + }, + "requestTarget": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport" + }, + "sessionId": { + "type": "string" + }, + "tLSSelectedVersion": { + "type": "string", + "default": "TLSv1" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "toServer": { + "type": "boolean", + "default": false + }, + "xmlSecurityActorToPromote": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xmlSecurityRecipientContext", + "properties": { + "actor": { + "type": "string" + }, + "base64edX509Certificate": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/messageTargetableSupport", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "sourceUsedByGateway": { + "type": "boolean", + "default": true + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "targetModifiedByGateway": { + "type": "boolean", + "default": false + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XMPPStartTLS/Main", + "title": "Start TLS On XMPP Session", + "properties": { + "XMPPStartTLS": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XMPPStartTLS" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XacmlPdpAssertion.json b/schema/v11.2.2/assertions/XacmlPdpAssertion.json new file mode 100644 index 0000000..819540e --- /dev/null +++ b/schema/v11.2.2/assertions/XacmlPdpAssertion.json @@ -0,0 +1,122 @@ +{ + "configName": "XacmlPdpAssertion", + "name": "Evaluate XACML Policy", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlPdpAssertion", + "title": "Evaluate XACML Policy", + "type": "object", + "properties": { + "failIfNotPermit": { + "type": "boolean", + "default": false + }, + "inputMessageSource": { + "type": "string", + "enum": [ + "DEFAULT_REQUEST", + "DEFAULT_RESPONSE", + "CONTEXT_VARIABLE" + ], + "default": "DEFAULT_REQUEST" + }, + "inputMessageVariableName": { + "type": "string" + }, + "outputMessageTarget": { + "type": "string", + "enum": [ + "DEFAULT_REQUEST", + "DEFAULT_RESPONSE", + "CONTEXT_VARIABLE" + ], + "default": "DEFAULT_RESPONSE" + }, + "outputMessageVariableName": { + "type": "string" + }, + "resourceInfo": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo" + }, + "soapEncapsulation": { + "type": "string", + "enum": [ + "NONE", + "REQUEST", + "RESPONSE", + "REQUEST_AND_RESPONSE" + ], + "default": "NONE" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo", + "anyOf": [ + { + "type": "object", + "properties": { + "document": { + "type": "string" + }, + "originalUrl": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "url": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "id": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "allowMessagesWithoutUrl": { + "type": "boolean", + "default": false + }, + "urlRegexes": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlPdpAssertion/Main", + "title": "Evaluate XACML Policy", + "properties": { + "XacmlPdpAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XacmlPdpAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XacmlRequestBuilderAssertion.json b/schema/v11.2.2/assertions/XacmlRequestBuilderAssertion.json new file mode 100644 index 0000000..60a3723 --- /dev/null +++ b/schema/v11.2.2/assertions/XacmlRequestBuilderAssertion.json @@ -0,0 +1,158 @@ +{ + "configName": "XacmlRequestBuilderAssertion", + "name": "Create XACML Request", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion", + "title": "Create XACML Request", + "type": "object", + "properties": { + "action": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:action" + }, + "environment": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:environment" + }, + "outputMessageDestination": { + "type": "string", + "enum": [ + "DEFAULT_REQUEST", + "DEFAULT_RESPONSE", + "CONTEXT_VARIABLE" + ], + "default": "DEFAULT_REQUEST" + }, + "outputMessageVariableName": { + "type": "string" + }, + "resources": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:resource" + } + }, + "soapEncapsulation": { + "type": "string", + "enum": [ + "NONE", + "v1_1", + "v1_2" + ], + "default": "NONE" + }, + "subjects": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:subject" + } + }, + "xacmlVersion": { + "type": "string", + "enum": [ + "V1_0", + "V1_1", + "V2_0" + ], + "default": "V2_0" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:action", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xacmlRequestBuilderAssertion$AttributeTreeNodeTag" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:environment", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xacmlRequestBuilderAssertion$AttributeTreeNodeTag" + } + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:resource", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xacmlRequestBuilderAssertion$AttributeTreeNodeTag" + } + }, + "resourceContent": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:resourceContent" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:resourceContent", + "properties": { + "attributes": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "content": { + "type": "string", + "default": "" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion:subject", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xacmlRequestBuilderAssertion$AttributeTreeNodeTag" + } + }, + "subjectCategory": { + "type": "string", + "default": "" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xacmlRequestBuilderAssertion$AttributeTreeNodeTag" + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion/Main", + "title": "Create XACML Request", + "properties": { + "XacmlRequestBuilderAssertion": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XacmlRequestBuilderAssertion" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XpathCredentialSource.json b/schema/v11.2.2/assertions/XpathCredentialSource.json new file mode 100644 index 0000000..ccbd000 --- /dev/null +++ b/schema/v11.2.2/assertions/XpathCredentialSource.json @@ -0,0 +1,85 @@ +{ + "configName": "XpathCredentialSource", + "name": "Require XPath Credentials", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XpathCredentialSource", + "title": "Require XPath Credentials", + "type": "object", + "properties": { + "otherTargetMessageVariable": { + "type": "string" + }, + "passwordExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "removeLoginElement": { + "type": "boolean", + "default": false + }, + "removePasswordElement": { + "type": "boolean", + "default": false + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "xpathExpression": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/xpathExpression", + "properties": { + "expression": { + "type": "string" + }, + "namespaces": { + "type": "object", + "patternProperties": { + ".*": { + "type": "string" + } + } + }, + "xpathVersion": { + "type": "string", + "enum": [ + "UNSPECIFIED", + "XPATH_1_0", + "XPATH_2_0" + ], + "default": "UNSPECIFIED" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XpathCredentialSource/Main", + "title": "Require XPath Credentials", + "properties": { + "XpathCredentialSource": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XpathCredentialSource" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/XslTransformation.json b/schema/v11.2.2/assertions/XslTransformation.json new file mode 100644 index 0000000..cbfeb05 --- /dev/null +++ b/schema/v11.2.2/assertions/XslTransformation.json @@ -0,0 +1,114 @@ +{ + "configName": "XslTransformation", + "name": "Apply XSL Transformation", + "configSchemas": [ + { + "$id": "https://l7tech.com/2025/json-schema/assertions/XslTransformation", + "title": "Apply XSL Transformation", + "type": "object", + "properties": { + "direction": { + "type": "integer", + "default": 1 + }, + "msgVarPrefix": { + "type": "string", + "default": "xslt" + }, + "otherTargetMessageVariable": { + "type": "string" + }, + "resourceInfo": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo" + }, + "target": { + "type": "string", + "enum": [ + "REQUEST", + "RESPONSE", + "OTHER" + ], + "default": "REQUEST" + }, + "transformName": { + "type": "string" + }, + "whichMimePart": { + "type": "integer", + "default": 0 + }, + "xsltVersion": { + "type": "string" + }, + "_enabled": { + "type": "boolean", + "default": true + }, + "_leftComment": { + "type": "string" + }, + "_rightComment": { + "type": "string" + } + } + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/sub-types/assertionResourceInfo", + "anyOf": [ + { + "type": "object", + "properties": { + "document": { + "type": "string" + }, + "originalUrl": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "url": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "id": { + "type": "string" + } + } + }, + { + "type": "object", + "properties": { + "allowMessagesWithoutUrl": { + "type": "boolean", + "default": false + }, + "urlRegexes": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + ] + }, + { + "type": "object", + "$id": "https://l7tech.com/2025/json-schema/assertions/XslTransformation/Main", + "title": "Apply XSL Transformation", + "properties": { + "XslTransformation": { + "$ref": "https://l7tech.com/2025/json-schema/assertions/XslTransformation" + } + } + } + ] +} diff --git a/schema/v11.2.2/assertions/_index.json b/schema/v11.2.2/assertions/_index.json new file mode 100644 index 0000000..025786f --- /dev/null +++ b/schema/v11.2.2/assertions/_index.json @@ -0,0 +1,989 @@ +{ + "$comment": "Index of all assertion schemas. Maps configName to schema file and display name.", + "assertions": { + "ExactlyOne": { + "file": "ExactlyOne.json", + "name": "Exactly One" + }, + "Authentication": { + "file": "Authentication.json", + "name": "Authenticate Against Identity Provider" + }, + "RequireWssSignedElement": { + "file": "RequireWssSignedElement.json", + "name": "Require Signed Element" + }, + "NonSoapEncryptElement": { + "file": "NonSoapEncryptElement.json", + "name": "(Non-SOAP) Encrypt XML Element" + }, + "IncrementPostBack": { + "file": "IncrementPostBack.json", + "name": "Portal Incremental Sync Postback Update" + }, + "SshRouteAssertion": { + "file": "SshRouteAssertion.json", + "name": "Route via SSH2" + }, + "ManipulateMultiValuedVariable": { + "file": "ManipulateMultiValuedVariable.json", + "name": "Manipulate Multivalued Variable" + }, + "BulkJdbcInsert": { + "file": "BulkJdbcInsert.json", + "name": "Insert JDBC Data in Bulk" + }, + "GeneratePassword": { + "file": "GeneratePassword.json", + "name": "Portal Generate Random Password" + }, + "JwtEncode": { + "file": "JwtEncode.json", + "name": "Encode JWT" + }, + "RateLimit": { + "file": "RateLimit.json", + "name": "Apply Rate Limit" + }, + "MapValue": { + "file": "MapValue.json", + "name": "Map Value" + }, + "OversizedText": { + "file": "OversizedText.json", + "name": "Protect Against XML Document Structure Threats" + }, + "RemoveElement": { + "file": "RemoveElement.json", + "name": "Add or Remove XML Element(s)" + }, + "Radius": { + "file": "Radius.json", + "name": "Radius" + }, + "ConcurrentAll": { + "file": "ConcurrentAll.json", + "name": "Run All Assertions Concurrently" + }, + "MysqlCounter": { + "file": "MysqlCounter.json", + "name": "Mysql Counter" + }, + "CodeInjectionProtection": { + "file": "CodeInjectionProtection.json", + "name": "Protect Against Code Injection" + }, + "GatewayGraphQL": { + "file": "GatewayGraphQL.json", + "name": "GraphQL Manage Gateway" + }, + "IdentityAttributes": { + "file": "IdentityAttributes.json", + "name": "Extract Attributes for Authenticated User" + }, + "RESTGatewayManagement": { + "file": "RESTGatewayManagement.json", + "name": "REST Manage Gateway" + }, + "CookieCredentialSource": { + "file": "CookieCredentialSource.json", + "name": "Require HTTP Cookie" + }, + "VariableCredentialSource": { + "file": "VariableCredentialSource.json", + "name": "Retrieve Credentials from Context Variable" + }, + "XMPPSetSessionAttribute": { + "file": "XMPPSetSessionAttribute.json", + "name": "XMPP Set Session Attribute" + }, + "SpecificUser": { + "file": "SpecificUser.json", + "name": "Authenticate User" + }, + "WebSocketMessageInjection": { + "file": "WebSocketMessageInjection.json", + "name": "WebSocket Message Injection" + }, + "RateLimitQuery": { + "file": "RateLimitQuery.json", + "name": "Query Rate Limit" + }, + "NonSoapCheckVerifyResults": { + "file": "NonSoapCheckVerifyResults.json", + "name": "(Non-SOAP) Check Results from XML Verification" + }, + "OdataValidation": { + "file": "OdataValidation.json", + "name": "Validate OData Request" + }, + "XMPPGetSessionAttribute": { + "file": "XMPPGetSessionAttribute.json", + "name": "XMPP Get Session Attribute" + }, + "ProcessIncrement": { + "file": "ProcessIncrement.json", + "name": "Portal Process Incremental Update" + }, + "RequireWssSaml2": { + "file": "RequireWssSaml2.json", + "name": "Require SAML Token Profile (v2)" + }, + "ManagePortalResource": { + "file": "ManagePortalResource.json", + "name": "Manage API Portal Resources" + }, + "ExternalHazelcastProvider": { + "file": "ExternalHazelcastProvider.json", + "name": "External Hazelcast Provider" + }, + "ProcessRstrSoapResponse": { + "file": "ProcessRstrSoapResponse.json", + "name": "Process RSTR Response" + }, + "SiteMinderAuthorize": { + "file": "SiteMinderAuthorize.json", + "name": "Authorize via CA Single Sign-On" + }, + "WssBasic": { + "file": "WssBasic.json", + "name": "Require WS-Security UsernameToken Profile Credentials" + }, + "MTOMValidateAssertion": { + "file": "MTOMValidateAssertion.json", + "name": "Validate MTOM Message" + }, + "SelectElement": { + "file": "SelectElement.json", + "name": "Select Single Element" + }, + "CsrSigner": { + "file": "CsrSigner.json", + "name": "Sign Certificate" + }, + "EvaluateJsonPathExpressionV2": { + "file": "EvaluateJsonPathExpressionV2.json", + "name": "Evaluate JSON Path Expression V2" + }, + "ResponseXpath": { + "file": "ResponseXpath.json", + "name": "Evaluate Response XPath" + }, + "NtlmAuthentication": { + "file": "NtlmAuthentication.json", + "name": "Require NTLM Authentication Credentials" + }, + "WebSocketValidation": { + "file": "WebSocketValidation.json", + "name": "Validate WebSocket Message" + }, + "EmbeddedHazelcastSharedStateProvider": { + "file": "EmbeddedHazelcastSharedStateProvider.json", + "name": "Embedded Hazelcast Shared State Provider" + }, + "SetSamlStatus": { + "file": "SetSamlStatus.json", + "name": "Set SAML Response Status Code" + }, + "WebSocketConnect": { + "file": "WebSocketConnect.json", + "name": "Connect To Outbound WebSocket" + }, + "Unknown": { + "file": "Unknown.json", + "name": "Unresolved assertion type" + }, + "Wssp": { + "file": "Wssp.json", + "name": "Enforce WS-Security Policy Compliance" + }, + "SFTPResponse": { + "file": "SFTPResponse.json", + "name": "Return SFTP Response" + }, + "RedisSharedStateProvider": { + "file": "RedisSharedStateProvider.json", + "name": "Redis Shared State Provider" + }, + "WsiBsp": { + "file": "WsiBsp.json", + "name": "Enforce WS-I BSP Compliance" + }, + "WssConfiguration": { + "file": "WssConfiguration.json", + "name": "Configure WS-Security Decoration" + }, + "PolicyBundleInstaller": { + "file": "PolicyBundleInstaller.json", + "name": "Policy Bundle Installer" + }, + "Split": { + "file": "Split.json", + "name": "Split Variable" + }, + "ResolveService": { + "file": "ResolveService.json", + "name": "Resolve Service" + }, + "XslTransformation": { + "file": "XslTransformation.json", + "name": "Apply XSL Transformation" + }, + "TimeRange": { + "file": "TimeRange.json", + "name": "Limit Availability to Time/Days" + }, + "MTOMEncodeAssertion": { + "file": "MTOMEncodeAssertion.json", + "name": "Encode to MTOM Format" + }, + "CircuitBreaker": { + "file": "CircuitBreaker.json", + "name": "Apply Circuit Breaker" + }, + "XMPPStartTLS": { + "file": "XMPPStartTLS.json", + "name": "Start TLS On XMPP Session" + }, + "GenerateOAuthSignatureBaseString": { + "file": "GenerateOAuthSignatureBaseString.json", + "name": "Generate OAuth Signature Base String" + }, + "GetIncrement": { + "file": "GetIncrement.json", + "name": "Portal Get Incremental Update" + }, + "Transaction": { + "file": "Transaction.json", + "name": "JDBC Transaction Group: All assertions must evaluate to true in a single transaction (for CA internal use)" + }, + "EmbeddedGemfireSharedStateProvider": { + "file": "EmbeddedGemfireSharedStateProvider.json", + "name": "Embedded Gemfire Shared State Provider" + }, + "InverseHttpFormPost": { + "file": "InverseHttpFormPost.json", + "name": "Translate MIME to HTTP Form" + }, + "ApiPortalEncassIntegration": { + "file": "ApiPortalEncassIntegration.json", + "name": "Set as Portal Publishable Fragment" + }, + "XMPPCloseSession": { + "file": "XMPPCloseSession.json", + "name": "Close XMPP Session" + }, + "HttpRouting": { + "file": "HttpRouting.json", + "name": "Route via HTTP(S)" + }, + "SqlAttack": { + "file": "SqlAttack.json", + "name": "Protect Against SQL Attacks" + }, + "NonSoapVerifyElement": { + "file": "NonSoapVerifyElement.json", + "name": "(Non-SOAP) Verify XML Element" + }, + "AddHeader": { + "file": "AddHeader.json", + "name": "Manage Transport Properties/Headers" + }, + "Audit": { + "file": "Audit.json", + "name": "Audit Messages in Policy" + }, + "SetVariable": { + "file": "SetVariable.json", + "name": "Set Context Variable" + }, + "RadiusAuthenticate": { + "file": "RadiusAuthenticate.json", + "name": "Authenticate Against Radius Server" + }, + "ThroughputQuotaQuery": { + "file": "ThroughputQuotaQuery.json", + "name": "Query Throughput Quota" + }, + "ThroughputQuota": { + "file": "ThroughputQuota.json", + "name": "Apply Throughput Quota" + }, + "XMPPOpenServerSession": { + "file": "XMPPOpenServerSession.json", + "name": "Open XMPP Server Session" + }, + "Email": { + "file": "Email.json", + "name": "Send Email" + }, + "SshCredential": { + "file": "SshCredential.json", + "name": "Require SSH Credentials" + }, + "Operation": { + "file": "Operation.json", + "name": "Evaluate WSDL Operation" + }, + "CacheLookup": { + "file": "CacheLookup.json", + "name": "Look Up in Cache" + }, + "EchoRoutingAssertion": { + "file": "EchoRoutingAssertion.json", + "name": "Copy Request Message to Response" + }, + "ManageCookie": { + "file": "ManageCookie.json", + "name": "Manage Cookie" + }, + "BufferData": { + "file": "BufferData.json", + "name": "Accumulate Data in Memory" + }, + "OtelMeter": { + "file": "OtelMeter.json", + "name": "Telemetry Metric" + }, + "XMPPAssociateSessions": { + "file": "XMPPAssociateSessions.json", + "name": "XMPP Associate Sessions" + }, + "FaultLevel": { + "file": "FaultLevel.json", + "name": "Customize SOAP Fault Response" + }, + "AddWssSecurityToken": { + "file": "AddWssSecurityToken.json", + "name": "Add Security Token" + }, + "MessageBuffering": { + "file": "MessageBuffering.json", + "name": "Configure Message Streaming" + }, + "RaiseError": { + "file": "RaiseError.json", + "name": "Raise Error" + }, + "ForEachLoop": { + "file": "ForEachLoop.json", + "name": "Run Assertions for Each Item" + }, + "XMPPSendToRemoteHost": { + "file": "XMPPSendToRemoteHost.json", + "name": "Send To Remote XMPP Host" + }, + "HardcodedResponse": { + "file": "HardcodedResponse.json", + "name": "Return Template Response to Requestor" + }, + "SamlProtocol": { + "file": "SamlProtocol.json", + "name": "Saml Protocol" + }, + "Regex": { + "file": "Regex.json", + "name": "Evaluate Regular Expression" + }, + "CustomizeErrorResponse": { + "file": "CustomizeErrorResponse.json", + "name": "Customize Error Response" + }, + "WebSocketEntityManager": { + "file": "WebSocketEntityManager.json", + "name": "WebSocket Entity Manager" + }, + "WssSignElement": { + "file": "WssSignElement.json", + "name": "Sign Element" + }, + "MqNativeRouting": { + "file": "MqNativeRouting.json", + "name": "Route via MQ Native" + }, + "JSONSchema": { + "file": "JSONSchema.json", + "name": "Validate JSON Schema" + }, + "ValidateNonSoapSamlToken": { + "file": "ValidateNonSoapSamlToken.json", + "name": "(Non-SOAP) Validate SAML Token" + }, + "SamlpResponseBuilder": { + "file": "SamlpResponseBuilder.json", + "name": "Build SAML Protocol Response" + }, + "EncryptedUsernameToken": { + "file": "EncryptedUsernameToken.json", + "name": "Require Encrypted UsernameToken Profile Credentials" + }, + "ItemLookupByIndex": { + "file": "ItemLookupByIndex.json", + "name": "Look Up Item by Index Position" + }, + "True": { + "file": "True.json", + "name": "Continue Processing" + }, + "GraphQLSchemaValidation": { + "file": "GraphQLSchemaValidation.json", + "name": "Validate GraphQL Schema" + }, + "WssDigest": { + "file": "WssDigest.json", + "name": "Require WS-Security Password Digest Credentials" + }, + "KafkaConsumer": { + "file": "KafkaConsumer.json", + "name": "Kafka Consumer" + }, + "Join": { + "file": "Join.json", + "name": "Join Variable" + }, + "RequireWssTimestamp": { + "file": "RequireWssTimestamp.json", + "name": "Require Timestamp" + }, + "GraphQLExtractValue": { + "file": "GraphQLExtractValue.json", + "name": "Extract GraphQL Argument" + }, + "CassandraQuery": { + "file": "CassandraQuery.json", + "name": "Perform Cassandra Query" + }, + "WsFederationPassiveTokenRequest": { + "file": "WsFederationPassiveTokenRequest.json", + "name": "Use WS-Federation Credential (Obtain)" + }, + "AddWssTimestamp": { + "file": "AddWssTimestamp.json", + "name": "Add Timestamp" + }, + "SiteMinderCheckProtected": { + "file": "SiteMinderCheckProtected.json", + "name": "Check Protected Resource Against CA Single Sign-On" + }, + "OpenApi": { + "file": "OpenApi.json", + "name": "Validate Against OpenAPI Document" + }, + "MysqlClusterInfo": { + "file": "MysqlClusterInfo.json", + "name": "Mysql Cluster Info" + }, + "Http2Routing": { + "file": "Http2Routing.json", + "name": "Route via HTTP/2" + }, + "LDAPQuery": { + "file": "LDAPQuery.json", + "name": "Query LDAP" + }, + "CsrfProtection": { + "file": "CsrfProtection.json", + "name": "Protect Against Cross-Site Request Forgery" + }, + "SamlpRequestBuilder": { + "file": "SamlpRequestBuilder.json", + "name": "Build SAML Protocol Request" + }, + "SamlIssuer": { + "file": "SamlIssuer.json", + "name": "Create SAML Token" + }, + "WsSecurity": { + "file": "WsSecurity.json", + "name": "Add or Remove WS-Security" + }, + "SimpleRawTransport": { + "file": "SimpleRawTransport.json", + "name": "Route via Raw TCP" + }, + "ApiPortalIntegration": { + "file": "ApiPortalIntegration.json", + "name": "Set as Portal Managed Service" + }, + "CreateRoutingStrategy": { + "file": "CreateRoutingStrategy.json", + "name": "Create Routing Strategy" + }, + "SiteMinderChangePassword": { + "file": "SiteMinderChangePassword.json", + "name": "Change CA Single Sign-On User Password" + }, + "Swagger": { + "file": "Swagger.json", + "name": "Validate Against Swagger Document" + }, + "BuildRstSoapRequest": { + "file": "BuildRstSoapRequest.json", + "name": "Build RST SOAP Request" + }, + "Comment": { + "file": "Comment.json", + "name": "Add Comment to Policy" + }, + "SchemaValidation": { + "file": "SchemaValidation.json", + "name": "Validate XML Schema" + }, + "ReplaceTagContent": { + "file": "ReplaceTagContent.json", + "name": "Replace Tag Content" + }, + "UDDINotification": { + "file": "UDDINotification.json", + "name": "Handle UDDI Subscription Notification" + }, + "HandleErrors": { + "file": "HandleErrors.json", + "name": "Handle Errors" + }, + "ExportVariables": { + "file": "ExportVariables.json", + "name": "Export Variables from Fragment" + }, + "NonSoapSignElement": { + "file": "NonSoapSignElement.json", + "name": "(Non-SOAP) Sign XML Element" + }, + "RetrieveServiceWsdl": { + "file": "RetrieveServiceWsdl.json", + "name": "Retrieve Service WSDL" + }, + "RequestXpath": { + "file": "RequestXpath.json", + "name": "Evaluate Request XPath" + }, + "SiteMinderEnableUser": { + "file": "SiteMinderEnableUser.json", + "name": "Enable CA Single Sign-On User" + }, + "XMPPGetAssociatedSessionId": { + "file": "XMPPGetAssociatedSessionId.json", + "name": "XMPP Get Session ID" + }, + "ProcessRoutingStrategyResult": { + "file": "ProcessRoutingStrategyResult.json", + "name": "Process Routing Strategy Result" + }, + "SnmpTrap": { + "file": "SnmpTrap.json", + "name": "Send SNMP Trap" + }, + "JsonDocumentStructure": { + "file": "JsonDocumentStructure.json", + "name": "Protect Against JSON Document Structure Threats" + }, + "SiteMinderAuthenticate": { + "file": "SiteMinderAuthenticate.json", + "name": "Authenticate Against CA Single Sign-On" + }, + "XacmlPdpAssertion": { + "file": "XacmlPdpAssertion.json", + "name": "Evaluate XACML Policy" + }, + "CreateSecurityContextToken": { + "file": "CreateSecurityContextToken.json", + "name": "Create Security Context Token" + }, + "PortalBootstrap": { + "file": "PortalBootstrap.json", + "name": "Portal Bootstrap" + }, + "OAuth2Introspection": { + "file": "OAuth2Introspection.json", + "name": "Require and Introspect OAuth2.0 Token" + }, + "WsAddressing": { + "file": "WsAddressing.json", + "name": "Require WS-Addressing" + }, + "AddWsAddressing": { + "file": "AddWsAddressing.json", + "name": "Add WS-Addressing" + }, + "WebSocket": { + "file": "WebSocket.json", + "name": "WebSocket" + }, + "RequireWssSaml": { + "file": "RequireWssSaml.json", + "name": "Require SAML Token Profile (v1)" + }, + "AddWssUsernameToken": { + "file": "AddWssUsernameToken.json", + "name": "Add WS-Security UsernameToken" + }, + "HtmlFormData": { + "file": "HtmlFormData.json", + "name": "Validate HTML Form Data" + }, + "GetApiIncrement": { + "file": "GetApiIncrement.json", + "name": "Portal Get Api V2 Sync" + }, + "EncodeDecode": { + "file": "EncodeDecode.json", + "name": "Encode/Decode Data" + }, + "KafkaRouting": { + "file": "KafkaRouting.json", + "name": "Route via Kafka" + }, + "FtpCredential": { + "file": "FtpCredential.json", + "name": "Require FTP Credentials" + }, + "WsiSaml": { + "file": "WsiSaml.json", + "name": "Enforce WS-I SAML Compliance" + }, + "AuditDetail": { + "file": "AuditDetail.json", + "name": "Add Audit Details" + }, + "IcapAntivirusScanner": { + "file": "IcapAntivirusScanner.json", + "name": "Scan Using ICAP-Enabled Antivirus" + }, + "WsTrustCredentialExchange": { + "file": "WsTrustCredentialExchange.json", + "name": "Exchange Credentials using WS-Trust" + }, + "JmsRouting": { + "file": "JmsRouting.json", + "name": "Route via JMS" + }, + "ExecuteRoutingStrategy": { + "file": "ExecuteRoutingStrategy.json", + "name": "Execute Routing Strategy" + }, + "KeyValueStatistics": { + "file": "KeyValueStatistics.json", + "name": "Return Statistics of Key Value Storage" + }, + "JdbcQuery": { + "file": "JdbcQuery.json", + "name": "Perform JDBC Query" + }, + "Http2Transport": { + "file": "Http2Transport.json", + "name": "Http2Transport" + }, + "UUIDGenerator": { + "file": "UUIDGenerator.json", + "name": "Generate UUID" + }, + "Encapsulated": { + "file": "Encapsulated.json", + "name": "Encapsulated" + }, + "WssVersion": { + "file": "WssVersion.json", + "name": "Use WS-Security 1.1" + }, + "CORS": { + "file": "CORS.json", + "name": "Process CORS Request" + }, + "DistributedRateLimit": { + "file": "DistributedRateLimit.json", + "name": "Apply Distributed Rate Limit" + }, + "RequireWssX509Cert": { + "file": "RequireWssX509Cert.json", + "name": "Require WS-Security Signature Credentials" + }, + "KeyValueStorage": { + "file": "KeyValueStorage.json", + "name": "Store to Key Value Storage" + }, + "MTOMDecodeAssertion": { + "file": "MTOMDecodeAssertion.json", + "name": "Decode MTOM Message" + }, + "EstablishOutboundSecureConversation": { + "file": "EstablishOutboundSecureConversation.json", + "name": "Establish Outbound Secure Conversation" + }, + "JsonTransformation": { + "file": "JsonTransformation.json", + "name": "Apply JSON Transformation" + }, + "HttpBasic": { + "file": "HttpBasic.json", + "name": "Require HTTP Basic Credentials" + }, + "NonSoapDecryptElement": { + "file": "NonSoapDecryptElement.json", + "name": "(Non-SOAP) Decrypt XML Element" + }, + "MemberOfGroup": { + "file": "MemberOfGroup.json", + "name": "Authenticate Group" + }, + "DecodeJsonWebToken": { + "file": "DecodeJsonWebToken.json", + "name": "Decode Json Web Token" + }, + "ValidateCertificate": { + "file": "ValidateCertificate.json", + "name": "Validate Certificate" + }, + "CertificateAttributes": { + "file": "CertificateAttributes.json", + "name": "Extract Attributes from Certificate" + }, + "RequestWssKerberos": { + "file": "RequestWssKerberos.json", + "name": "Require WS-Security Kerberos Token Profile Credentials" + }, + "LookupApiKey": { + "file": "LookupApiKey.json", + "name": "Look Up API Key" + }, + "RequireWssEncryptedElement": { + "file": "RequireWssEncryptedElement.json", + "name": "Require Encrypted Element" + }, + "RequestSizeLimit": { + "file": "RequestSizeLimit.json", + "name": "Limit Message Size" + }, + "EncodeJsonWebToken": { + "file": "EncodeJsonWebToken.json", + "name": "Encode Json Web Token" + }, + "KerberosAuthentication": { + "file": "KerberosAuthentication.json", + "name": "Retrieve Kerberos Authentication Credentials" + }, + "WsFederationPassiveTokenExchange": { + "file": "WsFederationPassiveTokenExchange.json", + "name": "Use WS-Federation Credential (Exchange)" + }, + "False": { + "file": "False.json", + "name": "Stop Processing" + }, + "RemoteIpRange": { + "file": "RemoteIpRange.json", + "name": "Restrict Access to IP Address Range" + }, + "XMPPGetRemoteCertificate": { + "file": "XMPPGetRemoteCertificate.json", + "name": "XMPP Get Client Certificate" + }, + "LookupDynamicContextVariables": { + "file": "LookupDynamicContextVariables.json", + "name": "Look Up Context Variable" + }, + "XpathCredentialSource": { + "file": "XpathCredentialSource.json", + "name": "Require XPath Credentials" + }, + "Include": { + "file": "Include.json", + "name": "Include Policy Fragment" + }, + "KeyValueRemove": { + "file": "KeyValueRemove.json", + "name": "Remove from Key Value Storage" + }, + "MqNativeSupport": { + "file": "MqNativeSupport.json", + "name": "Mq Native Support" + }, + "JwtDecode": { + "file": "JwtDecode.json", + "name": "Decode JWT" + }, + "LookupTrustedCertificate": { + "file": "LookupTrustedCertificate.json", + "name": "Look Up Certificate" + }, + "IndexLookupByItem": { + "file": "IndexLookupByItem.json", + "name": "Look Up Item by Value" + }, + "GatewayTelemetryDataProvider": { + "file": "GatewayTelemetryDataProvider.json", + "name": "Gateway Telemetry Data Provider" + }, + "CreateJsonWebKey": { + "file": "CreateJsonWebKey.json", + "name": "Create Json Web Key" + }, + "LdapWrite": { + "file": "LdapWrite.json", + "name": "Write LDAP" + }, + "GatewayManagement": { + "file": "GatewayManagement.json", + "name": "Manage Gateway" + }, + "ProcessSamlAuthnRequest": { + "file": "ProcessSamlAuthnRequest.json", + "name": "Process SAML Authentication Request" + }, + "CancelSecurityContext": { + "file": "CancelSecurityContext.json", + "name": "Cancel Security Context" + }, + "KeyValueLookup": { + "file": "KeyValueLookup.json", + "name": "Look Up from Key Value Storage" + }, + "XacmlRequestBuilderAssertion": { + "file": "XacmlRequestBuilderAssertion.json", + "name": "Create XACML Request" + }, + "EntityChangeListener": { + "file": "EntityChangeListener.json", + "name": "Entity Change Listener" + }, + "HttpNegotiate": { + "file": "HttpNegotiate.json", + "name": "Require Windows Integrated Authentication Credentials" + }, + "ComparisonAssertion": { + "file": "ComparisonAssertion.json", + "name": "Compare Expression" + }, + "WssEncryptElement": { + "file": "WssEncryptElement.json", + "name": "Encrypt Element" + }, + "HttpFormPost": { + "file": "HttpFormPost.json", + "name": "Translate HTTP Form to MIME" + }, + "SamlBrowserArtifact": { + "file": "SamlBrowserArtifact.json", + "name": "Retrieve SAML Browser Artifact" + }, + "HttpDigest": { + "file": "HttpDigest.json", + "name": "Require HTTP Digest Credentials" + }, + "RequestSwA": { + "file": "RequestSwA.json", + "name": "Validate SOAP Attachments" + }, + "JavaScript": { + "file": "JavaScript.json", + "name": "Execute JavaScript" + }, + "All": { + "file": "All.json", + "name": "All assertions must evaluate to true" + }, + "MessageContextAssertion": { + "file": "MessageContextAssertion.json", + "name": "Capture Identity of Requestor" + }, + "AuditRecordToXml": { + "file": "AuditRecordToXml.json", + "name": "Convert Audit Record to XML" + }, + "Ssl": { + "file": "Ssl.json", + "name": "Require SSL or TLS Transport" + }, + "ServiceMetricsEventListener": { + "file": "ServiceMetricsEventListener.json", + "name": "Service Metrics Event Listener" + }, + "GenericIdentityManagementService": { + "file": "GenericIdentityManagementService.json", + "name": "Generic Identity Management Service" + }, + "CacheStorage": { + "file": "CacheStorage.json", + "name": "Store to Cache" + }, + "LookupOutboundSecureConversationSession": { + "file": "LookupOutboundSecureConversationSession.json", + "name": "Look Up Outbound Secure Conversation Session" + }, + "OneOrMore": { + "file": "OneOrMore.json", + "name": "At least one assertion must evaluate to true" + }, + "BuildRstrSoapResponse": { + "file": "BuildRstrSoapResponse.json", + "name": "Build RSTR SOAP Response" + }, + "SamlpResponseEvaluation": { + "file": "SamlpResponseEvaluation.json", + "name": "Evaluate SAML Protocol Response" + }, + "GenerateSecurityHash": { + "file": "GenerateSecurityHash.json", + "name": "Generate Security Hash" + }, + "FtpRoutingAssertion": { + "file": "FtpRoutingAssertion.json", + "name": "Route via FTP(S)" + }, + "SecureConversation": { + "file": "SecureConversation.json", + "name": "Require WS-SecureConversation" + }, + "CustomAssertion": { + "file": "CustomAssertion.json", + "name": "Custom Assertion" + }, + "ExternalGemfireSharedStateProvider": { + "file": "ExternalGemfireSharedStateProvider.json", + "name": "External Gemfire Shared State Provider" + }, + "PortalUpgrade": { + "file": "PortalUpgrade.json", + "name": "Portal Upgrade" + }, + "ContentType": { + "file": "ContentType.json", + "name": "Validate or Change Content Type" + }, + "WssReplayProtection": { + "file": "WssReplayProtection.json", + "name": "Protect Against Message Replay" + }, + "KafkaTransact": { + "file": "KafkaTransact.json", + "name": "Kafka Transact" + }, + "ProcessSamlAttributeQueryRequest": { + "file": "ProcessSamlAttributeQueryRequest.json", + "name": "Process SAML Attribute Query Request" + }, + "ApiPortalAuthAndMgmtServiceInstaller": { + "file": "ApiPortalAuthAndMgmtServiceInstaller.json", + "name": "Api Portal Auth And Mgmt Service Installer" + }, + "ApplyJSONPatch": { + "file": "ApplyJSONPatch.json", + "name": "Apply JSON Patch" + }, + "ManageApiKey": { + "file": "ManageApiKey.json", + "name": "Manage API Keys" + }, + "LDAPUpdate": { + "file": "LDAPUpdate.json", + "name": "Manage API Portal LDAP" + }, + "CustomAssertion:com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion": { + "file": "CustomAssertion_com.l7tech.custom.openidconnect.GenerateIDToken.IDTokenGenerationAssertion.json", + "name": "Generate ID Token" + }, + "CustomAssertion:com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion": { + "file": "CustomAssertion_com.l7tech.custom.openidconnect.DecodeIDToken.IDTokenDecodeAssertion.json", + "name": "Decode ID Token" + } + } +} diff --git a/schema/v11.2.2/metadata-base.json b/schema/v11.2.2/metadata-base.json new file mode 100644 index 0000000..5ad4c46 --- /dev/null +++ b/schema/v11.2.2/metadata-base.json @@ -0,0 +1,59 @@ +{ + "primitiveTypes": [ + "String", + "NonEmptyString", + "AnyObject", + "Boolean", + "ID", + "PositiveInt", + "NonNegativeInt", + "Int", + "Long", + "Date", + "DateTime", + "JSON" + ], + + "deprecatedTypes": [ + "WebApiService", + "SoapService", + "InternalWebApiService", + "InternalSoapService", + "PolicyFragment", + "GlobalPolicy", + "BackgroundTaskPolicy", + "Fip", + "FipUser", + "FipGroup", + "Ldap" + ], + + "goidRefTypes": [ + "Fip", + "FipUser", + "FipGroup", + "FederatedIdp", + "FederatedUser", + "FederatedGroup", + "InternalUser", + "InternalGroup", + "Ldap", + "LdapIdp", + "Certificate", + "PasswordPolicy", + "ServiceResolutionConfig", + "AuditConfiguration" + ], + + "singleQueryMethods": [ + ["AuditConfiguration", "auditConfigurations"], + ["HttpConfiguration", "httpConfigurationsByHost"], + ["Certificate", "trustedCertByThumbprint"], + ["FederatedUser", "federatedUserByName"], + ["FipUser", "fipUserByName"], + ["InternalIdp", "internalIdps"], + ["SoapService", "soapServiceByResolver"], + ["InternalSoapService", "internalSoapServiceByResolver"], + ["L7Service", "serviceByResolvers"] + ] +} diff --git a/schema/v11.2.2/policy-code-schema.json b/schema/v11.2.2/policy-code-schema.json new file mode 100644 index 0000000..364002e --- /dev/null +++ b/schema/v11.2.2/policy-code-schema.json @@ -0,0 +1,26 @@ +{ + "$comment": "Base policy-code schema. Per-assertion schemas are in the assertions/ directory.", + "definitions": { + "assertion": { + "$id": "schema:assertion", + "type": "object", + "properties": { + ".properties": { + "type": "object", + "properties": { + ".enabled": { + "type": "boolean" + }, + ".left.comment": { + "type": "string" + }, + ".right.comment": { + "type": "string" + } + }, + "unevaluatedProperties": false + } + } + } + } +} diff --git a/schema/v11.2.2/schema.graphql b/schema/v11.2.2/schema.graphql new file mode 100644 index 0000000..34ab664 --- /dev/null +++ b/schema/v11.2.2/schema.graphql @@ -0,0 +1,8076 @@ +# +# Copyright (c) 2025-2026 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all active connectors" + activeConnectors: [ActiveConnector!]! + "Get the active connector by goid" + activeConnectorByGoid(goid : ID!) : ActiveConnector + "Get the active connector by name" + activeConnectorByName(name : String!) : ActiveConnector + "Get the active connectors by type" + activeConnectorsByType(connectorType : String!) : [ActiveConnector!]! + "Get filtered active connectors" + activeConnectorsByFilters(filters: [EntityFilterInput!]!): [ActiveConnector!]! +} + +extend type Mutation { + """ + Create or update existing active connector. + Match is carried by name. If match is found, it will be updated. Otherwise, it will be created. + """ + setActiveConnectors(input: [ActiveConnectorInput!]!): ActiveConnectorsPayload! + + """ + Update an existing active connector. Match is carried by refInput + """ + updateActiveConnector(refInput: ActiveConnectorRefInput!, input: ActiveConnectorPartialInput!): ActiveConnectorPayload! + + """ + Update an existing active connector with new properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input properties will preserve the current properties and will not delete any existing ones. + """ + updateActiveConnectorProperties(refInput: ActiveConnectorRefInput!, properties: [EntityPropertyPartialInput!]!): ActiveConnectorPayload! + + """ + Update an existing active connector with new advanced properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input advanced properties will preserve the current advanced properties and will not delete any existing ones. + """ + updateActiveConnectorAdvancedProperties(refInput: ActiveConnectorRefInput!, advancedProperties: [EntityPropertyPartialInput!]!): ActiveConnectorPayload! + + """ + Delete one or more existing active connectors. + + Matching can be done using either: + - refInputs: Array of ActiveConnectorRefInput objects (name + connectorType) - recommended + - names: Array of active connector names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteActiveConnectors(refInputs: [ActiveConnectorRefInput!], names: [String!]): ActiveConnectorsPayload! +} + +""" +An active connector retrieves messages from external systems, perhaps by polling or by registering for notifications. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,connectorType,checksum +> @l7-excluded-fields hardwiredService +> @l7-name-fields name +> @l7-display-summary-fields name,connectorType,enabled +> @l7-foreign-fields hardwiredServiceName|name|L7Service +""" +type ActiveConnector { + "The goid for the active connector" + goid : ID! + "The active connector name" + name : String! + "The active connector type Examples:- KAFKA, SFTP_POLLING_LISTENER, MQ_NATIVE" + connectorType: String! + "The configuration checksum of this active connector" + checksum : String! + + "Whether this active connector is enabled" + enabled : Boolean! + "The name of the published service hardwired to the active connector" + hardwiredServiceName: String + "The active connector Properties" + properties: [EntityProperty!] + "The advanced properties for active connector" + advancedProperties: [EntityProperty!] + + "The published service hardwired to the active connector" + hardwiredService: HardwiredService +} + +input ActiveConnectorInput { + "The internal entity unique identifier" + goid: ID + "The active connector name" + name: String! + "Whether this active connector is enabled" + enabled: Boolean! + "The active connector type Examples:- KAFKA, SFTP_POLLING_LISTENER, MQ_NATIVE" + connectorType: String! + "The name of the published service hardwired to the active connector" + hardwiredServiceName: String + "The active connector properties" + properties: [EntityPropertyInput!] + "The advanced properties for active connector" + advancedProperties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"Reference input to identify the active connector entity" +input ActiveConnectorRefInput { + "The name of the active connector" + name: String! + "The active connector type Examples:- KAFKA, SFTP_POLLING_LISTENER, MQ_NATIVE" + connectorType: String +} + +"The inputs for partial update of active connector" +input ActiveConnectorPartialInput { + "The internal entity unique identifier" + goid: ID + "The active connector name" + name: String + "Whether this active connector is enabled" + enabled: Boolean + "The name of the published service hardwired to the active connector" + hardwiredServiceName: String + "The active connector properties. When specified, will replace all existing properties" + properties: [EntityPropertyInput!] + "The advanced properties for active connector. When specified, will replace all existing advanced properties" + advancedProperties: [EntityPropertyInput!] +} + +type ActiveConnectorPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The updated active connector." + activeConnector: ActiveConnector +} + +type ActiveConnectorsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The mutated active connectors" + activeConnectors: [ActiveConnector]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all administrative user account properties : logonMaxAllowableAttempts, logonLockoutTime, logonSessionExpiry, logonInactivityPeriod" + administrativeUserAccountProperties : [AdministrativeUserAccountProperty!]! + "Get filtered administrative user account properties" + administrativeUserAccountPropertiesByFilters(filters: [EntityFilterInput!]!) : [AdministrativeUserAccountProperty!]! +} + +extend type Mutation { + """ + Create or update existing Administrative User Account Minimum cluster properties. + If Administrative User Account Minimum cluster property with the given name does not exist, one will be created, otherwise the existing one will be updated. + This returns the list of entities created and/or updated. + Below are the allowed Administrative User Account Minimum properties + logonMaxAllowableAttempts : Logon attempts must be between 1 and 20 + logonLockoutTime : Lockout period must be between 1 and 86400 seconds + logonSessionExpiry : Expiry period must be between 1 and 86400 seconds + logonInactivityPeriod : Inactivity period must be between 1 and 365 days + """ + setAdministrativeUserAccountProperties(input: [AdministrativeUserAccountPropertyInput!]!): AdministrativeUserAccountPropertiesPayload! + +} + +""" +An administrative user account property. +Supported properties are logonMaxAllowableAttempts, logonLockoutTime, logonSessionExpiry, logonInactivityPeriod. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,value +""" +type AdministrativeUserAccountProperty { + "The administrative user account property unique identifier" + goid: ID! + "The name of administrative user account property" + name: String! + "The value of the administrative user account property" + value: String! + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"The inputs sent with the setClusterProperty Mutation" +input AdministrativeUserAccountPropertyInput { + "The administrative user account property unique identifier" + goid: ID + "The name of administrative user account property" + name: String! + "The value of the administrative user account property" + value: String! + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +type AdministrativeUserAccountPropertiesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + administrativeUserAccountProperties: [AdministrativeUserAccountProperty]! +} +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get policy aliases" + policyAliases : [L7PolicyAlias!]! + + "Get policy aliases inside a folder" + policyAliasesByFolderPath(folderPath: String!) : [L7PolicyAlias!]! + + "Get aliases by name" + policyAliasesByName(name: String!) : [L7PolicyAlias!]! + + "(Deprecated) Get policy alias by folder and name" + policyAliasByFolderPathAndName(folderPath: String!, name: String!) : L7PolicyAlias @deprecated(reason: "Use 'policyAliasesByFolderPath' instead.") + + "Get policy alias by goid" + policyAliasByGoid(goid: ID!) : L7PolicyAlias + + "Get filtered policy aliases" + policyAliasesByFilters(filters: [EntityFilterInput!]!) : [L7PolicyAlias!]! + + "Get service aliases" + serviceAliases : [L7ServiceAlias!]! + + "Get service aliases inside a folder" + serviceAliasesByFolderPath(folderPath: String!) : [L7ServiceAlias!]! + + "Get aliases by name" + serviceAliasesByName(name: String!) : [L7ServiceAlias!]! + + "(Deprecated) Get service alias by folder and name" + serviceAliasByFolderPathAndName(folderPath: String!, name: String!) : L7ServiceAlias @deprecated(reason: "Use 'serviceAliasesByFolderPath' instead.") + + "Get service alias by goid" + serviceAliasByGoid(goid: ID!) : L7ServiceAlias + + "Get filtered service aliases" + serviceAliasesByFilters(filters: [EntityFilterInput!]!) : [L7ServiceAlias!]! +} + +extend type Mutation { + "Create or update policy aliases" + setPolicyAliases(input: [L7PolicyAliasInput!]!) : L7PolicyAliasesPayload! + + "Create or update service aliases" + setServiceAliases(input: [L7ServiceAliasInput!]!) : L7ServiceAliasesPayload! + + """ + Update a single policy alias by name and folder path. + Using which, selected alias can be moved from one folder to another. + """ + updatePolicyAlias(refInput: L7PolicyAliasRefInput!, input: L7PolicyAliasPartialInput!) : L7PolicyAliasPayload! + + """ + (Deprecated) Delete a single policy alias by name and folder path. + Returns DELETED status if the alias was found and deleted, NONE if the alias was not found. + """ + deletePolicyAlias(refInput: L7PolicyAliasRefInput!) : L7PolicyAliasPayload! @deprecated(reason: "Use 'deletePolicyAliases' instead.") + + """ + Delete multiple policy aliases by name and folder path. + Each alias is identified by its policy name and folder path. + Returns a list of statuses (DELETED or NONE) for each alias in the input list. + Aliases that do not exist will return NONE status with a description indicating the entity was not found. + This operation is transactional - use the 'test' query parameter to preview changes without committing. + """ + deletePolicyAliases(refInputs: [L7PolicyAliasRefInput!]!) : L7PolicyAliasesPayload! + + """ + Update a single service alias by name and folder path. + Using which, selected alias can be moved from one folder to another. + """ + updateServiceAlias(refInput: L7ServiceAliasRefInput!, input: L7ServiceAliasPartialInput!) : L7ServiceAliasPayload! + + """ + (Deprecated) Delete a single service alias by name and folder path. + Returns DELETED status if the alias was found and deleted, NONE if the alias was not found. + """ + deleteServiceAlias(refInput: L7ServiceAliasRefInput!) : L7ServiceAliasPayload! @deprecated(reason: "Use 'deleteServiceAliases' instead.") + + """ + Delete multiple service aliases by name and folder path. + Each alias is identified by its service name and folder path. + Returns a list of statuses (DELETED or NONE) for each alias in the input list. + Aliases that do not exist will return NONE status with a description indicating the entity was not found. + This operation is transactional - use the 'test' query parameter to preview changes without committing. + """ + deleteServiceAliases(refInputs: [L7ServiceAliasRefInput!]!) : L7ServiceAliasesPayload! +} + + """ + A Layer7 Policy alias +> @l7-entity policyAlias|policyAliases +> @l7-identity-fields name,folderPath +> @l7-summary-fields goid,name,folderPath,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,folderPath +> @l7-excluded-fields aliasedPolicy +> @l7-foreign-fields aliasedPolicyName|name|L7Policy + """ + type L7PolicyAlias { + "The goid for this alias" + goid : ID! + "The alias name" + name: String! + "The folder path to the alias" + folderPath: String! + "The configuration checksum" + checksum: String! + "Aliased policy name" + aliasedPolicyName: String! + "Aliased policy" + aliasedPolicy: AliasedPolicy + } + + """ + A Layer7 Service alias +> @l7-entity serviceAlias|serviceAliases +> @l7-identity-fields name,folderPath +> @l7-summary-fields goid,name,folderPath,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,folderPath +> @l7-excluded-fields aliasedService +> @l7-foreign-fields aliasedServiceName|name|L7Service + """ + type L7ServiceAlias { + "The goid for this alias" + goid : ID! + "The alias name" + name: String! + "The folder path to the alias" + folderPath: String! + "The configuration checksum" + checksum: String! + "Aliased service name" + aliasedServiceName: String! + "Aliased service" + aliasedService: AliasedService + } + + type L7PolicyAliasPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + policyAlias: L7PolicyAlias + } + + type L7PolicyAliasesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + policyAliases: [L7PolicyAlias]! + } + + input L7PolicyAliasInput { + "The internal entity unique identifier" + goid: ID + "The folder path where to create this alias. If the path does not exist, it will be created" + folderPath: String! + "The alias name" + name: String! + "Aliased policy name" + aliasedPolicyName: String + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + } + + input L7PolicyAliasPartialInput { + "The folder path where to create this alias. If the path does not exist, it will be created" + folderPath: String + } + + """ + Reference input to identify a policy alias entity. + Used for delete operations to uniquely identify an alias by its policy name and folder location. + """ + input L7PolicyAliasRefInput { + "The folder path where the alias is located (e.g., '/my-folder' or '/parent/child')" + folderPath: String! + "The name of the alias" + name: String! + "The name of the aliased policy" + aliasedPolicyName: String + } + + input L7PolicyAliasMappingInstructionInput { + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a Policy alias entity uniquely" + source: L7PolicyAliasRefInput + } + + type L7ServiceAliasPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + serviceAlias: L7ServiceAlias + } + + type L7ServiceAliasesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + serviceAliases: [L7ServiceAlias]! + } + + input L7ServiceAliasInput { + "The internal entity unique identifier" + goid: ID + "The folder path where to create this alias. If the path does not exist, it will be created" + folderPath: String! + "The alias name" + name: String! + "The name of the aliased entity." + aliasedServiceName: String + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + } + + input L7ServiceAliasPartialInput { + "The folder path where to create this alias. If the path does not exist, it will be created" + folderPath: String + } + + """ + Reference input to identify a service alias entity. + Used for delete operations to uniquely identify an alias by its service name and folder location. + """ + input L7ServiceAliasRefInput { + "The folder path where the alias is located (e.g., '/my-folder' or '/parent/child')" + folderPath: String! + "The alias name" + name: String! + "The name of the service that is aliased" + aliasedServiceName: String + "The internal entity unique identifier" + goid: ID + } + + input L7ServiceAliasMappingInstructionInput { + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a Service alias entity uniquely" + source: L7ServiceAliasRefInput + }# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2026. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get All AuditConfigurations" + auditConfigurations: [AuditConfiguration!]! + "Get filtered AuditConfigurations" + auditConfigurationsByFilters(filters: [EntityFilterInput!]!): [AuditConfiguration!]! +} + +extend type Mutation { + setAuditConfigurations(input : [AuditConfigurationInput!]!): AuditConfigurationsPayload! + + """ + Delete one or more existing audit configurations. + + Matching can be done using: + - refInputs: Array of AuditConfigurationRefInput objects (name) + + The operation returns the status of each deletion attempt. + """ + deleteAuditConfigurations(refInputs: [AuditConfigurationRefInput!]!): AuditConfigurationsPayload! +} +""" +An Audit Configuration. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name, +> @l7-encrypted-fields ftpConfig.password +> @l7-foreign-fields lookupPolicyName|name|L7Policy,sinkPolicyName|name|L7Policy +""" +type AuditConfiguration { + "The internal entity unique identifier" + goid: ID! + "audit configuration unique name" + name: String! + "The configuration checksum" + checksum: String! + "Whether to save the audit records always to the internal database" + alwaysSaveInternal: Boolean! + "Lookup Policy Name" + lookupPolicyName: String + "Sink Policy Name" + sinkPolicyName: String + "FTP Client Configuration" + ftpConfig: AuditFtpConfiguration +} + + +input AuditConfigurationInput { + "The internal entity unique identifier" + goid: ID + "log sink unique name" + name: String! + "Lookup Policy Name" + lookupPolicyName: String + "The configuration checksum" + checksum: String + "Whether to save the audit records always to the internal database" + alwaysSaveInternal: Boolean + "Sink Policy Name" + sinkPolicyName: String + "FTP Client Configuration" + ftpConfig: AuditFtpConfigurationInput +} + +"Reference input to identify the audit configuration entity" +input AuditConfigurationRefInput { + "The name of the audit configuration" + name: String! +} + +""" +Audit FTP Configuration +> @l7-encrypted-fields password +""" +type AuditFtpConfiguration { + "Host of FTP Server" + host: String! + "Port of FTP Server" + port: Int! + "FTP connection timeout" + timeout: Int! + "FTP user" + user: String! + "FTP password" + password: String + "Directory in FTP Server" + directory: String + "To verify server certification" + verifyServerCert: Boolean! + "Security Type" + security: AuditFtpSecurityType! + "Whether this Audit Configuration is enabled" + enabled: Boolean! +} + +input AuditFtpConfigurationInput { + "Host of FTP Server" + host: String! + "Port of FTP Server" + port: Int! + "FTP connection timeout" + timeout: Int! + "FTP user" + user: String! + "FTP password" + password: String + "Directory in FTP Server" + directory: String + "To verify server certification" + verifyServerCert: Boolean = false + "Security Type" + security: AuditFtpSecurityType! + "Whether this Audit Configuration is enabled" + enabled: Boolean! +} + +"Indicates the Sink Category" +enum AuditFtpSecurityType { + FTP_UNSECURED, + FTPS_EXPLICIT, + FTPS_IMPLICIT +} + +type AuditConfigurationsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + auditConfigurations: [AuditConfiguration]! +} +# +# Copyright (c) 2025. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get authenticated user details" + authenticatedUser: AuthenticatedUser +} + +"IDP User Reference" +type AuthenticatedUser { + "The name of user" + name: String + "The first name of user" + firstName : String + "The last name of user" + lastName : String + "The email of user" + email : String + "The login identity of user" + login: String + "The DN of user" + subjectDn: String + "The name of identity provider that the user belongs to" + providerName: String! + "The type of identity provider that the user belongs to" + providerType: IdpType! + "The roles assigned for this user" + roles: [Role] +}# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +input BundlePropertiesInput { + "Bundle Meta information should be any key value pair form ex: id, name, author, hostname, timestamp" + meta: AnyObject + "Default action should be applied to entity if no action defined inside entities" + defaultAction: EntityMutationAction! + "Mapping Instructions of all entities" + mappings: BundleEntityMappingsInput +} + +input BundleEntityMappingsInput { + activeConnectors: [NamedEntityMappingInstructionInput!] + administrativeUserAccountProperties: [NamedEntityMappingInstructionInput!] + cassandraConnections:[NamedEntityMappingInstructionInput!] + clusterProperties:[NamedEntityMappingInstructionInput!] + customKeyValues:[CustomKeyValueMappingInstructionInput!] + emailListeners:[NamedEntityMappingInstructionInput!] + encassConfigs:[NamedEntityMappingInstructionInput!] + schemas:[SchemaMappingInstructionInput!] + dtds:[DtdMappingInstructionInput!] + httpConfigurations:[HttpConfigurationMappingInstructionInput!] + ldaps:[NamedEntityMappingInstructionInput!] + ldapIdps:[NamedEntityMappingInstructionInput!] + simpleLdapIdps:[NamedEntityMappingInstructionInput!] + fips:[NamedEntityMappingInstructionInput!] + fipGroups:[FipGroupMappingInstructionInput!] + fipUsers:[FipUserMappingInstructionInput!] + federatedIdps:[NamedEntityMappingInstructionInput!] + federatedGroups:[FederatedGroupMappingInstructionInput!] + federatedUsers:[FederatedUserMappingInstructionInput!] + folders:[FolderMappingInstructionInput!] + internalIdps:[NamedEntityMappingInstructionInput!] + internalGroups:[NamedEntityMappingInstructionInput!] + internalUsers:[InternalUserMappingInstructionInput!] + jdbcConnections:[NamedEntityMappingInstructionInput!] + jmsDestinations:[JmsDestinationMappingInstructionInput!] + keys:[KeyMappingInstructionInput!] + listenPorts:[NamedEntityMappingInstructionInput!] + logSinks:[NamedEntityMappingInstructionInput!] + backgroundTaskPolicies:[NamedEntityMappingInstructionInput!] + policies:[PolicyMappingInstructionInput!] + policyBackedIdps:[NamedEntityMappingInstructionInput!] + policyFragments:[NamedEntityMappingInstructionInput!] + passwordPolicies:[PasswordPolicyMappingInstructionInput!] + globalPolicies:[GlobalPolicyMappingInstructionInput!] + serviceResolutionConfigs:[ServiceResolutionConfigsMappingInstructionInput!] + revocationCheckPolicies:[NamedEntityMappingInstructionInput!] + serverModuleFiles:[NamedEntityMappingInstructionInput!] + scheduledTasks:[NamedEntityMappingInstructionInput!] + secrets:[NamedEntityMappingInstructionInput!] + services:[ServiceMappingInstructionInput!] + smConfigs:[NamedEntityMappingInstructionInput!] + internalSoapServices:[SoapServiceMappingInstructionInput!] + soapServices:[SoapServiceMappingInstructionInput!] + trustedCerts:[TrustedCertsMappingInstructionInput!] + webApiServices:[WebApiServiceMappingInstructionInput!] + internalWebApiServices:[WebApiServiceMappingInstructionInput!] + genericEntities:[NamedEntityMappingInstructionInput!] + roles:[NamedEntityMappingInstructionInput!] + auditConfigurations:[NamedEntityMappingInstructionInput!] + sampleMessages:[NamedEntityMappingInstructionInput!] + policyBackedServices:[NamedEntityMappingInstructionInput!] + policyAliases:[L7PolicyAliasMappingInstructionInput!] + serviceAliases:[L7ServiceAliasMappingInstructionInput!] + interfaceTags:[NamedEntityMappingInstructionInput!] + firewallRules:[NamedEntityMappingInstructionInput!] + kerberosConfigs:[NamedEntityMappingInstructionInput!] +} + +input NamedEntityMappingInstructionInput { + "The mutation action for the matching entity" + action: EntityMutationAction = NEW_OR_UPDATE + "If true, instruction is marked as default one for the non matching entities" + default: Boolean + "If true, instruction triggers the mutation failure when the matching entity is not found" + failOnNew: Boolean + "If true, instruction triggers the mutation failure when the matching entity is found" + failOnExisting: Boolean + "If true, instruction will be used to derive the partial entity definition when required" + nodef: Boolean + "one or more name-value pairs to identify a bundled entity uniquely" + source: NamedEntityRefInput +} + +input NamedEntityRefInput { + """ + The name of the entity belongs to one of the given Entities + ActiveConnector + AdministrativeUserAccount + CassandraConnection + ClusterProperty + EmailListener + EncassConfig + Ldap + LdapIdp + SimpleLdap + Fip + FederatedIdp + InternalIdp + InternalGroup + JdbcConnection + ListenPort + LogSink + BackgroundTaskPolicy + PolicyBackedIdp + PolicyFragment + RevocationCheckPolicy + ServerModuleFile + ScheduledTask + Secret + SmConfig + GenericEntity + Role + AuditConfiguration + + """ + name: String! +} +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2024-2026. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all Cassandra Connections" + cassandraConnections : [CassandraConnection!]! + "Get Cassandra Connection by name" + cassandraConnectionByName(name: String!) : CassandraConnection + "Get Cassandra Connection by goid" + cassandraConnectionByGoid(goid: ID!) : CassandraConnection + "Get filtered Cassandra Connections" + cassandraConnectionsByFilters(filters: [EntityFilterInput!]!) : [CassandraConnection!]! +} + +extend type Mutation { + """ + Create or update Cassandra connections. + If Cassandra connection with the same name exist, the Cassandra connection will be updated. + If no Cassandra connection with the name exist, a new Cassandra connection will be created. + """ + setCassandraConnections(input: [CassandraConnectionInput!]!): CassandraConnectionsPayload! + + """ + Update an existing Cassandra connection. Match is carried by refInput + """ + updateCassandraConnection(refInput: CassandraConnectionRefInput!, input: CassandraConnectionPartialInput!): CassandraConnectionPayload! + + """ + Update an existing Cassandra connection with new properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input properties will preserve the current properties and will not delete any existing ones. + """ + updateCassandraConnectionProperties(refInput: CassandraConnectionRefInput!, properties: [EntityPropertyPartialInput!]!): CassandraConnectionPayload! + + """ + Delete one or more existing Cassandra connections. + + Matching can be done using either: + - refInputs: Array of CassandraConnectionRefInput objects (name) - recommended + - names: Array of Cassandra connection names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteCassandraConnections(refInputs: [CassandraConnectionRefInput!], names: [String!]): CassandraConnectionsPayload! +} + +enum CassandraCompression { + NONE + LZ4 +} + +""" +A Cassandra connection. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-excluded-fields +> @l7-name-fields name +> @l7-display-summary-fields name,contactPoints,keyspace,port,enabled +> @l7-foreign-fields securePasswordName|name|Secret +""" +type CassandraConnection { + "The goid for the Cassandra Connection" + goid : ID! + "The Cassandra Connection name" + name : String! + "The configuration checksum of this Cassandra connection" + checksum: String! + + "Whether this Cassandra connection is enabled" + enabled: Boolean! + "The Cassandra keyspace name" + keyspace: String! + "The Cassandra connection points" + contactPoints : [String!]! + "The Cassandra server port" + port: PositiveInt! + "The Cassandra connection compression type" + compression: CassandraCompression! + "The username" + username: String + "The secure password reference." + securePasswordName: String + "Whether this Cassandra connection is SSL enabled" + sslEnabled: Boolean! + "Cipher suites used for SSL connection" + cipherSuites: [String!] + "The Cassandra connection properties" + properties: [EntityProperty!] +} + +input CassandraConnectionInput { + "The internal entity unique identifier" + goid: ID + "The Cassandra Connection name" + name : String! + "The Cassandra keyspace name" + keyspace: String! = "" + "The Cassandra connection points" + contactPoints : [String!]! + "The Cassandra server port" + port: PositiveInt! + "The username" + username: String! = "" + "The secure password reference." + securePasswordName: String + "The Cassandra connection compression type" + compression: CassandraCompression = NONE + "Whether this Cassandra connection is SSL enabled" + sslEnabled: Boolean! + "Cipher suites used for SSL connection" + cipherSuites: [String!] + "Whether this Cassandra connection is enabled" + enabled: Boolean! + "The Cassandra connection properties" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input CassandraConnectionPartialInput { + "The internal entity unique identifier" + goid: ID + "The Cassandra Connection name" + name : String + "The Cassandra keyspace name" + keyspace: String + "The Cassandra connection points" + contactPoints : [String!] + "The Cassandra server port" + port: PositiveInt + "The username" + username: String + "The secure password reference." + securePasswordName: String + "The Cassandra connection compression type" + compression: CassandraCompression + "Whether this Cassandra connection is SSL enabled" + sslEnabled: Boolean + "Cipher suites used for SSL connection" + cipherSuites: [String!] + "Whether this Cassandra connection is enabled" + enabled: Boolean + "The Cassandra connection properties. When specified, will replace all existing properties" + properties: [EntityPropertyInput!] +} + +"Reference input to identify the entity" +input CassandraConnectionRefInput { + "The Cassandra Connection name" + name: String! +} + +type CassandraConnectionPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The created/updated Cassandra connection." + cassandraConnection: CassandraConnection +} + +type CassandraConnectionsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The mutated Cassandra connections." + cassandraConnections: [CassandraConnection]! +} +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all cluster nodes information" + clusterInfo : ClusterInfo + "Get cluster node info" + nodeInfo: ClusterNodeInfo +} + +type ClusterInfo { + "Name of the cluster" + name : String + "checksum" + checksum: String + "Cluster nodes" + nodes : [ClusterNodeInfo!]! +} + +type ClusterNodeInfo { + "cluster node id" + nodeId : String! + "cluster node name" + name : String! + "cluster node IP Address" + address : String! + "cluster node uptime" + uptime : Long! + "cluster node boot time" + bootTime : DateTime! + "cluster node lastUpdatedTime" + lastUpdatedTime : DateTime! + "cluster node status" + nodeStatus : String + "node formFactor" + formFactor : FormFactor! + "supportsDBUpgrade on the node" + supportsDBUpgrade : Boolean! + "failoverDBConfigured on the node" + failoverDBConfigured : Boolean! + "checksum" + checksum: String + + operatingSystem : OSInfo + "JVM Info" + jvm : JVMInfo + "java command line arguments" + jvmArguments : [EntityProperty!] + + "Product name" + productName: String + "Product Version" + productVersion : ProductVersion + + "license information" + licenses : [LicenseInfo] + "Patches Info" + patches : [PatchInfo] + + "Configured System Properties" + systemProperties: [EntityProperty!] + "Configured Telemetry Properties" + telemetryProperties : [EntityProperty!] + "Configured Node Properties" + nodeProperties : [EntityProperty!] +} + +type OSInfo { + "Operating System Name" + name : String + "Operating System architecture" + architecture : String + "Operating System version" + version : String +} + +type JVMInfo { + "Java Virtual Machine vendor" + vendor : String + "Java Virtual Machine name" + name : String + "Java Virtual Machine version" + version : String +} + +type ProductVersion { + "Major version of the product" + major : String! + "Minor version of the product" + minor: String! + "Sub minor version of the product" + subMinor : String! + "Build number of the GW" + buildNumber: String! + "Build date of the GW" + buildDate: DateTime! + "formal string of the GW, complete version" + formalString : String! + "GW Long build number" + longString : String! + "GW Short Build number" + shortString: String! +} + +type PatchInfo { + "Patch ID" + patchId : String + "Patch Description" + description : String + "Patch status" + status : String + "Patch Type" + patchType : String + "Patch Version" + version : String + "Is This The Latest Installed Patch?" + latest : Boolean +} + +"license information" +type LicenseInfo { + "License Id" + licenseId : String + "License Status" + licenseStatus : String + "The start date of the validity period" + startDate : DateTime + "The expiry date of the validity period" + expiryDate : DateTime + "License Description" + description : String + "licensee Information" + licensee : Licensee + "License EULA Text" + eulaText : String + "License Feature Label" + featureLabel : String + "License Attributes" + attributes : [String] + "License Contents" + contents : String + "license Grants Information" + grants : LicenseGrants +} + +type Licensee { + "Licensee Name" + name : String + "Licensee Contact Email" + contactEmail : String +} + +type LicenseGrants { + "License HostName" + hostname : String + "License IP" + ip : String + "License product Name" + productName : String + "License FeatureSets" + featureSets : [String] + "license Product Information" + productVersion : LicenseProductVersion +} + +type LicenseProductVersion { + "License Major Version" + major : String + "License Minor Version" + minor : String + "License Trusted Issuer" + issuer : String +} + +enum FormFactor { + "Virtual Appliance" + APPLIANCE + "Software Installation" + SOFTWARE + "Container Deployment" + CONTAINER + "Unknown" + UNKNOWN +} + +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2025-2026 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all cluster properties" + clusterProperties : [ClusterProperty!]! + "Get the cluster property by goid" + clusterPropertyByGoid(goid : ID!) : ClusterProperty + "Get the cluster property with the given name" + clusterPropertyByName(name : String!) : ClusterProperty + "Get filtered cluster properties" + clusterPropertiesByFilters(filters: [EntityFilterInput!]!) : [ClusterProperty!]! +} + +extend type Mutation { + """ + Create or update existing cluster properties. If a cluster property with the given name does not + exist, one will be created, otherwise the existing one will be updated. This returns the list of + entities created and/or updated + """ + setClusterProperties(input: [ClusterPropertyInput!]!): ClusterPropertiesPayload! + + """ + Update an existing cluster property. Match is carried by refInput + """ + updateClusterProperty(refInput: ClusterPropertyRefInput!, input: ClusterPropertyPartialInput!): ClusterPropertyPayload! + + """ + Delete one or more existing cluster properties. + + Matching can be done using either: + - refInputs: Array of ClusterPropertyRefInput objects (name) - recommended + - names: Array of cluster property names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteClusterProperties(refInputs: [ClusterPropertyRefInput!], names: [String!]): ClusterPropertiesPayload! +} + +""" +Cluster properties are used to set global properties. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-excluded-fields +> @l7-name-fields name +> @l7-display-summary-fields name,value +""" +type ClusterProperty { + "The goid for the cluster property" + goid : ID! + "The cluster property name" + name : String! + "The configuration checksum of this cluster prop" + checksum: String! + + "The cluster property description" + description : String + "Whether this is a hidden property" + hiddenProperty : Boolean! + "The cluster property value" + value : String! +} + +"The inputs sent with the setClusterProperty Mutation" +input ClusterPropertyInput { + "The internal entity unique identifier" + goid: ID + "The name of the cluster property" + name: String! + "The value of the cluster property to set" + value: String! + "The cluster property description" + description : String + "Whether this is a hidden property. (Note that, this field has no effect on the mutation)" + hiddenProperty : Boolean + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"Reference input to identify the entity" +input ClusterPropertyRefInput { + "The name of the cluster property" + name: String! +} + +"The inputs for partial update of cluster property" +input ClusterPropertyPartialInput { + "The internal entity unique identifier" + goid: ID + "The name of the cluster property" + name: String + "The value of the cluster property to set" + value: String + "The cluster property description" + description : String +} + +type ClusterPropertyPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The updated cluster property." + clusterProperty: ClusterProperty +} + +type ClusterPropertiesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + clusterProperties: [ClusterProperty]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all Custom Key values" + customKeyValues: [CustomKeyValue!]! + "Get the Custom Key value by goid" + customKeyValueByGoid(goid : ID!) : CustomKeyValue + "Get the Custom Key value with the given key name" + customKeyValueByKey(key : String!) : CustomKeyValue + "Get filtered Custom Key values" + customKeyValuesByFilters(filters: [EntityFilterInput!]!): [CustomKeyValue!]! +} + +extend type Mutation { + """ + Create or update existing custom key values data. If a custom key value with the given key does not + exist, one will be created, otherwise the existing one will be updated. This returns the list of + entities created and/or updated + """ + setCustomKeyValues(input: [CustomKeyValueInput!]!): CustomKeyValuePayload! + + "Delete existing cluster properties" + deleteCustomKeyValues(keys: [String!]!): CustomKeyValuePayload! +} + +""" +A custom key value pair. +> @l7-entity +> @l7-identity-fields key +> @l7-summary-fields goid,key,checksum +> @l7-excluded-fields +> @l7-name-fields key +""" +type CustomKeyValue { + "The goid for the custom key value" + goid : ID! + "The custom key" + key : String! + "The configuration checksum of this custom key value" + checksum: String! + + "The custom value in Base64 encoded format" + value : String! +} + +"The inputs sent with the setCustomKeyValue Mutation" +input CustomKeyValueInput { + "The goid for the custom key value" + goid : ID + "The custom key" + key : String! + "The custom value in Base64 encoded format" + value : String! + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +type CustomKeyValuePayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + customKeyValues: [CustomKeyValue]! +} + +input CustomKeyValueMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a CustomKeyValue entity uniquely" + source: CustomKeyValueRefInput +} +input CustomKeyValueRefInput{ + "The custom key" + key: String! +} +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all email listeners" + emailListeners : [EmailListener!]! + "Get the email listener by goid" + emailListenerByGoid(goid : ID!) : EmailListener + "Get the email listener by name" + emailListenerByName(name : String!) : EmailListener + "Get filtered email listeners" + emailListenersByFilters(filters: [EntityFilterInput!]!) : [EmailListener!]! +} + +extend type Mutation { + """ + Create or update existing email listeners. + Match is carried by name. If match is found, it will be updated. Otherwise, it will be created. + """ + setEmailListeners(input: [EmailListenerInput!]!): EmailListenersPayload! + + """ + Update an existing email listener. Match is carried by refInput + """ + updateEmailListener(refInput: EmailListenerRefInput!, input: EmailListenerPartialInput!): EmailListenerPayload! + + """ + Update an existing email listener with new properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input properties will preserve the current properties and will not delete any existing ones. + """ + updateEmailListenerProperties(refInput: EmailListenerRefInput!, properties: [EntityPropertyPartialInput!]!): EmailListenerPayload! + + """ + Delete one or more existing email listeners. + + Matching can be done using either: + - refInputs: Array of EmailListenerRefInput objects (name) - recommended + - names: Array of email listener names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteEmailListeners(refInputs: [EmailListenerRefInput!], names: [String!]): EmailListenersPayload! +} + +enum EmailServerType { + IMAP + POP3 +} + +""" +An email listener. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-excluded-fields hardwiredService +> @l7-name-fields name +> @l7-display-summary-fields name,serverType,enabled +> @l7-encrypted-fields password +> @l7-foreign-fields hardwiredServiceName|name|L7Service +""" +type EmailListener { + "The goid for the email listener Connection" + goid : ID! + "The name of the email listener. If you are creating several listeners, make sure the name is descriptive" + name : String! + "The configuration checksum" + checksum: String! + + "Whether this email listener is enabled(active)" + enabled : Boolean! + "The type of email server (IMAP or POP3)" + serverType: EmailServerType! + "The hostname of the email server. This name is verified against the X.509 certificate" + hostname: String! + "The port number to monitor" + port : PositiveInt! + "The folder name to check for emails (Only for IMAP)" + folder: String! + "Whether delete the messages on the mail server after retrieving" + deleteOnReceive: Boolean! + "Email account name" + username: String! + "Email account password. The password could be in plain text or secure password reference" + password: String! + "The name of the published service hardwired to the email listener" + hardwiredServiceName: String + "Whether email server connection (POP3S or IMAPS) is SSL enabled" + sslEnabled: Boolean! + "The listener will check for email after the specified number of seconds" + pollInterval: PositiveInt! + "Permitted maximum size of the message" + sizeLimit: NonNegativeInt + "The email listener properties excluding sizeLimit and HardwiredServiceName" + properties: [EntityProperty!] + + "The published service hardwired to the email listener" + hardwiredService: HardwiredService +} + +input EmailListenerInput { + "The internal entity unique identifier" + goid: ID + "The name of the email listener. If you are creating several listeners, make sure the name is descriptive" + name: String! + "Whether this email listener is enabled(active)" + enabled: Boolean! + "The hostname of the email server. This name is verified against the X.509 certificate" + hostname: NonEmptyString! + "The port number to monitor" + port: PositiveInt! + "The type of email server (IMAP or POP3)" + serverType: EmailServerType! + "Whether email server connection (POP3S or IMAPS) is SSL enabled" + sslEnabled: Boolean! + "Whether delete the messages on the mail server after retrieving" + deleteOnReceive: Boolean! + "The folder name to check for emails (Only for IMAP)" + folder: String! + "The listener will check for email after the specified number of seconds" + pollInterval: PositiveInt! + "Email account name" + username: String! + "Email account password. The password could be in plain text or secure password reference" + password: String! + "The name of the published service hardwired to the email listener" + hardwiredServiceName: String + "Permitted maximum size of the message" + sizeLimit: NonNegativeInt + "[Optional] The Email listener Properties excluding sizeLimit and HardwiredServiceName. When specified, will replace existing properties" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input EmailListenerPartialInput { + "The internal entity unique identifier" + goid: ID + "The name of the email listener. If you are creating several listeners, make sure the name is descriptive" + name: String + "Whether this email listener is enabled(active)" + enabled: Boolean + "The hostname of the email server. This name is verified against the X.509 certificate" + hostname: NonEmptyString + "The port number to monitor" + port: PositiveInt + "The type of email server (IMAP or POP3)" + serverType: EmailServerType + "Whether email server connection (POP3S or IMAPS) is SSL enabled" + sslEnabled: Boolean + "Whether delete the messages on the mail server after retrieving" + deleteOnReceive: Boolean + "The folder name to check for emails (Only for IMAP)" + folder: String + "The listener will check for email after the specified number of seconds" + pollInterval: PositiveInt + "Email account name" + username: String + "Email account password. The password could be in plain text or secure password reference" + password: String + "The name of the published service hardwired to the email listener" + hardwiredServiceName: String + "Permitted maximum size of the message" + sizeLimit: NonNegativeInt + "[Optional] The Email listener Properties excluding sizeLimit and HardwiredServiceName. When specified, will replace existing properties" + properties: [EntityPropertyInput!] +} + +"Reference input to identify the entity" +input EmailListenerRefInput { + "The email listener name" + name: String! +} + +type EmailListenerPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The updated email listener." + emailListener: EmailListener +} + +type EmailListenersPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The mutated email listener connections." + emailListeners: [EmailListener]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all Encapsulated Assertion Configurations" + encassConfigs : [EncassConfig!]! + "Get all Encapsulated Assertion Configurations by folder path" + encassConfigsByFolderPath(folderPath: String!) : [EncassConfig!]! + "Get Encapsulated Assertion Configuration by name" + encassConfigByName(name: String!) : EncassConfig + "Get Encapsulated Assertion Configuration by goid" + encassConfigByGoid(goid: ID!) : EncassConfig + "Get Encapsulated Assertion Configuration by guid" + encassConfigByGuid(guid: ID!) : EncassConfig + "Get filtered Encapsulated Assertion Configurations" + encassConfigsByFilters(filters: [EntityFilterInput!]!) : [EncassConfig!]! +} + +extend type Mutation { + "Create or update Encapsulated Assertion Configurations" + setEncassConfigs(input: [EncassConfigInput!]!) : EncassConfigsPayload + "Delete existing Encapsulated Assertion Configurations" + deleteEncassConfigs(names: [String!]!) : EncassConfigsPayload +} + +""" +An encapsulated assertion configuration. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,guid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,policyName +> @l7-foreign-fields policyName|name|L7Policy +""" +type EncassConfig { + "The goid for this encass config" + goid : ID! + "The guid for this encass config" + guid : ID! + "The name of the encass config" + name: String! + "The configuration checksum of this encass" + checksum: String! + "The description of the encass config" + description: String + "The policy it points to and its dependencies" + policyName: String! + "the input argument descriptions for this encass" + encassArgs : [EncassArg!] + "the output descriptions" + encassResults : [EncassResult!] + "Encass properties" + properties: [EntityProperty!] +} + +"The description of an input argument for an encapsulated assertion" +type EncassArg { + "The name of the input" + name: String! + # com.l7tech.policy.variable.DataType + "The type of input" + type : DataType! + "The order of the argument in the admin gui" + ordinal : Int + "The prompt in the admin gui for this encass argument" + guiPrompt : Boolean + "The label in the admin gui associated with this encass argument" + guiLabel : String +} + +"The description of an output from the encapsulated assertion" +type EncassResult { + "The name of the output" + name: String! + # com.l7tech.policy.variable.DataType + "The type of the output" + type : DataType! +} + +enum DataType { + STRING + CERTIFICATE + INTEGER + DECIMAL + FLOAT + ELEMENT + BOOLEAN + BINARY + DATE_TIME + MESSAGE + BLOB + CLOB + UNKNOWN +} + +"The description of a new encapsulated assertion configuration being created" +input EncassConfigInput { + "The internal entity unique identifier" + goid: ID + "The guid for this encass config, can be omitted and a new one is assigned" + guid : ID + "The name of the encass config" + name: String! + description: String + "The policy it points to and its dependencies" + policyName: String! + "the input argument descriptions for this encass" + encassArgs : [EncassArgInput!] + "the output descriptions" + encassResults : [EncassResultInput!] + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"The description of an input argument for an encapsulated assertion for use when creating or updating an existing encass config" +input EncassArgInput { + "The name of the input" + name: String! + # com.l7tech.policy.variable.DataType + "The type of input" + type : DataType! + "The order of the argument in the admin gui" + ordinal : Int + "The prompt in the admin gui for this encass argument" + guiPrompt : Boolean = false + "The label in the admin gui associated with this encass argument" + guiLabel : String +} + +"The description of an output from the encapsulated assertion for use when creating or updating an existing encass config" +input EncassResultInput { + "The name of the output" + name: String! + # com.l7tech.policy.variable.DataType + "The type of the output" + type : DataType! +} + +type EncassConfigsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + encassConfigs: [EncassConfig]! +} +# +# Copyright (c) 2026. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all Firewall Rules" + firewallRules: [FirewallRule!]! + "Get the Firewall Rule by goid" + firewallRuleByGoid(goid : ID!) : FirewallRule + "Get the Firewall Rule with the given name" + firewallRuleByName(name : String!) : FirewallRule + "Get filtered Firewall Rules" + firewallRulesByFilters(filters: [EntityFilterInput!]!): [FirewallRule!]! +} + +extend type Mutation { + """ + Create or update existing firewall rules. If a firewall rule with the given name does not + exist, one will be created, otherwise the existing one will be updated. This returns the list of + entities created and/or updated + """ + setFirewallRules(input: [FirewallRuleInput!]!): FirewallRulesPayload! + + """ + Update an existing firewall rule. Match is carried by refInput + """ + updateFirewallRule(refInput: FirewallRuleRefInput!, input: FirewallRulePartialInput!): FirewallRulePayload! + + """ + Update an existing firewall rule with new properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input properties will preserve the current properties and will not delete any existing ones. + """ + updateFirewallRuleProperties(refInput: FirewallRuleRefInput!, properties: [EntityPropertyPartialInput!]!): FirewallRulePayload! + + "Delete existing firewall rules" + deleteFirewallRules(refInputs: [FirewallRuleRefInput!]!): FirewallRulesPayload! +} + +""" +A firewall rule configuration. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,ordinal,enabled,checksum +> @l7-excluded-fields +> @l7-name-fields name +""" +type FirewallRule { + "The goid for the firewall rule" + goid : ID! + "The name of the firewall rule (unique identifier)" + name : String! + "The ordinal position of the rule (execution order, lower numbers execute first)" + ordinal : Int! + "Whether the rule is enabled (true=active, false=disabled)" + enabled : Boolean! + "The configuration checksum of this firewall rule" + checksum: String! + """ + The protocol for the rule + Possible values: tcp, udp, icmp, all, esp, ah, sctp, or any valid protocol name + """ + protocol : String + """ + The destination port + Formats: + - Single port: "80", "443", "8080" + - Port range: "8000:9000", "1024:65535" + - Negated: "!80", "!443" + Range: 1-65535 + """ + port : String + """ + The action/target for the rule + Common values: ACCEPT, DROP, REJECT, REDIRECT, DNAT, SNAT, LOG, MASQUERADE + """ + action : String + """ + The interface tag name or IP address + Examples: eth0, eth1, lo, wlan0, 192.168.1.1 + Special value: (ALL) for all interfaces + """ + interfaceTagName : String + """ + Additional properties for the firewall rule + Common properties: + - chain: INPUT, OUTPUT, FORWARD, PREROUTING, POSTROUTING + - table: filter, nat, mangle, raw + - source: source IP address/CIDR (e.g., 192.168.1.0/24) + - destination: destination IP address/CIDR + - source-port: source port number or range + - tcp-flags: TCP flags to match (e.g., SYN,ACK,FIN,RST SYN) + - tcp-option: TCP option number + - icmp-type: ICMP type number or name + - to-ports: redirect target port (for REDIRECT action) + - to-destination: DNAT target IP:port (for DNAT action) + """ + properties : [EntityProperty!] +} + +"The inputs sent with the setFirewallRule Mutation" +input FirewallRuleInput { + "The goid for the firewall rule" + goid : ID + "The name of the firewall rule" + name : String! + "The ordinal position of the rule" + ordinal : Int! + "Whether the rule is enabled" + enabled : Boolean! + """ + The protocol for the rule (optional) + Possible values: tcp, udp, icmp, all, esp, ah, sctp, or any valid protocol name + """ + protocol : String + """ + The destination port (optional) + Formats: Single port ("80"), Port range ("8000:9000"), Negated ("!80") + Range: 1-65535 + """ + port : String + """ + The action/target for the rule (optional) + Common values: ACCEPT, DROP, REJECT, REDIRECT, DNAT, SNAT, LOG, MASQUERADE + """ + action : String + """ + The interface tag name or IP address (optional) + Examples: eth0, eth1, lo, wlan0, 192.168.1.1 + """ + interfaceTagName : String + """ + Additional properties for the firewall rule (optional) + Common properties: + - chain: INPUT, OUTPUT, FORWARD, PREROUTING, POSTROUTING (required for most rules) + - table: filter, nat, mangle, raw (default: filter) + - source: source IP/CIDR (e.g., "192.168.1.0/24", "!10.0.0.1") + - destination: destination IP/CIDR + - source-port: source port number or range + - tcp-flags: TCP flags (e.g., "SYN,ACK,FIN,RST SYN") + - tcp-option: TCP option number + - icmp-type: ICMP type number or name + - to-ports: redirect target port (for REDIRECT action) + - to-destination: DNAT target IP:port (for DNAT action) + """ + properties : [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +""" +The partial inputs sent with the updateFirewallRule Mutation +All fields are optional for partial updates +""" +input FirewallRulePartialInput { + "The goid for the firewall rule (optional)" + goid : ID + "The name of the firewall rule (optional)" + name : String + "The ordinal position of the rule (optional, execution order)" + ordinal : Int + "Whether the rule is enabled (optional, true=active, false=disabled)" + enabled : Boolean + """ + The protocol for the rule (optional) + Possible values: tcp, udp, icmp, all, esp, ah, sctp + """ + protocol : String + """ + The destination port (optional) + Formats: Single port ("80"), Port range ("8000:9000"), Negated ("!80") + Range: 1-65535 + """ + port : String + """ + The action/target for the rule (optional) + Common values: ACCEPT, DROP, REJECT, REDIRECT, DNAT, SNAT, LOG, MASQUERADE + """ + action : String + """ + The interface tag name or IP address (optional) + Examples: eth0, eth1, lo, wlan0, 192.168.1.1 + """ + interfaceTagName : String + """ + Additional properties for the firewall rule (optional) + To delete a property, provide only the name without a value + Common properties: + - chain: INPUT, OUTPUT, FORWARD, PREROUTING, POSTROUTING + - table: filter, nat, mangle, raw + - source: source IP/CIDR + - destination: destination IP/CIDR + - source-port: source port number or range + - tcp-flags: TCP flags (e.g., "SYN,ACK,FIN,RST SYN") + - icmp-type: ICMP type number + - to-ports: redirect target port + - to-destination: DNAT target IP:port + """ + properties : [EntityPropertyInput!] +} + +type FirewallRulesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + firewallRules: [FirewallRule]! +} + +type FirewallRulePayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + firewallRule: FirewallRule +} + +input FirewallRuleMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a FirewallRule entity uniquely" + source: FirewallRuleRefInput +} +input FirewallRuleRefInput{ + "The firewall rule name" + name: String! +} +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all Folders" + folders: [Folder!]! + "Get the folder by goid" + folderByGoid(goid: ID!) : Folder + "Get the folder identified by path" + folderByPath(path: String!) : Folder + "Get the folders matches by path (i.e., folder itself and the folders in it)" + foldersByPath(path: String!) : [Folder!]! + "Get filtered Folders" + foldersByFilters(filters: [EntityFilterInput!]!): [Folder!]! +} + +extend type Mutation { + "Set the Folders" + setFolders(input : [FolderInput!]!) : FoldersPayload! + "Update the folder" + updateFolder(refInput: FolderRefInput!, input: FolderPartialInput!): FolderPayload! + """ + Delete one or more existing folders. + + Matching can be done using either: + - refInputs: Array of FolderRefInput objects (path) - recommended + - paths: Array of folder paths - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteFolders(refInputs: [FolderRefInput!], paths: [String!]) : FoldersPayload! +} + +input FolderInput { + "The goid for the folder" + goid : ID + "The folder name" + name : String + "The folder Path" + path : String! + "The configuration checksum of this folder" + checksum : String +} + +input FolderPartialInput { + "The goid for the folder" + goid : ID + "The folder name" + name : String + "The folder Path" + path : String + "The configuration checksum of this folder" + checksum : String +} + +""" +A folder that is used to group services, policies, and other folders. +> @l7-entity +> @l7-identity-fields path +> @l7-summary-fields goid,name,path,checksum +> @l7-name-fields path +> @l7-display-summary-fields name,path +""" +type Folder { + "The goid for the folder" + goid : ID! + "The folder name" + name : String! + "The folder Path" + path : String! + "The configuration checksum of this folder" + checksum : String! +} + +type FolderPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The created/updated Folder." + folder: Folder +} + +type FoldersPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + folders: [Folder]! +} + +input FolderMappingInstructionInput { + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a Folder entity uniquely" + source: FolderRefInput +} + +input FolderRefInput { + "The folder Path" + path: String! +} + +extend type Query { + "Get all the assertions metadata" + assertionsMetadata: [AssertionMetadata!]! + "Get the assertion metadata by configName" + assertionMetadataByConfigName(configName : String!) : AssertionMetadata + "Get the assertions metadata by type" + assertionsMetadataByType(assertionType : AssertionType!) : [AssertionMetadata!] + "Get the filtered assertions metadata" + assertionsMetadataByFilters(filters: [EntityFilterInput!]!): [AssertionMetadata!] + + "Get the meta data of Built in Variables" + builtinPolicyVariables: [VariableMetadata!] + "Get the meta data of Built in Variables" + builtinPolicyVariablesByFilters(filters: [EntityFilterInput!]!): [VariableMetadata!] + + "Get all the entities metadata" + entitiesMetadata: [EntityMetadata!]! + "Get the entity metadata by name" + entityMetadataByName(name : String!) : EntityMetadata + "Get the entity metadata by pluralName" + entityMetadataByPluralName(pluralName : String!) : EntityMetadata + "Get the filtered entities metadata" + entitiesMetadataByFilters(filters: [EntityFilterInput!]!) : [EntityMetadata!] +} + +enum AssertionType { + CORE + MODULAR + CUSTOM + ENCAPSULATED + "CORE or MODULAR" + NATIVE +} + +""" +Assertion metadata. +""" +type AssertionMetadata { + name : String! + configName: String! + className: String + assertionType: AssertionType! + checksum: String! + description: String + displayNameFormats: [AssertionDisplayNameFormat!]! + categories: [AssertionCategory!]! + composite: Boolean! + annotations: [String!]! + routing: Boolean! + needsInitializedRequest: Boolean! + initializesRequest: Boolean! + needsInitializedResponse: Boolean! + initializesResponse: Boolean! + messageTargetable: Boolean! + messageTargetSubjectedToChange: Boolean! + securityHeaderAddressable: Boolean! + identityTagable: Boolean! + identityTargetable: Boolean! + requestIdentityTargetable: Boolean! + privateKeyable: Boolean! + saml: Boolean! + xml: Boolean! + soap: Boolean! + wss: Boolean! + "Array of configuration schemas" + configSchemas: [JSON!]! + "Array of configuration schema patches" + configSchemaPatches: [JsonResourcePatch!]! + "Array of configuration data patches" + configDataPatches: [JsonResourcePatch!]! + "Array of JSON Form schemas" + uiSchemas: [JSON!]! + "i18n Resources" + i18nResources: [I18NResource!]! + "Metadata about referenced entities" + refEntities: [AssertionRefEntity!]! + "Metadata about referenced variables" + refVariables: [AssertionRefVariable!]! + "Assertion prototype" + prototype: JSON +} + +enum AssertionCategory { + ACCESS_CONTROL, + TRANSPORT_LAYER_SECURITY, + XML_SECURITY, + MESSAGE_VALIDATION_TRANSFORMATION, + MESSAGE_ROUTING, + SERVICE_AVAILABILITY, + LOGGING_AUDITING_ALERTS, + POLICY_LOGIC, + THREAT_PROTECTION, + INTERNAL_ASSERTIONS, + CUSTOM_ASSERTIONS +} + +type AssertionDisplayNameFormat { + format: String! + condition: String! + children: [AssertionDisplayNameSubFormat!]! +} + +type AssertionDisplayNameSubFormat { + format: String! + condition: String! +} + +type JsonResourcePatch { + id: String! + patches: [JsonResourcePatchOperation!]! +} + +type JsonResourcePatchOperation { + op: String! + path: String! + from: String + value: JSON +} + +type I18NResource { + id: String! + locale: String! + content: JSON! +} + +enum AssertionRefEntityType { + GOID + GUID + NAME +} + +type AssertionRefEntity { + fieldPath: String! + secondaryFieldPath: String + refType: AssertionRefEntityType! + entityType: String! +} + +enum AssertionRefVariableType { + IN + OUT + BOTH +} + +type AssertionRefVariable { + fieldPath: String! + secondaryFieldPath: String + "The prefix of the variable" + prefix: String + "The suffix of the variable" + suffix: String + refType: AssertionRefVariableType! + """ + Variable Data type + Supported data types are string, int, dateTime, message, boolean, xml, cert, decimal, float, binary, blob, clob, other." + """ + dataType: String! + + "True if this variable is really a prefixed meta-variable, Ex: 'request.http.header.host' " + prefixed: Boolean! + "True if this variable returns multiple values, false otherwise." + multivalued: Boolean! + "True if this variable is settable, false otherwise." + settable: Boolean! + """ + Decoration flags + Ist bit - show it as single variable expression + 2nd bit - store it as single variable expression + """ + decorationFlags: Int! + + "condition" + condition: String +} + +""" +Variable metadata. +""" +type VariableMetadata { + "The name of the variable" + name: String! + """ + Variable Data type + Supported data types are string, int, dateTime, message, boolean, xml, cert, decimal, float, binary, blob, clob, other." + """ + dataType: String! + "The configuration checksum" + checksum: String! + + "True if this variable is really a prefixed meta-variable, Ex: 'request.http.header.host' " + prefixed: Boolean! + "True if this variable returns multiple values, false otherwise." + multivalued: Boolean! + "True if this variable is settable, false otherwise." + settable: Boolean + + "The name of the new variable that deprecates this variable" + replacedBy: String +} + +""" +Entity metadata. +""" +type EntityMetadata { + name : String! + altName: String + typeNames: [String]! + queryTypeNames: [String]! + bundleSectionNames: [String]! + displayNames: [String]! + + singularName: String! + pluralName: String! + singularDisplayName: String! + pluralDisplayName: String! + checksum: String! + deprecated: Boolean! + mutationOrder: Int! + fields: [EntityFieldMetadata!]! + subFields: [EntitySubFieldMetadata!]! + subEntities: [SubEntityMetadata!]! + nameFields: [String!]! + identityFields: [String!]! + summaryFields: [String!]! + excludedFields: [String!]! + displaySummaryFields: [String!]! + encryptedFields: [String!]! + foreignFields: [String!]! + alternativeFields: [String!]! + + primaryInputs: [String!]! + queryMethods: [EntityMethodMetadata!]! + mutationMethods: [EntityMethodMetadata!]! + + "Array of configuration schemas" + configSchemas: [JSON!]! + "Array of JSON Form schemas" + uiSchemas: [JSON!]! + "i18n Resources" + i18nResources: [I18NResource!]! +} + +type EntityFieldMetadata { + name: String! + graphQLType: String! + alternativeFields: [String!]! + foreignField: ForeignEntityFieldMetadata + permittedValues: [String!] +} + +type ForeignEntityFieldMetadata { + name: String! + entityType: String! +} + +type SubEntityMetadata { + name: String! + fields: [EntityFieldMetadata!]! + encryptedFields: [String!]! + excludedFields: [String!]! +} + +type EntitySubFieldMetadata { + name: String! + graphQLType: String! + entitySubType: String! +} + +type EntityInputFieldMetadata { + name: String! + graphQLType: String! +} + +type EntityMethodMetadata { + name: String! + arguments: [EntityInputFieldMetadata!]! + graphQLType: String! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all generic entities" + genericEntities: [GenericEntity!]! + "Retrieves a role by goid" + genericEntityByGoid(goid: ID!) : GenericEntity + "Retrieves a generic entity by name" + genericEntityByName(name: String!): GenericEntity + "Get filtered generic entities" + genericEntitiesByFilters(filters: [EntityFilterInput!]!): [GenericEntity!]! +} + +extend type Mutation { + """ + Create or update existing generic entities. + Match is carried by name. If match is found, it will be updated. Otherwise, it will be created. + """ + setGenericEntities(input: [GenericEntityInput!]!): GenericEntitiesPayload! + + "Delete existing generic entity. Match is carried by name." + deleteGenericEntities(names: [String!]!): GenericEntitiesPayload! +} + +""" +Generic entity details. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,entityClassName,enabled +""" +type GenericEntity { + "The goid of the entity" + goid : ID! + " unique name" + name: String! + "The configuration checksum" + checksum: String! + "The description of the entity" + description: String + "Whether this Generic entity is enabled" + enabled: Boolean! + "Absolute entity class name of Generic Entity" + entityClassName: String! + "XML representation of underlying entity details" + valueXml: String + "Json representation of underlying entity details" + valueJson: String +} + +input GenericEntityInput { + goid : ID + " unique name" + name: String! + "The configuration checksum" + checksum: String + "description" + description: String + "XML representation of underlying entity details" + valueXml: String! + "Whether this Generic entity is enabled" + enabled: Boolean! + "Absolute entity class name of Generic Entity" + entityClassName: String! +} + +type GenericEntitiesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The mutated generic entities" + genericEntities: [GenericEntity]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get xml schemas configured on this gateway" + schemas : [Schema!]! + "The schema by goid" + schemaByGoid(goid : ID!) : Schema + "The schema given its system id" + schemaBySystemId(systemId : String!) : Schema + "The dtds configured on this gateway" + dtds : [Dtd!]! + "The dtd by goid" + dtdByGoid(goid : ID!) : Dtd + "The dtd given its system id" + dtdBySystemId(systemId : String!) : Dtd + "Get internal schemas, for reference only" + internalSchemas : [Schema!]! @deprecated(reason: "Use 'schemas' instead.") + "Get internal dtds, for reference only" + internalDtds : [Dtd!]! @deprecated(reason: "Use 'dtds' instead.") + "Get filtered schemas configured on this gateway" + schemasByFilters(filters: [EntityFilterInput!]!) : [Schema!]! + "The filtered dtds configured on this gateway" + dtdsByFilters(filters: [EntityFilterInput!]!) : [Dtd!]! +} + +extend type Mutation { + "Create or Update multiple XML schemas" + setSchemas(input: [SchemaInput!]!) : SchemasPayload + "Delete multiple XML schemas" + deleteSchemas(systemIds: [String!]!) : SchemasPayload + + "Create or Update multiple DTD resources" + setDtds(input: [DtdInput!]!) : DtdsPayload + "Delete multiple DTD resources" + deleteDtds(systemIds: [String!]!) : DtdsPayload +} + +""" +An XML Schema which can be referred to in policy, for example in the validate xml schema assertion. +> @l7-entity +> @l7-identity-fields systemId +> @l7-summary-fields goid,systemId,checksum +> @l7-display-summary-fields systemId,targetNs +> @l7-name-fields systemId +""" +type Schema { + "Internal goid for this schema" + goid : ID! + "A reference to the schema. This id is what is referred to in policy and is often mirror of the target namespace" + systemId : String! + "The configuration checksum" + checksum: String! + + "The target namespace in the xml schema" + targetNs : String + "An optional description for the schema" + description : String + "The content of XML schema" + content : String! +} + +""" +A Document Type Definition (DTD) which can be referred to in policy. +> @l7-entity +> @l7-identity-fields systemId +> @l7-summary-fields goid,systemId,checksum +> @l7-display-summary-fields systemId,publicId +> @l7-name-fields systemId +""" +type Dtd { + "Internal goid for this DTD" + goid : ID! + "A reference to the DTD. This id is what is referred to in policy and is often mirror of the target namespace" + systemId : String! + "The configuration checksum" + checksum: String! + + "The public id for the DTD" + publicId : String + "An optional description" + description : String + "The content of DTD itself" + content : String! +} + +input SchemaInput { + "The internal entity unique identifier" + goid: ID + "A reference to the schema. This id is what is referred to in policy and is often mirror of the target namespace" + systemId : String! + "The target namespace in the XML schema" + targetNs : String + "An optional description for the schema" + description : String + "The content of XML schema" + content : String! + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input DtdInput { + "The internal entity unique identifier" + goid: ID + "A reference to the dtd. This id is what is referred to in policy and is often mirror of the target namespace" + systemId : String! + "The public id for the dtd" + publicId : String + "An optional description" + description : String + "The actual dtd itself" + content : String! + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +type DtdsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + dtds: [Dtd]! +} + +type SchemasPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + schemas: [Schema]! +} + +input DtdMappingInstructionInput { + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a DTD entity uniquely" + source: DtdRefInput +} + +input DtdRefInput { + "A reference to the schema. This id is what is referred to in policy and is often mirror of the target namespace" + systemId: String! +} + +input SchemaMappingInstructionInput { + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a Schema entity uniquely" + source: SchemaRefInput +} + +input SchemaRefInput { + "A reference to the schema. This id is what is referred to in policy and is often mirror of the target namespace" + systemId: String! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all http configuration" + httpConfigurations : [HttpConfiguration!]! + "Get the http configuration by goid" + httpConfigurationByGoid(goid : ID!) : HttpConfiguration + "Get the http configurations with the given host" + httpConfigurationsByHost(host : String!) : [HttpConfiguration!]! + "Get filtered http configuration" + httpConfigurationsByFilters(filters: [EntityFilterInput!]!) : [HttpConfiguration!]! +} + +extend type Mutation { + "Create or update existing http configuration." + setHttpConfigurations(input: [HttpConfigurationInput!]!): HttpConfigurationsPayload! + + "Delete existing http configuration" + deleteHttpConfigurations(input: [HttpConfigurationPartialInput!]!): HttpConfigurationsPayload! +} + +""" +An HTTP configuration. +> @l7-entity +> @l7-identity-fields host,port,protocol,path +> @l7-summary-fields goid,host,port,protocol,path,checksum +> @l7-name-fields host +> @l7-display-summary-fields host,port,protocol,path +> @l7-foreign-fields securePasswordName|name|Secret,proxyConfiguration.securePasswordName|name|Secret +""" +type HttpConfiguration { + "The goid for the http configuration" + goid : ID! + "The host of the http configuration" + host: String! + "The port of the http configuration" + port: Int + "The protocol of the http configuration" + protocol : HttpScheme + "The path of the http configuration" + path : String + "The configuration checksum of this http configuration" + checksum : String! + "The username of the http configuration" + username : String + "The securePasswordName of the http configuration" + securePasswordName : String + "The ntlmHost of the http configuration" + ntlmHost : String + "The ntlmDomain of the http configuration" + ntlmDomain : String + "The tlsVersion of the http configuration" + tlsVersion : String + "The tlsKeyUse of the http configuration" + tlsKeyUse : EntityFieldOption! + "The tlsKeystoreId of the http configuration" + tlsKeystoreId : String + "The tlsKeyAlias of the http configuration" + tlsKeyAlias : String + "The tlsCipherSuites of the http configuration" + tlsCipherSuites : [String!] + "The connectTimeout of the http configuration" + connectTimeout : Int + "The readTimeout of the http configuration" + readTimeout : Int + "The followRedirects of the http configuration" + followRedirects : Boolean + "The proxyUse of the http configuration" + proxyUse : EntityFieldOption! + "The HttpProxyConfiguration of the http configuration" + proxyConfiguration : HttpProxyConfiguration +} + +enum HttpScheme { + HTTP + HTTPS + ANY +} + +""" +HTTP Proxy Configuration +> @l7-foreign-fields securePasswordName|name|Secret +""" +type HttpProxyConfiguration { + "The proxyHost of the http proxy configuration" + host : String + "The proxyPort of the http proxy configuration" + port : Int + "The proxyUsername of the http proxy configuration" + username : String + "The securePasswordName of the http proxy configuration" + securePasswordName : String +} + +input HttpConfigurationInput { + "The goid for the http configuration" + goid : ID + "The host of the http configuration" + host: String! + "The port of the http configuration" + port: Int = 0 + "The protocol of the http configuration" + protocol : HttpScheme = ANY + "The path of the http configuration" + path : String + "The username of the http configuration" + username : String + "The securePasswordName of the http configuration" + securePasswordName : String + "The ntlmHost of the http configuration" + ntlmHost : String + "The ntlmDomain of the http configuration" + ntlmDomain : String + "The tlsVersion of the http configuration" + tlsVersion : String + "The tlsKeyUse of the http configuration" + tlsKeyUse : EntityFieldOption = DEFAULT + "The tlsKeystoreId of the http configuration" + tlsKeystoreId : String = "00000000000000000000000000000000" + "The tlsKeyAlias of the http configuration" + tlsKeyAlias : String + "The tlsCipherSuites of the http configuration" + tlsCipherSuites : [String!] + "The connectTimeout of the http configuration" + connectTimeout : Int + "The readTimeout of the http configuration" + readTimeout : Int + "The followRedirects of the http configuration" + followRedirects : Boolean + "The proxyUse of the http configuration" + proxyUse : EntityFieldOption = DEFAULT + "The HttpProxyConfiguration of the http configuration" + proxyConfiguration : HttpProxyConfigurationInput + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +type HttpConfigurationsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + httpConfigurations: [HttpConfiguration]! +} + +input HttpProxyConfigurationInput { + "The proxyHost of the http proxy configuration" + host : String! + "The proxyPort of the http proxy configuration" + port : Int! + "The proxyUsername of the http proxy configuration" + username : String + "The securePasswordName of the http proxy configuration" + securePasswordName : String +} + + input HttpConfigurationPartialInput { + "The goid for the http configuration" + goid : ID + "The host of the http configuration" + host: String! + "The port of the http configuration" + port: Int = 0 + "The protocol of the http configuration" + protocol : HttpScheme = ANY + "The path of the http configuration" + path : String + } + + input HttpConfigurationMappingInstructionInput { + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a HttpConfiguration entity uniquely" + source: HttpConfigurationRefInput + } + + input HttpConfigurationRefInput { + "The host of the http configuration" + host: String! + "The port of the http configuration" + port: Int = 0 + "The protocol of the http configuration" + protocol: HttpScheme = ANY + "The path of the http configuration" + path: String + } +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all fips configurations" + fips : [Fip!]! @deprecated(reason: "Use 'federatedIdps' instead.") + "Get all fip users" + fipUsers : [FipUser!]! @deprecated(reason: "Use 'federatedUsers' instead.") + "Get all fip groups" + fipGroups : [FipGroup!]! @deprecated(reason: "Use 'federatedGroups' instead.") + "Get fip configuration by name" + fipByName(name: String!) : Fip @deprecated(reason: "Use 'federatedIdpByName' instead.") + "Get fip user by name" + fipUserByName(providerName: String!, name: String!) : FipUser @deprecated(reason: "Use 'federatedUserByName' instead.") + "Get fip group by name" + fipGroupByName(providerName: String!, name: String!) : FipGroup @deprecated(reason: "Use 'federatedGroupByName' instead.") + searchFip(filter: IdpFilter!) : FipSearchResult! @deprecated(reason: "Use 'searchFederatedIdp' instead.") + "Get internal users and groups" + searchInternal(filter: IdpFilter!) : InternalSearchResult! @deprecated(reason: "Use 'searchInternalIdp' instead.") + "Get all ldap configurations" + ldaps : [Ldap!]! @deprecated(reason: "Use 'ldapIdps' instead.") + "Get ldap configuration by name" + ldapByName(name: String!) : Ldap @deprecated(reason: "Use 'ldapIdpByName' instead.") +} + +extend type Mutation { + "Creates or updates one or more fips" + setFips(input: [FipInput!]!) : FipsPayload @deprecated(reason: "Use 'setFederatedIdps' instead.") + "Creates or updates one or more ldaps" + setLdaps(input: [LdapInput!]!) : LdapsPayload @deprecated(reason: "Use 'setLdapIdps' instead.") + "Deletes one or more existing fips" + deleteFips(names: [String!]!) : FipsPayload @deprecated(reason: "Use 'deleteFederatedIdps' instead.") + "Deletes one or more existing ldaps" + deleteLdaps(names: [String!]!) : LdapsPayload @deprecated(reason: "Use 'deleteLdapIdps' instead.") + + """ + Creates or updates one or more fip users. + NOTE: Existing user will be found by either login or subjectDn or name. + """ + setFipUsers(input: [FipUserInput!]!) : FipUsersPayload @deprecated(reason: "Use 'setFederatedUsers' instead.") + "Creates or updates one or more fip groups" + setFipGroups(input: [FipGroupInput!]!) : FipGroupsPayload @deprecated(reason: "Use 'setFederatedGroups' instead.") + """ + Deletes one or more existing fip users. + NOTE: Here, name can be either login or subjectDn or name. + """ + deleteFipUsers(providerName: String!, names: [String!]!) : FipUsersPayload @deprecated(reason: "Use 'deleteFederatedUsers' instead.") + "Deletes one or more existing fip groups" + deleteFipGroups(providerName: String!, names: [String!]!) : FipGroupsPayload @deprecated(reason: "Use 'deleteFederatedGroups' instead.") +} + +type FipSearchResult { + fipUsers : [FipUser!]! + fipGroups : [FipGroup!]! +} + +input FipUserInput { + name : String! + "If provided, will try to honour at creation time" + goid : ID + " The name of the FiP this user is defined as part of " + providerName : String! + "The list of fip group details (names) that this user is member of. If you pass empty array, will reset memberships. If absent, does not affect memberships for current user." + memberOf : [MembershipInput!] + login : String + subjectDn : String + "A client-side certificate associated with this user to use for pki type authentication" + certBase64 : String + firstName : String + lastName : String + email : String + checksum : String +} + +input FipGroupInput { + name : String! + "If provided, will try to honour at creation time" + goid : ID + " The name of the FiP this group is defined in " + providerName : String! + description : String + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +""" +A group defined in a federated identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,providerName,checksum +> @l7-excluded-fields members +> @l7-deprecated Use 'FederatedGroup' instead. +""" +type FipGroup { + "The goid of the group" + goid : ID! + "The name of the group" + name : String! + " The name of the FiP this group is defined in " + providerName : String! + "A checksum of the name, description and member names properties of the group" + checksum : String! + "The description of the group" + description : String + " Fip users that member of this group " + members : [FipUser!]! +} +# Note FIP also has concept of virtual group with name, description, subjectDnPattern, emailPattern, isRegex + +""" +A user defined in a federated identity provider.. +> @l7-entity +> @l7-identity-fields login,name,providerName +> @l7-summary-fields goid,name,login,providerName,checksum +> @l7-excluded-fields memberOf.* +> @l7-included-fields memberOf.providerName,memberOf.name +> @l7-deprecated Use 'FederatedUser' instead. +""" +type FipUser { + "The goid of the user" + goid : ID! + "The name of the user" + name : String! + "The login of the user" + login : String + " The name of the FiP this user is defined as part of " + providerName : String! + "A checksum of properties" + checksum : String! + "The subjectDn" + subjectDn : String + "A client-side certificate associated with this user to use for pki type authentication" + certBase64 : String + "The first name of the uer" + firstName : String + "The last name of the uer" + lastName : String + "The email of the uer" + email : String + " The list of Fip groups this user belongs to " + memberOf : [FipGroup!]! +} + +""" +A federated identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-excluded-fields certificateReferences.* +> @l7-included-fields certificateReferences.name,certificateReferences.subjectDn,certificateReferences.thumbprintSha1 +> @l7-deprecated Use 'FederatedIdp' instead. +""" +type Fip { + "The goid of the federated identity provider" + goid : ID! + "The name of the FIP" + name : String! + "A checksum of properties" + checksum : String! + "Enable SAML credential" + enableCredentialTypeSaml : Boolean! + "Enable X509 credential" + enableCredentialTypeX509 : Boolean! + "Certificate validation" + certificateValidation: CertificateValidationType + " The certificates in the trusted certificate table that establish the trust for this FIP " + certificateReferences : [Certificate!]! +} + +input FipInput { + name : String! + "Will try to match goid if provided" + goid : ID + enableCredentialTypeSaml : Boolean! + enableCredentialTypeX509 : Boolean! + certificateValidation: CertificateValidationType + " The certificates in the trusted certificate table that establish the trust for this FIP " + certificateReferences : [FipCertInput!]! + "The optional checksum is ignored during the mutation but can be used to compare bundle content" + checksum : String +} + +input LdapInput { + name : String! + "Will try to match goid if provided" + goid : ID + ldapUrls : [String!]! + "Whether or not the gateway presents a client cert when connecting at those ldap urls (only relevant when ldaps url)" + ldapsClientAuthEnabled : Boolean! + "The ID of the gateway keystore where the key is located" + ldapsClientKeystoreId: ID + "The alias of the key in the gateway keystore that is used when doing ldaps client cert authentication" + ldapsClientKeyAlias : String + searchBase : String! + writable : Boolean! + bindDn : String! + bindPassword : String! + userMappings : [UserMappingInput!]! + groupMappings : [GroupMappingInput!]! + "The optional checksum is ignored during the mutation but can be used to compare bundle content" + checksum : String +} + +input FipCertInput { + "The thumbprint of the cert to use as trust for a federated identity provider" + thumbprintSha1 : String! + + "The internal entity unique identifier. (Note that, this field has no effect on the mutation)" + goid: ID + "The name of the trusted certificate. (Note that, this field has no effect on the mutation)" + name: String + "The base 64 encoded string of the certificate. (Note that, this field has no effect on the mutation)" + certBase64: String + "Whether to perform hostname verification with this certificate. (Note that, this field has no effect on the mutation)" + verifyHostname: Boolean + "Whether this certificate is a trust anchor. (Note that, this field has no effect on the mutation)" + trustAnchor: Boolean + "What the certificate is trusted for. (Note that, this field has no effect on the mutation)" + trustedFor: [TrustedForType!] + "The revocation check policy type. (Note that, this field has no effect on the mutation)" + revocationCheckPolicyType : PolicyUsageType + "The name of revocation policy. (Note that, this field has no effect on the mutation)" + revocationCheckPolicyName : String + "The Subject DN of this certificate. (Note that, this field has no effect on the mutation)" + subjectDn : String + "The start date of the validity period. (Note that, this field has no effect on the mutation)" + notBefore : String + "the end date of the validity period. (Note that, this field has no effect on the mutation)" + notAfter : String + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +type FipsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + fips: [Fip]! +} + +type LdapsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + ldaps: [Ldap]! +} + +type FipUsersPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + fipUsers : [FipUser]! +} + +type FipGroupsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + fipGroups : [FipGroup]! +} + +""" +LdapIdp config itself is provided. Graphman wont get to +underlying users and groups in the ldap since they are not +part of the gateway configuration itself. When l7 policies +refer to these ldap users and groups, thee references are +interpreted by the ldap directory itself. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-excluded-fields +> @l7-deprecated Use 'LdapIdp' instead. +""" +type Ldap { + "The goid of the LDAP identity provider" + goid : ID! + "The name of the LDAP identity provider" + name : String! + "A checksum of properties" + checksum : String! + "LDAP URLs" + ldapUrls : [String!]! + "Whether or not the gateway presents a client cert when connecting at those ldap urls (only relevant when ldaps url)" + ldapsClientAuthEnabled : Boolean! + "The ID of the gateway keystore where the key is located" + ldapsClientKeystoreId: ID + "The alias of the key in the gateway keystore that is used when doing ldaps client cert authentication" + ldapsClientKeyAlias : String + "Search base" + searchBase : String! + "Writable" + writable : Boolean! + "Bind DN" + bindDn : String! + "Bind password" + bindPassword : String! + "User mappings" + userMappings : [UserMapping!]! + "Group mappings" + groupMappings : [GroupMapping!]! +# consider these advanced ldap configuration: +# userCertificateUseType : UserCertificateUseType! +# ntlm stuff, 8 settings and additional arbitrary props +# 6 additional user cert settings +} + +# enum UserCertificateUseType { +# NONE +# INDEX +# INDEX_CUSTOM +# SEARCH +# } + +type GroupMapping { + objClass : String! + nameAttrName : String! + memberAttrName : String! + memberStrategy : MemberStrategy! +} + +input GroupMappingInput { + objClass : String! + nameAttrName : String! + memberAttrName : String! + memberStrategy : MemberStrategyInput! +} + +type MemberStrategy { + "Possible values are 0 for MEMBERS_ARE_DN, 1 MEMBERS_ARE_LOGIN, 2 MEMBERS_ARE_NVPAIR, 3 MEMBERS_BY_OU" + val : Int! +} + +input MemberStrategyInput { + "Possible values are 0 for MEMBERS_ARE_DN, 1 MEMBERS_ARE_LOGIN, 2 MEMBERS_ARE_NVPAIR, 3 MEMBERS_BY_OU" + val : Int! +} + +type UserMapping { + objClass : String! + nameAttrName : String! + loginAttrName : String! + passwdAttrName : String + firstNameAttrName : String + lastNameAttrName : String + emailNameAttrName : String + kerberosAttrName : String + kerberosEnterpriseAttrName : String + userCertAttrName : String + passwdType : PasswdStrategy +} + +input UserMappingInput { + objClass : String! + nameAttrName : String! + loginAttrName : String! + passwdAttrName : String + firstNameAttrName : String + lastNameAttrName : String + emailNameAttrName : String + kerberosAttrName : String + kerberosEnterpriseAttrName : String + userCertAttrName : String + passwdType : PasswdStrategyInput +} + +type PasswdStrategy { + "Possible values are 0 for CLEAR, 1 for HASHED" + val : Int! +} + +input PasswdStrategyInput { + "Possible values are 0 for CLEAR, 1 for HASHED" + val : Int! +} + +input FipGroupMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a FipGroup entity uniquely" + source: FipGroupRefInput +} + +input FipGroupRefInput { + name: String! + " The name of the FiP this group is defined in " + providerName: String! +} + +input FipUserMappingInstructionInput { + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a FipUser entity uniquely" + source: FipUserRefInput +} + +input FipUserRefInput { + login: String + "The Subject DN of this certificate. (Note that, this field has no effect on the mutation)" + subjectDn: String + name: String! + " The name of the FiP this user is defined as part of " + providerName: String! +} +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get internal IDPs." + internalIdps: [InternalIdp!]! + "Get all internal users" + internalUsers : [InternalUser!]! + "Get all internal groups" + internalGroups : [InternalGroup!]! + "Get internal user by login" + internalUserByLogin(login: String!) : InternalUser + "Get internal group by name" + internalGroupByName(name: String!) : InternalGroup + "Get internal users and groups" + searchInternalIdp(filter: IdpFilter!) : InternalSearchResult! + "Get filtered internal IDPs." + internalIdpsByFilters(filters: [EntityFilterInput!]!): [InternalIdp!]! + "Get filtered internal users" + internalUsersByFilters(filters: [EntityFilterInput!]!) : [InternalUser!]! + "Get filtered internal groups" + internalGroupsByFilters(filters: [EntityFilterInput!]!) : [InternalGroup!]! + + "Get all federated IDP configurations" + federatedIdps : [FederatedIdp!]! + "Get all federated users" + federatedUsers : [FederatedUser!]! + "Get all federated groups" + federatedGroups : [FederatedGroup!]! + "Get federated IDP configuration by goid" + federatedIdpByGoid(goid: ID!) : FederatedIdp + "Get federated IDP configuration by name" + federatedIdpByName(name: String!) : FederatedIdp + "Get federated user by name" + federatedUserByName(providerName: String!, name: String!) : FederatedUser + "Get federated group by name" + federatedGroupByName(providerName: String!, name: String!) : FederatedGroup + "Get federated users and groups" + searchFederatedIdp(filter: IdpFilter!) : FederatedSearchResult! + "Get filtered federated IDP configurations" + federatedIdpsByFilters(filters: [EntityFilterInput!]!) : [FederatedIdp!]! + "Get filtered federated users" + federatedUsersByFilters(filters: [EntityFilterInput!]!) : [FederatedUser!]! + "Get filtered federated groups" + federatedGroupsByFilters(filters: [EntityFilterInput!]!) : [FederatedGroup!]! + + "Get all simple simple ldap configurations" + simpleLdapIdps : [SimpleLdapIdp!]! + "Get simple ldap configuration by goid" + simpleLdapIdpByGoid(goid: ID!) : SimpleLdapIdp + "Get simple ldap configuration by name" + simpleLdapIdpByName(name: String!) : SimpleLdapIdp + "Get filtered simple simple ldap configurations" + simpleLdapIdpsByFilters(filters: [EntityFilterInput!]!) : [SimpleLdapIdp!]! + "Get all policy backed ldap configurations" + policyBackedIdps : [PolicyBackedIdp!]! + "Get policy backed ldap configuration by goid" + policyBackedIdpByGoid(goid: ID!) : PolicyBackedIdp + "Get policy backed ldap configuration by name" + policyBackedIdpByName(name: String!) : PolicyBackedIdp + "Get filtered policy backed ldap configurations" + policyBackedIdpsByFilters(filters: [EntityFilterInput!]!) : [PolicyBackedIdp!]! + "Get all ldap configurations" + ldapIdps : [LdapIdp!]! + "Get ldap configuration by goid" + ldapIdpByGoid(goid: ID!) : LdapIdp + "Get ldap configuration by name" + ldapIdpByName(name: String!) : LdapIdp + "Get filtered ldap configurations" + ldapIdpsByFilters(filters: [EntityFilterInput!]!) : [LdapIdp!]! +} + +extend type Mutation { + "Creates or updates one ore more internal IDP configurations" + setInternalIdps(input: [InternalIdpInput!]!): InternalIdpsPayload + "Creates or updates one or more internal users" + setInternalUsers(input: [InternalUserInput!]!) : InternalUsersPayload + "Creates or updates one or more internal groups" + setInternalGroups(input: [InternalGroupInput!]!) : InternalGroupsPayload + "Deletes one or more existing internal users" + deleteInternalUsers(logins: [String!]!) : InternalUsersPayload + "Deletes one or more existing internal groups" + deleteInternalGroups(names: [String!]!) : InternalGroupsPayload + + "Creates or updates one or more fips" + setFederatedIdps(input: [FederatedIdpInput!]!) : FederatedIdpsPayload + "Deletes one or more existing fips" + deleteFederatedIdps(names: [String!]!) : FederatedIdpsPayload + """ + Creates or updates one or more fip users. + NOTE: Existing user will be found by either login or subjectDn or name. + """ + setFederatedUsers(input: [FederatedUserInput!]!) : FederatedUsersPayload + "Creates or updates one or more fip groups" + setFederatedGroups(input: [FederatedGroupInput!]!) : FederatedGroupsPayload + """ + Deletes one or more existing fip users. + NOTE: Here, name can be either login or subjectDn or name. + """ + deleteFederatedUsers(providerName: String!, names: [String!]!) : FederatedUsersPayload + "Deletes one or more existing fip groups" + deleteFederatedGroups(providerName: String!, names: [String!]!) : FederatedGroupsPayload + + "Creates or updates one or more simple ldaps" + setSimpleLdapIdps(input: [SimpleLdapIdpInput!]!) : SimpleLdapIdpsPayload + "Deletes one or more existing simple ldaps" + deleteSimpleLdapIdps(names: [String!]!) : SimpleLdapIdpsPayload + "Creates or updates one or more policy backed ldaps" + setPolicyBackedIdps(input: [PolicyBackedIdpInput!]!) : PolicyBackedIdpsPayload + "Deletes one or more existing policy backed ldaps" + deletePolicyBackedIdps(names: [String!]!) : PolicyBackedIdpsPayload + "Creates or updates one or more ldaps" + setLdapIdps(input: [LdapIdpInput!]!) : LdapIdpsPayload + "Deletes one or more existing ldaps" + deleteLdapIdps(names: [String!]!) : LdapIdpsPayload +} + +enum IdpType { + INTERNAL + FEDERATED + LDAP + SIMPLE_LDAP + POLICY_BACKED +} + +" Indicate how to search for group or user. Provide either a name pattern, a subject dn and or a goid. " +input IdpFilter { + " The name of the FiP provider, or 'Internal' " + providerName : String! + "Finds users and groups whose name matches the specified pattern. May include wildcard such as * character" + namePattern : String + " SubjectDN of a FIP user " + subjectDn : String + " Get entity by goid " + goid : ID +} + +type InternalSearchResult { + internalUsers : [InternalUser!]! + internalGroups : [InternalGroup!]! +} + +""" +An internal identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-display-summary-fields name +> @l7-name-fields name +""" +type InternalIdp { + "The goid of the Internal IDP" + goid: ID! + "The name of the Internal IDP" + name: String! + "A checksum of properties" + checksum: String! + "Certificate validation" + certValidation: CertValidationType! +} + +""" +A group of users defined in the internal identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-excluded-fields members +""" +type InternalGroup { + "The goid of the Internal Group" + goid : ID! + "The name of the Internal Group" + name : String! + "A checksum of the name, description and member names properties of the group" + checksum : String! + "The description of the Internal Group" + description : String + " The list of internal users that are part of this group " + members : [InternalUser!]! +} + +""" +A user in the internal identity provider. +> @l7-entity +> @l7-identity-fields login +> @l7-summary-fields goid,name,login,checksum +> @l7-excluded-fields memberOf.* +> @l7-included-fields memberOf.name +> @l7-encrypted-fields password +> @l7-foreign-fields groupNames|name|InternalGroup +> @l7-deprecated-fields memberOf +""" +type InternalUser { + "The goid of the Internal User" + goid : ID! + "The name of the Internal User" + name : String + "The login of the Internal User" + login : String! + "The description of the Internal User" + description : String + "A checksum of properties" + checksum : String! + "User is enabled" + enabled : Boolean! + "The hashed password of the user if defined" + password : String + "A client-side certificate associated with this user to use for pki type authentication" + certBase64 : String + "SSH public key" + sshPublicKey : String + "The first name of the Internal User" + firstName : String + "The last name of the Internal User" + lastName : String + "The email of the Internal User" + email : String + + "Whether to replace existing group memberships or not" + replaceGroupMemberships: Boolean + "The list of Internal group names this user belongs to " + groupNames: [String!] + "(Deprecated) List of groups this is member of " + memberOf : [InternalGroup!]! @deprecated(reason: "Use 'groupNames' instead.") + + # possible future expansion expiration, accountExpiration +} + +input InternalIdpInput { + goid: ID + name: String! + checksum: String + certValidation: CertValidationType = USE_DEFAULT +} + +input InternalGroupInput { + name : String! + "If provided, will try to honour at creation time" + goid : ID + description : String + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input InternalUserInput { + name : String + "If provided, will try to honour at creation time" + goid : ID + "Whether to replace existing group memberships or not" + replaceGroupMemberships: Boolean = false + "The list of Internal group names this user belongs to " + groupNames: [String!] + "(Deprecated) The list of internal group details (names) that this user is member of. If you pass empty array, will reset memberships. If absent, does not affect memberships for current users." + memberOf : [MembershipInput!] + login : String! + "You can either pass in the hashed password which comes back in queries or the raw passwd directly" + password : String + "A client-side certificate associated with this user to use for pki type authentication" + certBase64 : String + "SSH public key" + sshPublicKey : String + firstName : String + lastName : String + email : String + "The description of the Internal User" + description : String + "Is user enabled or not!" + enabled : Boolean = true + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input MembershipInput { + "The name of group to which the membership is defined" + name: String! + goid : ID + description : String + providerName : String + checksum : String +} + +type InternalIdpsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + internalIdps: [InternalIdp]! +} + +type InternalUsersPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + internalUsers: [InternalUser]! +} + +type InternalGroupsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + internalGroups: [InternalGroup]! +} + +""" +A federated identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,supportsSAML,supportsX509 +> @l7-foreign-fields trustedCertNames|name|TrustedCert,trustedCerts.thumbprintSha1|thumbprintSha1|TrustedCert +> @l7-deprecated-fields trustedCerts +""" +type FederatedIdp { + "The goid of the federated identity provider" + goid : ID! + "The name of the FIP" + name : String! + "A checksum of properties" + checksum : String! + "Supports SAML credential" + supportsSAML : Boolean! + "Supports X509 credential" + supportsX509 : Boolean! + "Certificate validation" + certValidation: CertValidationType! + "The certificates in the trusted certificate table that establish the trust for this identity provider" + trustedCertNames : [String!] + "(Deprecated) The certificates in the trusted certificate table that establish the trust for this identity provider" + trustedCerts : [TrustedCertRef!] @deprecated(reason: "Use 'trustedCertNames' instead.") +} + +""" +A group defined in a federated identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,providerName,checksum +> @l7-excluded-fields members +""" +type FederatedGroup { + "The goid of the federated group" + goid : ID! + "The name of the federated group" + name : String! + " The name of the FiP this group is defined in " + providerName : String! + "A checksum of the name, description and member names properties of the group" + checksum : String! + "The description of the federated group" + description : String + " Federated users that member of this group " + members : [FederatedUser!]! +} + +# Note FIP also has concept of virtual group with name, description, subjectDnPattern, emailPattern, isRegex + +""" +A user defined in a federated identity provider.. +> @l7-entity +> @l7-identity-fields login,name,providerName +> @l7-summary-fields goid,name,login,providerName,checksum +> @l7-excluded-fields memberOf.* +> @l7-included-fields memberOf.providerName,memberOf.name +> @l7-foreign-fields groupNames|name|FederatedGroup +> @l7-deprecated-fields memberOf +""" +type FederatedUser { + "The goid of the federated user" + goid : ID! + "The name of the federated user" + name : String! + "The login of the federated user" + login : String + " The name of the FiP this user is defined as part of " + providerName : String! + "A checksum of properties" + checksum : String! + "The subjectDn" + subjectDn : String + "A client-side certificate associated with this user to use for pki type authentication" + certBase64 : String + "The first name of the federated user" + firstName : String + "The last name of the federated user" + lastName : String + "The email of the federated user" + email : String + "The description of the federated user" + description : String + "Whether to replace existing group memberships or not" + replaceGroupMemberships: Boolean + "The list of Federated group names this user belongs to " + groupNames: [String!] + "(Deprecated) The list of Federated groups this user belongs to " + memberOf : [FederatedGroup!] @deprecated(reason: "Use 'groupNames' instead.") +} + +type FederatedSearchResult { + federatedUsers : [FederatedUser!]! + federatedGroups : [FederatedGroup!]! +} + +type FederatedIdpsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + federatedIdps: [FederatedIdp]! +} + +type FederatedUsersPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + federatedUsers : [FederatedUser]! +} + +type FederatedGroupsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + federatedGroups : [FederatedGroup]! +} + +input FederatedIdpInput { + name : String! + "Will try to match goid if provided" + goid : ID + supportsSAML : Boolean! + supportsX509 : Boolean! + certValidation: CertValidationType = USE_DEFAULT + "The certificates in the trusted certificate table that establish the trust for this identity provider" + trustedCertNames : [String!] + "(Deprecated) The certificates in the trusted certificate table that establish the trust for this identity provider" + trustedCerts : [TrustedCertPartialInput!] + "The optional checksum is ignored during the mutation but can be used to compare bundle content" + checksum : String +} + +input FederatedUserInput { + name : String! + "If provided, will try to honour at creation time" + goid : ID + " The name of the FiP this user is defined as part of " + providerName : String! + "Whether to replace existing group memberships or not" + replaceGroupMemberships: Boolean = false + "The list of Federated group names this user belongs to " + groupNames: [String!] + "(Deprecated) The list of fip group details (names) that this user is member of. If you pass empty array, will reset memberships. If absent, does not affect memberships for current user." + memberOf : [MembershipInput!] + login : String + subjectDn : String + "A client-side certificate associated with this user to use for pki type authentication" + certBase64 : String + firstName : String + lastName : String + email : String + "The description of the federated user" + description : String + checksum : String +} + +input FederatedGroupInput { + name : String! + "If provided, will try to honour at creation time" + goid : ID + " The name of the FiP this group is defined in " + providerName : String! + description : String + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +""" +A simple LDAP based identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name +> @l7-foreign-fields sslClientKeyAlias|alias|Key +""" +type SimpleLdapIdp { + "The internal entity unique identifier" + goid : ID! + "Name of the simple ldap identity provider" + name : String! + "A checksum of the properties" + checksum : String! + "simple ldap server urls" + serverUrls : [String!]! + "Whether to use client certificate authentication" + useSslClientAuth : Boolean + "Client key Alias" + sslClientKeyAlias : String + "Bind DN prefix" + bindDnPatternPrefix : String + "Bind DN suffix" + bindDnPatternSuffix : String + "Simple Ldap properties" + properties : [EntityProperty!] +} + +input SimpleLdapIdpInput { + "The internal entity unique identifier" + goid : ID + "Name of the simple ldap identity provider" + name : String! + "A checksum of the properties" + checksum : String + "simple ldap server urls" + serverUrls : [String!]! + "Whether to use client certificate authentication" + useSslClientAuth : Boolean + "Client key Alias" + sslClientKeyAlias : String + "Bind DN prefix" + bindDnPatternPrefix : String + "Bind DN suffix" + bindDnPatternSuffix : String + "Simple Ldap properties" + properties : [EntityPropertyInput!] +} + +type SimpleLdapIdpsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + simpleLdapIdps: [SimpleLdapIdp]! +} + +""" +A policy backed identity provider. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,properties[name=adminEnabled].value +> @l7-foreign-fields authPolicyName|name|L7Policy +""" +type PolicyBackedIdp { + "The internal entity unique identifier" + goid : ID! + "Name of the simple ldap identity provider" + name : String! + "A checksum of the properties" + checksum : String! + "Authentication Policy Name" + authPolicyName : String + "Default Role" + defaultRoleName : String + "Additional properties" + properties : [EntityProperty!] +} + +input PolicyBackedIdpInput { + "The internal entity unique identifier" + goid : ID + "Name of the simple ldap identity provider" + name : String! + "A checksum of the properties" + checksum : String + "Authentication Policy Name" + authPolicyName : String! + "Default Role" + defaultRoleName : String + "Additional properties" + properties : [EntityPropertyInput!] +} + +type PolicyBackedIdpsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + policyBackedIdps: [PolicyBackedIdp]! +} + +""" +An LDAP based identity provider. Graphman wont get to +underlying users and groups in the ldap since they are not +part of the gateway configuration itself. When l7 policies +refer to these ldap users and groups, thee references are +interpreted by the ldap directory itself. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,ldapType,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,ldapType,properties[name=adminEnabled].value +> @l7-encrypted-fields bindPassword +> @l7-foreign-fields sslClientKeyAlias|alias|Key +""" +type LdapIdp { + "The goid of the LDAP IDP" + goid : ID! + "The name of the LDAP IDP" + name : String! + "Ldap type" + ldapType : String! + "A checksum of properties" + checksum : String! + "Ldap server urls" + serverUrls : [String!]! + "Whether or not the gateway presents a client cert when connecting at those ldap urls (only relevant when ldaps url)" + useSslClientAuth : Boolean! + "The alias of the key in the gateway keystore that is used when doing ldaps client cert authentication" + sslClientKeyAlias : String + "Search base" + searchBase : String! + "Bind DN" + bindDn : String + "Bind password" + bindPassword : String + "Is writable" + writable : Boolean! + "Write base" + writeBase : String + "Specified attributes" + specifiedAttributes: [String!] + "User mappings" + userMappings : [UserMapping!]! + "Group mappings" + groupMappings : [GroupMapping!]! + "NTLM properties" + ntlmProperties: [EntityProperty!] + "Additional properties" + properties : [EntityProperty!] +} + +input LdapIdpInput { + goid : ID + name : String! + checksum : String + "Ldap type" + ldapType : String! + "Ldap server urls" + serverUrls : [String!]! + "Whether or not the gateway presents a client cert when connecting at those ldap urls (only relevant when ldaps url)" + useSslClientAuth : Boolean! + "The alias of the key in the gateway keystore that is used when doing ldaps client cert authentication" + sslClientKeyAlias : String + searchBase : String! + bindDn : String + bindPassword : String + writable : Boolean! + writeBase : String + specifiedAttributes: [String!] + userMappings : [UserMappingInput!]! + groupMappings : [GroupMappingInput!]! + ntlmProperties: [EntityPropertyInput!] + "Additional properties" + properties : [EntityPropertyInput!] +} + +type LdapIdpsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + ldapIdps: [LdapIdp]! +} + +input FederatedGroupMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + source: FederatedGroupRefInput +} + +input FederatedGroupRefInput { + name: String! + " The name of the FiP this group is defined in " + providerName: String! +} + +input FederatedUserMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + source: FederatedUserRefInput +} + +input FederatedUserRefInput { + login: String + subjectDn: String + name: String! + " The name of the FiP this user is defined as part of " + providerName: String! +} + +input InternalUserMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a InternalUser entity uniquely" + source: InternalUserRefInput +} + +input InternalUserRefInput { + login: String! +} +# +# Copyright (c) 2026 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all interface tags" + interfaceTags : [InterfaceTag!]! + "Get the interface tag by name" + interfaceTagByName(name : String!) : InterfaceTag + "Get filtered interface tags" + interfaceTagsByFilters(filters: [EntityFilterInput!]!) : [InterfaceTag!]! +} + +extend type Mutation { + """ + Create or update existing interface tags. If an interface tag with the given name does not + exist, one will be created, otherwise the existing one will be updated. This returns the list of + entities created and/or updated + """ + setInterfaceTags(input: [InterfaceTagInput!]!): InterfaceTagsPayload! + + """ + Update an existing interface tag. Match is carried by refInput + """ + updateInterfaceTag(refInput: InterfaceTagRefInput!, input: InterfaceTagPartialInput!): InterfaceTagPayload! + + "Delete existing interface tags" + deleteInterfaceTags(refInputs: [InterfaceTagRefInput!]!): InterfaceTagsPayload! +} + +""" +Interface tags are named sets of IP address patterns used for network interface configuration. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields name,checksum +> @l7-excluded-fields +> @l7-name-fields name +> @l7-display-summary-fields name,ipPatterns +""" +type InterfaceTag { + "The goid for the Interface tag" + goid : ID! + "The interface tag name" + name : String! + "The configuration checksum of this interface tag" + checksum: String! + "The set of IP address patterns" + ipPatterns : [String!]! +} + +"The inputs sent with the setInterfaceTag Mutation" +input InterfaceTagInput { + "The goid for the interface tag" + goid : ID + "The name of the interface tag" + name: String! + "The set of IP address patterns" + ipPatterns: [String!]! + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"Reference input to identify the entity" +input InterfaceTagRefInput { + "The name of the interface tag" + name: String! +} + +"The inputs for partial update of interface tag" +input InterfaceTagPartialInput { + "The name of the interface tag" + name: String + "The set of IP address patterns" + ipPatterns: [String!] +} + +type InterfaceTagPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The updated interface tag." + interfaceTag: InterfaceTag +} + +type InterfaceTagsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + interfaceTags: [InterfaceTag]! +} +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2025. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all JDBC Connections" + jdbcConnections : [JdbcConnection!]! + "Get JDBC Connection by name" + jdbcConnectionByName(name: String!) : JdbcConnection + "Get JDBC Connection by goid" + jdbcConnectionByGoid(goid: ID!) : JdbcConnection + "Get filtered JDBC Connections" + jdbcConnectionsByFilters(filters: [EntityFilterInput!]!) : [JdbcConnection!]! +} + +extend type Mutation { + """ + Create a JDBC connection. + If a JDBC connection with the same name already exists, the creation will fail. + NOTE: This is experimental method, likely to be removed or revised in future. + """ + createJdbcConnection(input : JdbcConnectionInput!): JdbcConnectionPayload! + + """ + Update an existing JDBC connection. Match is carried by refInput + """ + updateJdbcConnection(refInput: JdbcConnectionRefInput!, input: JdbcConnectionPartialInput!): JdbcConnectionPayload! + + """ + Update an existing JDBC connection with new properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input properties will preserve the current properties and will not delete any existing ones. + """ + updateJdbcConnectionProperties(refInput: JdbcConnectionRefInput!, properties: [EntityPropertyPartialInput!]!): JdbcConnectionPayload! + """ + Create or update JDBC connections. + If JDBC connection with the same name exist, the JDBC connection will be updated. + If no JDBC connection with the name exist, a new JDBC connection will be created. + """ + setJdbcConnections(input: [JdbcConnectionInput!]!): JdbcConnectionsPayload! + + """ + Delete one or more existing JDBC connections. + + Matching can be done using either: + - refInputs: Array of JdbcConnectionRefInput objects (name) - recommended + - names: Array of JDBC connection names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteJdbcConnections(refInputs: [JdbcConnectionRefInput!], names: [String!]): JdbcConnectionsPayload +} + +""" +A JDBC connection. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,driverClass,jdbcUrl,username,enabled +> @l7-encrypted-fields password +> @l7-foreign-fields password|name|Secret +> @l7-alternative-fields +""" +type JdbcConnection { + "The goid for the JDBC Connection" + goid : ID! + "The JDBC Connection name" + name : String! + "The configuration checksum of this JDBC connection" + checksum: String! + + "Whether this JDBC connection is enabled" + enabled: Boolean! + "The JDBC driver class name" + driverClass: String! + "The JDBC url" + jdbcUrl : String! + "The username" + username: String! + "The password or the secure password reference." + password: String! + "The minimum connection pool size" + minPoolSize: NonNegativeInt! + "The maximum connection pool size" + maxPoolSize: PositiveInt! + "The JDBC connection properties excluding 'user' and 'password'" + properties: [EntityProperty!] +} + +input JdbcConnectionInput { + "The internal entity unique identifier" + goid: ID + "The JDBC Connection name" + name : String! + "The JDBC driver class name" + driverClass: String! + "The JDBC url" + jdbcUrl : String! + "Whether this JDBC connection is enabled" + enabled: Boolean! = true + "The username" + username: String! + "The password or the secured password reference" + password: String! + "The minimum connection pool size" + minPoolSize: NonNegativeInt! = 3 + "The maximum connection pool size" + maxPoolSize: PositiveInt! = 15 + "The JDBC connection properties excluding 'user' and 'password'" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input JdbcConnectionPartialInput { + "The internal entity unique identifier" + goid: ID + "The JDBC Connection name" + name : String + "The JDBC driver class name" + driverClass: String + "The JDBC url" + jdbcUrl : String + "Whether this JDBC connection is enabled" + enabled: Boolean + "The username" + username: String + "The password or the secured password reference" + password: String + "The minimum connection pool size" + minPoolSize: NonNegativeInt + "The maximum connection pool size" + maxPoolSize: PositiveInt + "The JDBC connection properties excluding 'user' and 'password'. When specified, will replace all existing properties" + properties: [EntityPropertyInput!] +} + +"Reference input to identify the entity" +input JdbcConnectionRefInput { + "The JDBC Connection name" + name: String! +} + +type JdbcConnectionPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The created JDBC connection." + jdbcConnection: JdbcConnection +} + +type JdbcConnectionsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The created/updated JDBC connections." + jdbcConnections: [JdbcConnection]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all JMS Destinations" + jmsDestinations : [JmsDestination!]! + "Get JMS Destination by goid" + jmsDestinationByGoid(goid: ID!) : JmsDestination + """ + Get JMS Destination by name. + Here, name can be fully qualified to select JMS destination uniquely. + Fully qualified name can be composed as: .. + """ + jmsDestinationByName(name: String!) : JmsDestination @deprecated(reason: "Use 'jmsDestinationsByName' instead.") + """ + Get JMS Destinations by name. + Here, name can be fully qualified to select JMS destinations accurately. + Fully qualified name can be composed as: .. + """ + jmsDestinationsByName(name: String!) : [JmsDestination!]! + "Get filtered JMS Destinations" + jmsDestinationsByFilters(filters: [EntityFilterInput!]!) : [JmsDestination!]! +} + +extend type Mutation { + """ + Create or update JMS destinations. + If JMS destination exists, the JMS destination will be updated. + If no JMS destination with given name, direction, providerType exist, a new JMS destination will be created. + """ + setJmsDestinations(input: [JmsDestinationInput!]!): JmsDestinationsPayload! + + """ + Deletes JMS destinations. Use simple name or fully qualified name of JMS destinations to delete. + """ + deleteJmsDestinations( + names: [String!]!): JmsDestinationsPayload +} + +""" +A JMS destination (queue or topic). +> @l7-entity +> @l7-identity-fields name,direction,providerType +> @l7-summary-fields goid,name,direction,providerType,checksum +> @l7-name-fields name,direction,providerType +> @l7-display-summary-fields name,direction,providerType,destinationName,jndiUrl,enabled +> @l7-encrypted-fields jndiPassword,destinationPassword +> @l7-foreign-fields jndiPassword|name|Secret,destinationPassword|name|Secret +""" +type JmsDestination { + "The goid for the JMS Destination" + goid : ID! + "The goid for the JMS Connection" + connectionGoid : ID! + "The JMS Destination name" + name : String! + "The JMS Destination direction (INBOUND or OUTBOUND)" + direction: String! + "The JMS provider type (GENERIC JMS or TIBCO EMS or WEBSPHERE MQ OVER LDAP or WEBLOGIC JMS" + providerType : String! + "The configuration checksum of this JMS destination" + checksum: String! + + "Whether this JMS destination is enabled" + enabled: Boolean! + "Whether this JMS destination is template" + template: Boolean! + "The initial context factory class name" + initialContextFactoryClassname: String + "The connection factory name" + connectionFactoryName: String + "The JNDI URL" + jndiUrl: String + "The JNDI username" + jndiUsername: String + "The JNDI password" + jndiPassword: String + "The JNDI SSL details" + jndiSslDetails: JmsSslDetails! + + "The destination type" + destinationType: String! + "The destination name" + destinationName: String + "The username for destination connection" + destinationUsername: String + "The password for destination connection" + destinationPassword: String + "The destination SSL details" + destinationSslDetails: JmsSslDetails! + + "The remaining JMS Destination properties that include inbound options or outbound options or additional properties" + properties: [EntityProperty!] +} + +"A JMS SSL Details" +type JmsSslDetails { + "Whether SSL is enabled" + sslEnabled: Boolean! + "Whether SSL is used for Authentication only" + sslForAuthenticationOnly: Boolean! + "Whether SSL Server Certificate is to be verified" + sslVerifyServerCertificate: Boolean! + "Whether SSL Server Hostname is to be verified" + sslVerifyServerHostname: Boolean! + "Private Key Alias for SSL Client Authentication" + sslClientKeyAlias: String +} + +input JmsDestinationInput { + "The internal entity unique identifier" + goid: ID + connectionGoid: ID + "The JMS Destination name" + name : String! + "The JMS Destination direction (inbound or outbound)" + direction: String! + "The JMS provider type" + providerType : String! + "The initial context factory class name" + initialContextFactoryClassname: String + "The connection factory name" + connectionFactoryName: String + "The JNDI URL" + jndiUrl: String + "The JNDI username" + jndiUsername: String + "The JNDI password" + jndiPassword: String + "The JNDI SSL details" + jndiSslDetails: JmsSslDetailsInput + "The destination type" + destinationType: String! + "The destination name" + destinationName: String + "The username for destination connection" + destinationUsername: String + "The password for destination connection" + destinationPassword: String + "The destination SSL details" + destinationSslDetails: JmsSslDetailsInput + "Whether this JMS destination is template" + template: Boolean! + "Whether this JMS destination is enabled" + enabled: Boolean! + "The remaining JMS Destination properties that include inbound options or outbound options or additional properties" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input JmsSslDetailsInput { + "Whether SSL is enabled" + sslEnabled: Boolean! + "Whether SSL is used for Authentication only" + sslForAuthenticationOnly: Boolean! + "Whether SSL Server Certificate is to be verified" + sslVerifyServerCertificate: Boolean! + "Whether SSL Server Hostname is to be verified" + sslVerifyServerHostname: Boolean! + "Private Key Alias for SSL Client Authentication" + sslClientKeyAlias: String +} + +type JmsDestinationsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The created/updated JMS destinations." + jmsDestinations: [JmsDestination]! +} + +input JmsDestinationMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a JmsDestination entity uniquely" + source: JmsDestinationRefInput +} + +input JmsDestinationRefInput { + "The JMS Destination name" + name: String! + "The JMS Destination direction (inbound or outbound)" + direction: String! + "The JMS provider type" + providerType: String! +} +extend type Query { + """ + (Experimental) + Get the Kerberos configurations. + """ + kerberosConfigs: [KerberosConfig!]! + """ + (Experimental) + Get filtered Kerberos configurations. + """ + kerberosConfigsByFilters(filters: [EntityFilterInput!]!): [KerberosConfig!]! +} + +extend type Mutation { + """ + (Experimental) + Create/update the Kerberos configurations. + Automatically generates the Kerberos login config file, "login.config", and Kerberos config file, "krb5.conf" (unless either or both the cluster-wide property kerberos.krb5Config.overwrite=false/kerberos.loginConfig.overwrite=false and it is set in the mutation). + """ + setKerberosConfigs(input: [KerberosConfigInput!]!): KerberosConfigPayload + + """ + (Experimental) + Delete the Kerberos keytab. The config files "krb5.conf" and "login.config" are not deleted. + """ + deleteKerberosConfigs(refInputs: [KerberosConfigRefInput!], names: [String]): KerberosConfigPayload +} + +""" +A trusted certificate in the gateway truststore. +> @l7-entity kerberosConfig|kerberosConfigs +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name +> @l7-encrypted-fields keytab +> @l7-deprecated-fields conf +""" +type KerberosConfig { + "The goid for this keytab" + goid : ID! + + """ + The name of the keytab. It will always be set to "krb5.keytab". + """ + name: String! + + "The configuration checksum of this keytab" + checksum: String! + + """ + The encrypted Kerberos keytab. + """ + keytab: String + + """ + (Deprecated) The Kerberos configuration, "krb5.conf". + """ + conf: String @deprecated(reason: "Use 'krb5Conf' instead.") + + """ + The Kerberos configuration, "krb5.conf". + """ + krb5Conf: String + + """ + The Kerberos login configuration, "login.config". + """ + loginConf: String +} + +type KerberosConfigPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + kerberosConfigs: [KerberosConfig]! +} + +input KerberosConfigRefInput { + "The name of keytab" + name: String +} + +input KerberosConfigInput { + "The goid for this keytab" + goid : ID + + "The name of keytab" + name: String + + "The configuration checksum of this keytab" + checksum: String + + """ + The encrypted Kerberos keytab. + """ + keytab: String + + """ + (Deprecated) The Kerberos configuration, "krb5.conf" in its INI format. + NOTE: krb5Conf takes the precedence ove this input. + """ + conf: String + + """ + The Kerberos configuration, "krb5.conf" in its INI format. + """ + krb5Conf: String + + """ + The Kerberos login configuration, "login.config" in its INI format. + """ + loginConf: String +}# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Mutation { + "Generate Certificate Signing Request" + generateCSR(alias: String!, params: CSRGenerateParamsInput!) : KeyCSRPayload + "Sign CSR" + signCSR(alias: String!, params: CSRSignParamsInput!) : KeyCertChainPayload + "Replace Certificate Chain" + replaceCertChain(alias: String!, params: KeyCertChainParamsInput!) : ReplaceCertChainPayload +} + +""" +The certificate signing request parameters +""" +input CSRGenerateParamsInput { + "The CSR subject dn to use. It defaults to the key's subject dn if none is specified." + subjectDn : String + "The subject alternative names" + subjectAlternativeNames : [EntityPropertyInput!] + "The signature hash to use" + hashAlgorithm : HashAlgorithm + "The signing algorithm to use" + signatureAlgorithm: SignatureAlgorithm + "Expiry age in days" + expiryAge: PositiveInt + "Not before" + notBefore: Date +} + +enum HashAlgorithm { + "SHA1 hash algorithm" + SHA1, + "SHA256 hash algorithm" + SHA256, + "SHA384 hash algorithm" + SHA384, + "SHA512 hash algorithm" + SHA512 +} +enum SignatureAlgorithm { + "RSASSA-PSS signing Algorithm" + RSASSA_PSS +} + +type KeyCSRPayload { + "Key CSR" + csr: KeyCSR + +} + +type KeyCSR { + "Key for which csr is generated" + issuedTo : String + "CSR data in pem format." + pem : String +} + +type KeyCertChainPayload { + "Key Certificate chain" + chain : KeyCertChain +} + +type KeyCertChain { + "Key for which cert chain is created" + issuedTo : String + "Signer Key" + issuedBy : String + "Signed Cert chain in pem format." + certChain : [String!] +} + +input KeyCSRInput { + "CSR data in pem format." + pem : String! + "Key for which csr is generated" + issuedTo : String +} + +input CSRSignParamsInput { + "The CSR subject dn to use. It defaults to the key's subject dn if none is specified." + subjectDn : String + "The signature hash to use" + hashAlgorithm : HashAlgorithm + "The signing algorithm to use" + signatureAlgorithm: SignatureAlgorithm + "Expiry age in days" + expiryAge: PositiveInt + "Not before" + notBefore: Date + "Key CSR" + csr: KeyCSRInput! +} + +input KeyCertChainParamsInput { + "Certificate chain to be replaced" + certChain: [String!]! + "Replace All matching certificates flag" + replaceAllMatchingCerts: Boolean +} + +type ReplaceCertChainPayload { + "List of updated key aliases" + affectedKeyAliases : [String!] +} +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2025. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all listen ports" + listenPorts : [ListenPort!]! + "Get the listen port by goid" + listenPortByGoid(goid : ID!) : ListenPort + "Get the listen port by name" + listenPortByName(name : String!) : ListenPort + "Get the listen ports by protocol" + listenPortsByProtocol(protocol: String!) : [ListenPort!]! + "Get filtered listen ports" + listenPortsByFilters(filters: [EntityFilterInput!]!) : [ListenPort!]! +} + +extend type Mutation { + #Create or update existing listen ports. + #Match is carried by name. If match is found, it will be updated. Otherwise, it will be created. + """ + Create or update Listen Ports. + If Listen Port with the same name exist, the Listen Port will be updated. + If no Listen Port with the name exist, a new Listen Port will be created. + """ + setListenPorts(input: [ListenPortInput!]!): ListenPortsPayload! + + """ + Delete one or more existing listen ports. + + Matching can be done using either: + - refInputs: Array of ListenPortRefInput objects (name) - recommended + - names: Array of listen port names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteListenPorts(refInputs: [ListenPortRefInput!], names: [String!]): ListenPortsPayload! + + """ + Update an existing ListenPort. Match is carried by refInput. + """ + updateListenPort(refInput: ListenPortRefInput!, input: ListenPortPartialInput!): ListenPortPayload! + + """ + Update an existing ListenPort with new properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input properties will preserve the current properties and will not delete any existing ones. + """ + updateListenPortProperties(refInput: ListenPortRefInput!, properties: [EntityPropertyPartialInput!]!): ListenPortPayload! +} + +enum ListenPortFeature { + PUBLISHED_SERVICE_MESSAGE_INPUT + POLICY_MANAGER_ACCESS + ENTERPRISE_MANAGER_ACCESS + ADMINISTRATIVE_ACCESS + BROWSER_BASED_ADMINISTRATION + POLICY_DOWNLOAD_SERVICE + PING_SERVICE + WS_TRUST_SECURITY_TOKEN_SERVICE + CERTIFICATE_SIGNING_SERVICE + PASSWORD_CHANGING_SERVICE + WSDL_DOWNLOAD_SERVICE + SNMP_QUERY_SERVICE + BUILT_IN_SERVICES + NODE_CONTROL + INTER_NODE_COMMUNICATION +} + +enum ListenPortClientAuth { + NONE + OPTIONAL + REQUIRED +} + +""" +Listen Port TLS Settings +> @l7-foreign-fields keystoreId|keystoreId|Key,keyAlias|alias|Key +""" +type ListenPortTlsSettings { + "Specify whether the client must present a certificate to authenticate: NONE/OPTIONAL/REQUIRED" + clientAuthentication: ListenPortClientAuth! + "Keystore ID" + keystoreId: ID + "Key alias configured for listen port" + keyAlias: String + "TLS versions to be enabled for the listen port" + tlsVersions: [String!]! + "Cipher suites that will be enabled on the SSL listen port" + cipherSuites: [String!] + "Enforces cipher suites usage in the order of preference" + useCipherSuitesOrder: Boolean! +} + +""" +A listen port (Layer7 Gateway connector). +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,protocol,port,checksum +> @l7-excluded-fields hardwiredService +> @l7-name-fields name +> @l7-display-summary-fields name,protocol,port,properties[name=bindAddress].value +> @l7-foreign-fields hardwiredServiceName|name|L7Service,tlsSettings.keystoreId|keystoreId|Key,tlsSettings.keyAlias|alias|Key +""" +type ListenPort { + "The internal entity unique identifier" + goid : ID! + "The listen port configuration name" + name : String! + """ + Protocol (scheme). Possible values are: + HTTP + HTTPS + HTTP2 + HTTP2 (Secure) + FTP + FTPS + l7.raw.tcp + SSH2 + """ + protocol: String! + """ + The ListenPort's port number + Note: If the listen port is using the SSH2 protocol, avoid using port 22, as it may conflict with the default SSH port 22 on Linux or Unix systems. + """ + port : PositiveInt! + "The configuration checksum" + checksum: String! + + "Whether this listen port configuration is enabled" + enabled : Boolean! + "The name of the published service hardwired to the listen port" + hardwiredServiceName: String + "Which Gateway services can be accessed through this listen port" + enabledFeatures: [ListenPortFeature!]! + "The listen port tls settings" + tlsSettings: ListenPortTlsSettings + "The listen port properties" + properties: [EntityProperty!] + + "The published service hardwired to the listen port" + hardwiredService: HardwiredService +} + +input ListenPortInput { + "The internal entity unique identifier" + goid: ID + "The listen port configuration name" + name: String! + "Whether this listen port configuration is enabled to listen for traffic on the specified port" + enabled: Boolean! + """ + Protocol (scheme). Possible values are: + HTTP + HTTPS + HTTP2 + HTTP2 (Secure) + FTP + FTPS + l7.raw.tcp + SSH2 + """ + protocol: String! + """ + The ListenPort's port number + Note: If the listen port is using the SSH2 protocol, avoid using port 22, as it may conflict with the default SSH port 22 on Linux or Unix systems. + """ + port : PositiveInt! + "The name of the published service hardwired to the listen port" + hardwiredServiceName: String + "Which Gateway services can be accessed through this listen port" + enabledFeatures: [ListenPortFeature!]! + "The listen port tls settings" + tlsSettings: ListenPortTlsSettingsInput + "The listen port properties" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"Reference input to identify the entity" +input ListenPortRefInput { + "The listen port configuration name" + name: String! +} + +input ListenPortPartialInput { + "The internal entity unique identifier" + goid: ID + "The listen port configuration name" + name: String + "Whether this listen port configuration is enabled to listen for traffic on the specified port" + enabled: Boolean + """ + Protocol (scheme). Possible values are: + HTTP + HTTPS + HTTP2 + HTTP2 (Secure) + FTP + FTPS + l7.raw.tcp + SSH2 + """ + protocol: String + """ + The ListenPort's port number + Note: If the listen port is using the SSH2 protocol, avoid using port 22, as it may conflict with the default SSH port 22 on Linux or Unix systems. + """ + port : PositiveInt + "The name of the published service hardwired to the listen port" + hardwiredServiceName: String + "Which Gateway services can be accessed through this listen port" + enabledFeatures: [ListenPortFeature!] + "The listen port tls settings" + tlsSettings: ListenPortTlsSettingsInput + "The listen port properties" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input ListenPortTlsSettingsInput { + "Specify whether the client must present a certificate to authenticate: NONE/OPTIONAL/REQUIRED" + clientAuthentication: ListenPortClientAuth! + "Keystore ID" + keystoreId: ID + "Key alias configured for listen port" + keyAlias: String + "TLS versions to be enabled for the listen port" + tlsVersions: [String!]! + "Cipher suites that will be enabled on the SSL listen port" + cipherSuites: [String!] + "Enforces cipher suites usage in the order of preference" + useCipherSuitesOrder: Boolean! +} + +type ListenPortPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + listenPort: ListenPort +} + +type ListenPortsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + listenPorts: [ListenPort]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get All LogSinks" + logSinks: [LogSink!]! + "Get the LogSink by goid" + logSinkByGoid(goid : ID!): LogSink + "Get the LogSink with the given name" + logSinkByName(name : String!): LogSink + "Get filtered LogSinks" + logSinksByFilters(filters: [EntityFilterInput!]!): [LogSink!]! +} + +extend type Mutation { + """ + Create or update Log Sinks. + If Log Sink with the same name exist, the Log Sink will be updated. + If no Log Sink with the name exist, a new Log Sink will be created. + """ + setLogSinks(input: [LogSinkInput!]!): LogSinksPayload! + + """ + Delete one or more existing log sinks. + + Matching can be done using either: + - refInputs: Array of LogSinkRefInput objects (name) - recommended + - names: Array of log sink names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteLogSinks(refInputs: [LogSinkRefInput!], names: [String!]): LogSinksPayload! +} + +""" +A Log sink. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,type,description,enabled +""" +type LogSink { + "The internal entity unique identifier" + goid : ID! + "log sink unique name" + name: String! + "The configuration checksum" + checksum: String! + "description of log sink" + description: String + "defines whether its a file based log Or sysLog" + type: LogSinkType! + "Whether this log sink is enabled" + enabled: Boolean! + "defines the severity threshold of log Sink" + severity: LogSeverityThreshold! + "defines list of categories" + categories: [LogSinkCategory!]! + "defines syslog host list" + syslogHosts: [String!] + "defines list of Log sink filters" + filters: [LogSinkFilter!] + "defines list of log Sink properties" + properties: [EntityProperty!]! +} + +input LogSinkInput { + "The internal entity unique identifier" + goid : ID + "log sink unique name" + name: String! + "description of log sink" + description: String + "defines whether its a file based log or sysLog" + type: LogSinkType! + "Whether this log sink is enabled" + enabled: Boolean! + "defines the severity threshold of log Sink" + severity: LogSeverityThreshold! + "defines list of categories" + categories: [LogSinkCategory!]! + "defines syslog host list" + syslogHosts: [String!] + "defines list of Log sink filters" + filters: [LogSinkFilterInput!] + "defines list of log Sink properties" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"Reference input to identify the log sink" +input LogSinkRefInput { + "log sink unique name" + name: String! +} + +"Indicates severity threshold of the log sink" +enum LogSeverityThreshold { + ALL, + FINEST, + FINER, + FINE, + CONFIG, + INFO, + WARNING, + SEVERE +} + +"Indicates the type of sink . File Based Or SYSLOG based" +enum LogSinkType { + FILE, + SYSLOG +} + +"Indicates the Sink Category" +enum LogSinkCategory{ + LOG, + TRAFFIC, + AUDIT, + SSPC +} +"Indicate the long sink filter, consist of a type and list of values" +type LogSinkFilter { + "defines the type of log sink" + type: String! + "defines the list of values" + values: [String!]! +} + +"Indicate the long sink filter, consist of a type and list of values" +input LogSinkFilterInput { + "defines the type of log sink" + type: String! + "defines the list of values" + values: [String!]! +} + +type LogSinksPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + logSinks: [LogSink]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get Password Policy" + passwordPolicy : PasswordPolicy! + "Get Password Policies" + passwordPolicies : [PasswordPolicy!]! + "Get filtered Password Policies" + passwordPoliciesByFilters(filters: [EntityFilterInput!]!) : [PasswordPolicy!]! +} + +""" +An identity provider's password policy. +> @l7-entity +> @l7-identity-fields goid +> @l7-summary-fields goid,checksum +> @l7-display-summary-fields goid +""" +type PasswordPolicy { + "The internal entity unique identifier" + goid : ID! + "The configuration checksum" + checksum : String! + "Force password change for new user and reset" + forcePasswordChangeNewUser : Boolean! + "To enable/disable no repeating characters" + noRepeatingCharacters : Boolean! + "Minimum Password Length - Enter the minimum number of characters ranging from 3 to 128 required for the password." + minPasswordLength : Int! + "Maximum Password Length - Enter the maximum number of characters ranging from 3 to 128 required for the password." + maxPasswordLength : Int! + "Set the number of uppercase letters that are required for the password. ranging from 1 to 128" + upperMinimum : Int! + "Set the number of lowercase letters that are required for the password. ranging from 1 to 128" + lowerMinimum : Int! + "Sets how many numbers (0-9) are required for the password. ranging from 1 to 128" + numberMinimum : Int! + "Sets how many symbol characters are required for the password. ranging from 1 to 128" + symbolMinimum : Int! + "Sets how many non numeric characters are required for the password. ranging from 1 to 128" + nonNumericMinimum : Int! + "Sets how many characters are required for the password. ranging from 1 to 128" + charDiffMinimum : Int! + "Enter the number of times, between 1 and 50, that a new password must be different from the current password" + repeatFrequency : Int! + "Days required for the password to be expired. ranging from 1 to 1825" + passwordExpiry : Int! + "Allow One Password Change Per 24 Hours" + allowableChangesPerDay : Boolean! +} + +extend type Mutation { + "Set/Update the Password Policies" + setPasswordPolicies(input : [PasswordPolicyInput!]!) : PasswordPoliciesPayLoad! +} + +type PasswordPoliciesPayLoad { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + passwordPolicies: [PasswordPolicy]! +} + +input PasswordPolicyInput { + "The internal entity unique identifier" + goid : ID + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + "Force password change for new user and reset" + forcePasswordChangeNewUser : Boolean! + "To enable/disable no repeating characters" + noRepeatingCharacters : Boolean! + "Minimum Password Length - Enter the minimum number of characters ranging from 3 to 128 required for the password." + minPasswordLength : Int! + "Maximum Password Length - Enter the maximum number of characters ranging from 3 to 128 required for the password." + maxPasswordLength : Int! = 32 + "Set the number of uppercase letters that are required for the password. ranging from 1 to 128" + upperMinimum : Int! = 1 + "Set the number of lowercase letters that are required for the password. ranging from 1 to 128" + lowerMinimum : Int! = 1 + "Sets how many numbers (0-9) are required for the password. ranging from 1 to 128" + numberMinimum : Int! = 1 + "Sets how many symbol characters are required for the password. ranging from 1 to 128" + symbolMinimum : Int! = 1 + "Sets how many non numeric characters are required for the password. ranging from 1 to 128" + nonNumericMinimum : Int! = -1 + "Sets how many characters are required for the password. ranging from 1 to 128" + charDiffMinimum : Int! = 4 + "Enter the number of times, between 1 and 50, that a new password must be different from the current password" + repeatFrequency : Int! = 10 + "Days required for the password to be expired. ranging from 1 to 1825" + passwordExpiry : Int! = 90 + "Allow One Password Change Per 24 Hours" + allowableChangesPerDay : Boolean! +} + +input PasswordPolicyMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a PasswordPolicy entity uniquely" + source: PasswordPolicyRefInput +} + +input PasswordPolicyRefInput { + "The internal entity unique identifier" + goid: ID! +} +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all policies" + policies : [L7Policy!]! + + "Get policies inside a folder" + policiesByFolderPath(folderPath: String!) : [L7Policy!]! + + "Get specified type policies" + policiesByType(policyType: L7PolicyType!, tag: String, subTag: String) : [L7Policy!]! + + "Get specified type policies inside a folder" + policiesByFolderPathAndType(folderPath: String!, policyType: L7PolicyType!, tag: String, subTag: String) : [L7Policy!]! + + "Get policy by goid" + policyByGoid(goid: ID!) : L7Policy + + "Get policy by name" + policyByName(name: String!) : L7Policy + + "Get policy by guid" + policyByGuid(guid: ID!) : L7Policy + + "(Deprecated) Get policy and it's revision by name and revision ordinal" + policyByNameAndRevision(name: String!, revision: Long!) : L7Policy @deprecated(reason: "Use 'policyByName' instead along with the selector over 'policyRevisions'.") + + "Get filtered policies" + policiesByFilters(filters: [EntityFilterInput!]!) : [L7Policy!]! +} + +extend type Mutation { + "Create or update policies" + setPolicies(input: [L7PolicyInput!]!) : L7PoliciesPayload! + + """" + Set active revision for the policies. + By default, it chooses the latest revision as active. If the latest revision available is already active, does nothing. + """ + setPolicyRevisions(input: [L7PolicyPartialInput!]!) : L7PoliciesPayload! + + """" + Delete policies. + + This mutation supports two ways to identify policies for deletion: + 1. **refInputs** (recommended): A list of PolicyRefInput objects that uniquely identify policies by name, policyType, and optional tag/subTag + 2. **names** (deprecated): A list of policy names as strings + + When both arguments are provided, refInputs takes precedence and names is ignored. + At least one argument must be provided with a non-empty list. + """ + deletePolicies(refInputs: [PolicyRefInput!], names: [String!] @deprecated(reason: "Use 'refInputs' instead for more precise policy identification")) : L7PoliciesPayload! + + "Update an existing policy. Match is carried by refInput" + updatePolicy(refInput: PolicyRefInput!, input: L7PolicyPartialInput!) : L7PolicyPayload! + + "Update existing revision (comment and/or active) for the specified policy" + updatePolicyRevision(refInput: PolicyRefInput!, revision: Long!, activate: Boolean, comment: String) : L7PolicyPayload! + + "(Deprecated) Update existing revision (comment and/or active) for the policies" + updatePoliciesRevision(input: [L7PolicyPartialInput!]!, activate: Boolean!, comment: String) : L7PoliciesPayload! +} + + """ + A Layer7 gateway policy +> @l7-entity policy|policies +> @l7-identity-fields name,policyType +> @l7-summary-fields goid,guid,name,policyType,tag,subTag,checksum +> @l7-excluded-fields policy.directDependencies,policy.allDependencies,version,policyRevision,policyRevisions +> @l7-name-fields name +> @l7-display-summary-fields name,policyType,enabled +> @l7-alternative-fields policy.xml|policy.json|policy.yaml|policy.code,policyRevision.xml|policyRevision.json|policyRevision.yaml|policyRevision.code,policyRevisions.xml|policyRevisions.json|policyRevisions.yaml|policyRevisions.code + """ + type L7Policy { + "The goid for this policy" + goid : ID! + "The guid for this policy" + guid : ID! + "The name of the policy (policies are unique by name)" + name: String! + "The type of policy" + policyType: L7PolicyType! + "The policy tag" + tag: String + "The policy sub-tag" + subTag: String + "The configuration checksum" + checksum: String! + + "The policy version" + version: Int + + "Is the policy enabled or not" + enabled: Boolean! + + "The folder path to the policy" + folderPath: String! + "Is soap" + soap: Boolean + + "The actual policy and dependencies" + policy: Policy! + "(Deprecated) The policy revision. It can be either the active revision or the specific one when queried explicitly." + policyRevision: PolicyRevision + """ + The policy revisions. + When [selected] argument is not empty, selected revisions will be returned. + If not, all the revisions will be returned. + NOTE: Use 0 to select active revision. Use -1 to select latest revision. + """ + policyRevisions(selected: [Long!]): [PolicyRevision!]! + } + + type L7PolicyPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + policy: L7Policy + } + + type L7PoliciesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + policies: [L7Policy]! + } + + enum L7PolicyType { + FRAGMENT + PRE_ROUTING_FRAGMENT + SUCCESSFUL_ROUTING_FRAGMENT + FAILED_ROUTING_FRAGMENT + AUTHENTICATION_SUCCESS_FRAGMENT + AUTHENTICATION_FAILURE_FRAGMENT + AUTHORIZATION_SUCCESS_FRAGMENT + AUTHORIZATION_FAILURE_FRAGMENT + GLOBAL + INTERNAL + POLICY_BACKED_IDP + POLICY_BACKED_OPERATION + POLICY_BACKED_BACKGROUND_TASK + POLICY_BACKED_SERVICE_METRICS + } + + """ + Wrapper for the policy XML and the dependencies they include + > @l7-excluded-fields json,yaml,code,directDependencies,allDependencies + > @l7-alternative-fields xml|json|yaml|code,json|xml|yaml|code,yaml|xml|json|code,code|xml|json|yaml + """ + type Policy { + "The policy XML" + xml: String + "The policy JSON" + json: String + "The policy YAML" + yaml: String + "The policy code" + code: JSON + "Entities that are directly referred to inside the policy XML" + directDependencies: PolicyDependency + "Entities that are directly referred to inside the policy XML in addition to ones in policy dependencies. More than second level, this keep going as deep as needed until no dependencies are found" + allDependencies: PolicyDependency + } + + """ + Wrapper for the policy revision + > @l7-excluded-fields json,yaml,code + > @l7-alternative-fields xml|json|yaml|code,json|xml|yaml|code,yaml|xml|json|code,code|xml|json|yaml + """ + type PolicyRevision { + goid: ID! + ordinal: Long! + active: Boolean! + comment: String + author: String + time: DateTime! + "The policy XML" + xml: String + "The policy JSON" + json: String + "The policy YAML" + yaml: String + "The policy code" + code: JSON + } + + """ + Policy Dependency contains all dependencies that may be referred to from the policy XML this is associated with + > @l7-excluded-fields fips,fipUsers,fipGroups,ldaps,policyFragments + """ + type PolicyDependency { + "Active Connectors (SFTP, MQ Native, Kafka)" + activeConnectors: [ActiveConnector] + "Cassandra connections" + cassandraConnections: [CassandraConnection] + "Cluster properties" + clusterProperties : [ClusterProperty] + "Custom key values" + customKeyValues: [CustomKeyValue] + "DTDs in global resources" + dtds: [Dtd] + "Email Listeners" + emailListeners: [EmailListener] + "Encass Configs" + encassConfigs : [EncassConfig] + + "Federated identity provider configurations" + fips : [Fip] + "Federated identity provider groups" + fipGroups : [FipGroup] + "Federated identity provider users" + fipUsers : [FipUser] + "Federated identity provider configurations" + federatedIdps : [FederatedIdp] + "Federated identity provider groups" + federatedGroups : [FederatedGroup] + "Federated identity provider users" + federatedUsers : [FederatedUser] + "Internal IDP providers" + internalIdps: [InternalIdp] + "Internal idp groups" + internalGroups : [InternalGroup] + "Internal idp users" + internalUsers : [InternalUser] + + "JDBC connections" + jdbcConnections: [JdbcConnection] + "JMS destinations" + jmsDestinations: [JmsDestination] + "Private Keys" + keys : [Key] + "Ldap identity provider configurations" + ldaps : [Ldap] + "Ldap identity provider configurations" + ldapIdps : [LdapIdp] + "Listen Ports" + listenPorts: [ListenPort] + "Layer7 Services" + services: [L7Service] + "Layer7 Policies" + policies: [L7Policy] + "Policy Fragments" + policyFragments : [PolicyFragment] + "Revocation Check Polices" + revocationCheckPolicies: [RevocationCheckPolicy] + "Schemas in global resources" + schemas: [Schema] + secrets : [Secret] + "Server module files (signed modular or custom assertions)" + serverModuleFiles: [ServerModuleFile] + "Siteminder Configurations" + smConfigs: [SMConfig] + "Trusted certificates" + trustedCerts : [Certificate] + "Simple Ldaps" + simpleLdapIdps : [SimpleLdapIdp] + "Policy Backed Idps" + policyBackedIdps : [PolicyBackedIdp] + "Generic Entities" + genericEntities : [GenericEntity] + "Policy Backed Services" + policyBackedServices: [PolicyBackedService] + } + + input PolicyInput { + "The policy xml" + xml: String + "The policy JSON" + json: String + "The policy YAML" + yaml: String + "The policy code" + code: JSON + } + + input L7PolicyInput { + "The internal entity unique identifier" + goid: ID + "The folder path where to create this policy. If the path does not exist, it will be created" + folderPath: String! + "The name of the policy. Policies are unique by name." + name: String! + "The guid for this policy, if none provided, assigned at creation" + guid : ID + "The policy" + policy: PolicyInput! + "(Deprecated) The policy revision." + policyRevision: PolicyRevisionInput + "The policy revisions." + policyRevisions: [PolicyRevisionInput!] + + soap: Boolean = false + policyType: L7PolicyType! + tag: String + subTag: String + + "The policy version" + version: Int + + "Is the policy enabled or not" + enabled: Boolean = true + + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + } + + input L7PolicyPartialInput { + "The internal entity unique identifier" + goid: ID + "The folder path where to create this policy. If the path does not exist, it will be created" + folderPath: String + "The name of the policy. Policies are unique by name." + name: String + "The guid for this policy, if none provided, assigned at creation" + guid : ID + "The policy" + policy: PolicyInput + "(Deprecated) The policy revision." + policyRevision: PolicyRevisionInput + "The policy revisions." + policyRevisions: [PolicyRevisionInput!] + + "The policy version" + version: Int + "Is the policy enabled or not" + enabled: Boolean + soap: Boolean = false + policyType: L7PolicyType + tag: String + subTag: String + + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + } + + input PolicyRevisionInput { + goid: ID + ordinal: Long! + active: Boolean + comment: String + author: String + time: DateTime + "The policy XML" + xml: String + "The policy JSON" + json: String + "The policy YAML" + yaml: String + "The policy code" + code: JSON + } + +input PolicyMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a Policy entity uniquely" + source: PolicyRefInput +} + +input PolicyRefInput { + "The name of the policy. Policies are unique by name." + name: String! + policyType: L7PolicyType! + tag: String + subTag: String +} +# +# Copyright (c) 2025. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all policy-backed services" + policyBackedServices: [PolicyBackedService!]! + "Get the policy-backed service by goid" + policyBackedServiceByGoid(goid : ID!) : PolicyBackedService + "Get the policy-backed service by name" + policyBackedServiceByName(name : String!) : PolicyBackedService + "Get filtered policy-backed services" + policyBackedServicesByFilters(filters: [EntityFilterInput!]!): [PolicyBackedService!]! +} + +extend type Mutation { + """ + Create or update existing policy-backed service. + Match is carried by name. If match is found, it will be updated. Otherwise, it will be created. + """ + setPolicyBackedServices(input: [PolicyBackedServiceInput!]!): PolicyBackedServicesPayload! + + "Delete existing policy-backed service. Match is carried by name." + deletePolicyBackedServices(names: [String!]!): PolicyBackedServicesPayload! +} + +""" +A policy-backed service that represents one or more operations backed by a designated policy. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,interfaceName,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,interfaceName +> @l7-foreign-fields operations.policyName|name|L7Policy +""" +type PolicyBackedService { + "The goid for the policy-backed service" + goid : ID! + "The policy-backed service name" + name : String! + "The policy-backed service interface name" + interfaceName: String! + "The configuration checksum of this policy-backed service" + checksum : String! + + "The policy-backed service operations" + operations: [PolicyBackedServiceOperation!]! +} + +""" +A policy-backed service operation +> @l7-foreign-fields policyName|name|L7Policy +""" +type PolicyBackedServiceOperation { + "An operation associated with a policy-backed service" + operationName: String! + "A backed policy defining the operation" + policyName: String! +} + +input PolicyBackedServiceInput { + "The internal entity unique identifier" + goid: ID + "The policy-backed service name" + name: String! + "The policy-backed service interface name" + interfaceName: String! + "The policy-backed service operations" + operations: [PolicyBackedServiceOperationInput!]! + + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +input PolicyBackedServiceOperationInput { + "An operation associated with a policy-backed service" + operationName: String! + "A backed policy defining the operation" + policyName: String! +} + +type PolicyBackedServicesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The mutated policy-backed services" + policyBackedServices: [PolicyBackedService]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all policy fragments" + policyFragments : [PolicyFragment!]! @deprecated(reason: "Use 'policies' instead.") + "Get policy fragment by name" + policyFragmentByName(name: String!) : PolicyFragment @deprecated(reason: "Use 'policyByName' instead.") + "Get policy fragments inside a folder" + policyFragmentsByFolderPath(folderPath: String!) : [PolicyFragment!]! @deprecated(reason: "Use 'policiesByFolderPath' instead.") + "Get policy fragment by goid" + policyFragmentByGoid(goid: ID!) : PolicyFragment + "Get policy fragment by guid" + policyFragmentByGuid(guid: ID!) : PolicyFragment @deprecated(reason: "Use 'policyByGuid' instead.") + "Get all global policies" + globalPolicies : [GlobalPolicy!]! @deprecated(reason: "Use 'policies' instead.") + "Get global policy by tag" + globalPolicyByTag(tag: String!) : GlobalPolicy + "Get global policies inside a folder" + globalPoliciesByFolderPath(folderPath: String!) : [GlobalPolicy!]! @deprecated(reason: "Use 'policiesByFolderPath' instead.") +} + +extend type Mutation { + "Create or update policy fragments" + setPolicyFragments(input: [PolicyFragmentInput!]!) : PolicyFragmentsPayload! @deprecated(reason: "Use 'setPolicies' instead.") + "Delete policy fragments" + deletePolicyFragments(names: [String!]!) : PolicyFragmentsPayload! @deprecated(reason: "Use 'deletePolicies' instead.") + "Create or update global policies" + setGlobalPolicies(input: [GlobalPolicyInput!]!) : GlobalPoliciesPayload! @deprecated(reason: "Use 'setPolicies' instead.") + "Delete global policies" + deleteGlobalPolicies(tags: [String!]!) : GlobalPoliciesPayload! @deprecated(reason: "Use 'deletePolicies' instead.") +} + +""" +A Global policy. +> @l7-entity +> @l7-identity-fields tag +> @l7-summary-fields goid,guid,name,tag,checksum +> @l7-excluded-fields +> @l7-deprecated Use 'L7Policy' instead. +""" +type GlobalPolicy { + "The goid for this policy" + goid : ID! + "The guid for this policy" + guid : ID! + "The name of the policy (policies are unique by name)" + name: String! + """ + Global policy tag. Possible values are : + message-completed + message-received + post-security + post-service + pre-security + pre-service + """ + tag: String! + "The configuration checksum" + checksum: String! + + "The folder path where this policy is located" + folderPath: String! + "The actual policy and dependencies" + policy: Policy! +} + + """ + A policy fragment that can be included in another policy. + > @l7-entity + > @l7-identity-fields name + > @l7-summary-fields goid,guid,name,checksum + > @l7-excluded-fields + > @l7-deprecated Use 'L7Policy' instead. + """ + type PolicyFragment { + "The goid for this policy" + goid : ID! + "The guid for this policy" + guid : ID! + "The name of the policy (policies are unique by name)" + name: String! + "The configuration checksum" + checksum: String! + + "The folder path to the policy" + folderPath: String! + "Is soap" + soap: Boolean + "The actual policy and dependencies" + policy: Policy! + } + + input PolicyFragmentInput { + "The internal entity unique identifier" + goid: ID + "The folder path where to create this policy. If the path does not exist, it will be created" + folderPath: String! + "The name of the policy. Policies are unique by name." + name: String! + "The guid for this policy, if none provided, assigned at creation" + guid : ID + "The policy" + policy: PolicyInput! + soap: Boolean = false + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + } + +input GlobalPolicyInput { + "The name of the policy. Policies are unique by name." + name: String! + "The folder path where to create this policy. If the path does not exist, it will be created" + folderPath: String! + "The goid for this policy" + goid : ID + "The guid for this service, if none provided, assigned at creation" + guid : ID + """ + Global policy tag. Possible values are : + message-completed + message-received + post-security + post-service + pre-security + pre-service + """ + tag: String! + "The policy" + policy: PolicyInput! + soap: Boolean = false + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + + type PolicyFragmentsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + policyFragments: [PolicyFragment]! + } + +type GlobalPoliciesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + globalPolicies: [GlobalPolicy]! +} + +input GlobalPolicyMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a GlobalPolicy entity uniquely" + source: GlobalPolicyRefInput +} + +input GlobalPolicyRefInput { + """ + Global policy tag. Possible values are : + message-completed + message-received + post-security + post-service + pre-security + pre-service + """ + tag: String! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get Service Resolution Config" + serviceResolutionConfig : ServiceResolutionConfig! + "Get Service Resolution Configs" + serviceResolutionConfigs : [ServiceResolutionConfig!]! + "Get filtered Service Resolution Configs" + serviceResolutionConfigsByFilters(filters: [EntityFilterInput!]!) : [ServiceResolutionConfig!]! +} + +input ServiceResolutionConfigInput { + "The internal entity unique identifier" + goid : ID + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + "Only Services with a resolution path are accessible" + resolutionPathRequired : Boolean! + "Resolution paths are case sensitive" + resolutionPathCaseSensitive : Boolean! + "Allow resolution by L7-Original-URL header" + useL7OriginalUrl : Boolean! + "Allow resolution by Service GOID/OID in URLs" + useServiceGoid : Boolean! + "Use SOAP action" + useSoapAction : Boolean! + "Use SOAP body child namespace" + useSoapBodyChildNamespace : Boolean! +} + +extend type Mutation { + "Update Service Resolution Configs" + setServiceResolutionConfigs(input : [ServiceResolutionConfigInput!]!) : ServiceResolutionConfigsPayLoad! +} + +type ServiceResolutionConfigsPayLoad { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + serviceResolutionConfigs: [ServiceResolutionConfig]! +} + +""" +A Layer7 service resolution configuration. +> @l7-entity +> @l7-identity-fields goid +> @l7-summary-fields goid,checksum +> @l7-display-summary-fields goid +""" +type ServiceResolutionConfig { + "The internal entity unique identifier" + goid : ID! + "The configuration checksum" + checksum : String! + "Only Services with a resolution path are accessible" + resolutionPathRequired : Boolean! + "Resolution paths are case sensitive" + resolutionPathCaseSensitive : Boolean! + "Allow resolution by L7-Original-URL header" + useL7OriginalUrl : Boolean! + "Allow resolution by Service GOID/OID in URLs" + useServiceGoid : Boolean! + "Use SOAP action" + useSoapAction : Boolean! + "Use SOAP body child namespace" + useSoapBodyChildNamespace : Boolean! +} + +input ServiceResolutionConfigsMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a ServiceResolutionConfig entity uniquely" + source: ServiceResolutionConfigRefInput +} + +input ServiceResolutionConfigRefInput { + "The internal entity unique identifier" + goid: ID! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all RevocationCheckPolicies" + revocationCheckPolicies: [RevocationCheckPolicy!]! + "Get the RevocationCheckPolicy by goid" + revocationCheckPolicyByGoid(goid : ID!) : RevocationCheckPolicy + "Get the RevocationCheckPolicy by name" + revocationCheckPolicyByName(name : String!) : RevocationCheckPolicy + "Get filtered RevocationCheckPolicies" + revocationCheckPoliciesByFilters(filters: [EntityFilterInput!]!): [RevocationCheckPolicy!]! +} + +extend type Mutation { + """ + Create or update existing revocation check policies. + Match is carried by name. If match is found, it will be updated. Otherwise, it will be created. + """ + setRevocationCheckPolicies(input: [RevocationCheckPolicyInput!]!): RevocationCheckPoliciesPayload! + + """ + Delete one or more existing revocation check policies. + + Matching can be done using either: + - refInputs: Array of RevocationCheckPolicyRefInput objects (name) - recommended + - names: Array of revocation check policy names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteRevocationCheckPolicies(refInputs: [RevocationCheckPolicyRefInput!], names: [String!]): RevocationCheckPoliciesPayload! +} + +enum CertRevocationCheckPropertyType { + "Type for checking against a CRL from a URL contained in an X.509 Certificate" + CRL_FROM_CERTIFICATE + "Type for checking against a CRL from a specified URL" + CRL_FROM_URL + "Type for OCSP check against a responder URL contained in an X.509 Certificate" + OCSP_FROM_CERTIFICATE + "Type for OCSP check against a specified responder URL" + OCSP_FROM_URL +} + +enum OcspNonceUsage { + "To include nonce in OCSP requests" + INCLUDE_NONCE + "Do not include nonce in OCSP requests" + EXCLUDE_NONCE + "Let pkix.ocsp.useNonce cluster wide property decide" + USE_NONCE_CONDITIONALLY +} + +""" +> @l7-deprecated-fields signerThumbprintSha1s +> @l7-foreign-fields trustedSignerNames|name|TrustedCert,signerThumbprintSha1s|thumbprintSha1|TrustedCert +""" +type RevocationCheckPolicyItem { + "Type for Checking OCSP or CRL" + type: CertRevocationCheckPropertyType! + "If the CRL from URL or OCSP from URL option was selected, enter the URL" + url: String + "If user permitting the entity that issued the certificate" + allowIssuerSignature: Boolean! + "Whether to include a nonce in OCSP request" + nonceUsage: OcspNonceUsage + "The signer certificate names" + trustedSignerNames: [String!] + "(Deprecated) The sha1 thumbprint of the certificate" + signerThumbprintSha1s: [String!] @deprecated(reason: "Use 'trustedSignerNames' instead.") +} + +""" +A trusted certificate revocation check policy. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name +""" +type RevocationCheckPolicy { + "The goid for this revocation check policy" + goid : ID! + "Name that describes the revocation checking policy" + name: String! + "The configuration checksum of this Revocation check policy" + checksum : String! + "Use as default revocation check policy" + defaultPolicy: Boolean! + "Succeed if revocation status is unknown" + defaultSuccess: Boolean! + "Continue processing if server is unavailable" + continueOnServerUnavailable: Boolean! + "Certificate revocation check properties" + revocationCheckPolicyItems: [RevocationCheckPolicyItem!]! +} + +type RevocationCheckPoliciesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + revocationCheckPolicies: [RevocationCheckPolicy]! +} + +input RevocationCheckPolicyItemInput { + "Type for Checking OCSP or CRL" + type: CertRevocationCheckPropertyType! + """ + If the CRL from URL or OCSP from URL option was selected, enter the URL Otherwise provide regex. + CRL_FROM_CERTIFICATE & OCSP_FROM_CERTIFICATE options uses URL Regex & + CRL_FROM_URL & OCSP_FROM_URL options uses URLs. + This is caller's responsibility to provide valid URL or Regex, Graphman won't validate it. + """ + url: String! + "If user permitting the entity that issued the certificate" + allowIssuerSignature: Boolean! + "Whether to include a nonce in OCSP request, default is to set INCLUDE_NONCE" + nonceUsage: OcspNonceUsage = INCLUDE_NONCE + "The trusted signer certificate names" + trustedSignerNames: [String!] + "(Deprecated) The sha1 thumbprint of the certificate" + signerThumbprintSha1s: [String] +} + +input RevocationCheckPolicyInput { + "The goid for this revocation check policy" + goid : ID + "Name that describes the revocation checking policy" + name: String! + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String + "Use as default revocation check policy" + defaultPolicy: Boolean! + "Succeed if revocation status is unknown" + defaultSuccess: Boolean! + "Continue processing if server is unavailable" + continueOnServerUnavailable: Boolean! + "Certificate revocation check properties" + revocationCheckPolicyItems: [RevocationCheckPolicyItemInput!]! +} + +"Reference input to identify the revocation check policy" +input RevocationCheckPolicyRefInput { + "Name that describes the revocation checking policy" + name: String! +} +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all roles" + roles : [Role!]! + "Retrieves a role by goid" + roleByGoid(goid: ID!) : Role + "Retrieves a role by name" + roleByName(name: String!) : Role + "Get filtered roles" + rolesByFilters(filters: [EntityFilterInput!]!): [Role!]! + + "Get all identity providers" + idps: [IdpRef!]! + "Get multiple identity providers by name" + idpsByName(name: String!): [IdpRef!]! + "Get identity provider by goid" + idpByGoid(goid: ID!): IdpRef + + "Get all users" + idpUsers(providerType: IdpType!, providerName: String!): [UserRef!]! + "Get user by login id" + idpUserByLogin(providerType: IdpType!, providerName: String!, login: String!): UserRef + "Get user by SubjectDn" + idpUserBySubjectDn(providerType: IdpType!, providerName: String!, subjectDn: String!): UserRef + "Get filtered users" + idpUsersByFilters(providerType: IdpType!, providerName: String!, filters: [EntityFilterInput!]!): [UserRef!]! + + "Get all groups" + idpGroups(providerType: IdpType!, providerName: String!): [GroupRef] + "Get group by name" + idpGroupByName(providerType: IdpType!, providerName: String!, name: String!): GroupRef + "Get group by subjectDn" + idpGroupBySubjectDn(providerType: IdpType!, providerName: String!, subjectDn: String!): GroupRef + "Get filtered groups" + idpGroupsByFilters(providerType: IdpType!, providerName: String!, filters: [EntityFilterInput!]!): [GroupRef!]! +} + +extend type Mutation { + """ + Update Roles with user/group assignees. + Note: Creating a role is unsupported. + """ + setRoles(input: [RoleInput!]!): RolesPayload + + """ + Deletes roles. Only custom roles can be deleted. + """ + deleteRoles(roles: [String!]!): RolesPayload + + "Adds user to the role" + addUserToRole(role: String!, user: UserRefInput!): RolePayload + + "Removes user from the role" + removeUserFromRole(role: String!, user: UserRefInput!): RolePayload + + "Adds group to the role" + addGroupToRole(role: String!, group: GroupRefInput!): RolePayload + + "Removes group from the role" + removeGroupFromRole(role: String!, group: GroupRefInput!): RolePayload + + "Adds user to the group" + addUserToGroup(group: String!, user: UserRefInput!): GroupRefPayload + + "Removes user to the group" + removeUserFromGroup(group: String!, user: UserRefInput!): GroupRefPayload +} + +enum Tag { + ADMIN +} + +enum RoleType { + SYSTEM, + CUSTOM +} + +""" +A Role Configuration. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-display-summary-fields name,roleType +""" +type Role { + "The goid for the Role" + goid : ID! + "Name of a role" + name : String! + "The configuration checksum" + checksum: String + + "Type of a role" + roleType: RoleType! + "Description of the role. This is optional" + description : String + "Tag: Either Admin or Null" + tag: Tag + + "Whether to replace the existing assignees with the specified users/groups" + replaceAssignees: Boolean + "One or more users assigned to the role" + userAssignees: [UserRef!] + "One or more groups assigned to the role" + groupAssignees: [GroupRef!] +} + +"Role configuration" +input RoleInput { + "The goid for the Role" + goid : ID + "Name of a Role" + name : String! + "The configuration checksum" + checksum: String + + "Type of a role" + roleType: RoleType! + "Description of the role. This is optional" + description : String + "Tag: Either Admin or Null" + tag: Tag + "Whether to replace the existing assignees with the specified users/groups" + replaceAssignees: Boolean = false + "One or more users assigned to the role" + userAssignees: [UserRefInput!] = [] + "One or more groups assigned to the role" + groupAssignees: [GroupRefInput!] = [] +} + +type RolePayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + role: Role +} + +type GroupRefPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + group: GroupRef +} + +type RolesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + roles: [Role]! +} + +""" +A IDP reference. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,providerType,checksum +> @l7-display-summary-fields name,providerType +> @l7-name-fields name +""" +type IdpRef { + "The goid of identity provider" + goid: ID! + "The name of identity provider" + name: String! + "The type of identity provider" + providerType: IdpType! + "The configuration checksum" + checksum: String + "Whether identity provider is used for administration" + adminEnabled: Boolean! +} + +"IDP User Reference" +type UserRef { + "The goid of user" + goid: ID + "The name of user" + name: String + "The login identity of user" + login: String + "The DN of user" + subjectDn: String + "The name of identity provider that the user belongs to" + providerName: String! + "The type of identity provider that the user belongs to" + providerType: IdpType! + "The description of the User" + description : String +} + +"IDP Group Reference" +type GroupRef { + "The goid of group" + goid: ID + "The name of group" + name: String + "The subject dn of group" + subjectDn: String + "The name of identity provider that the group belongs to" + providerName: String! + "The type of identity provider that the group belongs to" + providerType: IdpType! + "The description of the Group" + description : String +} + +"IDP User Reference input" +input UserRefInput { + "The goid of user" + goid: ID + "The name of user" + name: String + "The login identity of user" + login: String + "The DN of user" + subjectDn: String + "The description of user" + description: String + "The name of identity provider that the user belongs to" + providerName: String! + "The type of identity provider that the user belongs to" + providerType: IdpType! +} + +"IDP Group Reference input" +input GroupRefInput { + "The goid of user" + goid: ID + "The name of group" + name: String + "The subjectDn of group" + subjectDn: String + "The description of group" + description: String + "The name of identity provider that the group belongs to" + providerName: String! + "The type of identity provider that the group belongs to" + providerType: IdpType! +} +# +# Copyright (c) 2025. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +type Query { +} + +type Mutation { + "Installs bundle of entities using set-based mutation operations" + installBundleEntities: BundleEntitiesPayload + + "Deletes bundle of entities using set-based mutation operations" + deleteBundleEntities: BundleEntitiesPayload + + "Validate entities mapping instruction" + initializeBundleContext(input: BundlePropertiesInput): BundleContextPayload +} + +scalar NonEmptyString +scalar AnyObject + +type BundleEntitiesPayload { + summary: Boolean + full: Boolean +} + +type BundleContextPayload { + summary: Boolean + full: Boolean +} + +type AnyProperty { + "The name of property" + name: String! + "The value of the property" + value: AnyObject +} + + +"An Entity Property" +type EntityProperty { + "The name of property" + name: String! + "The value of the property" + value: String! +} + +input EntityPropertyInput { + name: String! + value: String! +} + +input EntityPropertyPartialInput { + name: String! + value: String +} + +enum EntityMutationAction { + NEW_OR_UPDATE, + NEW_OR_EXISTING, + ALWAYS_CREATE_NEW, + IGNORE, + DELETE +} + +enum EntityMutationStatus { + NONE + CREATED + UPDATED + DELETED + USED_EXISTING + IGNORED + ERROR +} + +type EntityMutationDetailedStatus { + action: EntityMutationAction + status: EntityMutationStatus! + description: String + + source: [AnyProperty!] + target: [AnyProperty!] +} + +interface EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! +} + +interface EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! +} + +interface PublishedService { + "The name of the published service" + name: String! + "The resolution path for published service" + resolutionPath: String + "The folder path for published service" + folderPath: String! + "Which HTTP methods are permitted for incoming requests" + methodsAllowed: [HttpMethod!]! + "Whether published service is enabled" + enabled: Boolean! +} + +union HardwiredService = L7Service +union AliasedService = L7Service +union AliasedPolicy = L7Policy + +"Service resource (document) details" +type ServiceResource { + "The uniform resource identifier for the document." + uri: String! + "The content of the document" + content: String! +} + +input ServiceResourceInput { + uri: String! + content: String! +} + +"Support Http methods for Web API Service" +enum HttpMethod { + DELETE + HEAD + GET + POST + PUT + OPTIONS + PATCH + OTHER +} + +enum EntityFieldOption { + DEFAULT + NONE + CUSTOM +} + +""" +Input for filtering the entities. +NOTE: Supported composite filters are $and, $or, $not. +NOTE: When children are specified, field is expected to be one of the supported composite identifier. +""" +input EntityFilterInput { + field: String! + condition: EntityFilterConditionInput + children: [EntityFilterInput!] +} + +""" +Input for filtering criteria. +NOTE: Only one of the criteria needs to be specified at a time. +""" +input EntityFilterConditionInput { + "Equals" + eq: String + "Matches by Regular Expression" + regex: String + "Greater Than" + gt: Long + "Less Than" + lt: Long + "Greater Than or Equals To" + gte: Long + "Less Than or Equals To" + lte: Long + "Has (i.e., list has the item)" + has: String + "In (i.e., item in the list)" + in: [String!] + "Extended Equals (Object-level)" + xeq: JSON + "Extended Has (Object-level)" + xhas: JSON + "Extended In (Object-level)" + xin: [JSON!] +} + +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all sample messages" + sampleMessages : [SampleMessage!]! + "Retrieves a sample message by goid" + sampleMessageByGoid(goid: String!) : SampleMessage + "Retrieves a sample message by name" + sampleMessageByName(name: String!) : SampleMessage + "Get filtered sample messages" + sampleMessagesByFilters(filters: [EntityFilterInput!]!) : [SampleMessage!]! +} + +extend type Mutation { + "Create/Update Sample Messages." + setSampleMessages(input: [SampleMessageInput!]!): SampleMessagesPayload + + """ + Delete one or more existing sample messages. + + Matching can be done using either: + - refInputs: Array of SampleMessageRefInput objects (name) - recommended + - sampleMessages: Array of sample message names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteSampleMessages(refInputs: [SampleMessageRefInput!], sampleMessages: [String!]): SampleMessagesPayload +} + +""" +A SampleMessage Configuration. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-display-summary-fields name +""" +type SampleMessage { + "The goid for the SampleMessage" + goid : ID! + "Name of a SampleMessage" + name : String! + "The configuration checksum" + checksum: String! + "sample message content" + content: String! + "Operation name" + operationName: String + "The name of the service belongs to the sample message" + serviceName: String +} + +input SampleMessageInput { + "The goid for the SampleMessage" + goid : ID + "Name of a SampleMessage" + name : String! + "The configuration checksum" + checksum: String + + "sample message content" + content: String! + "Operation name" + operationName: String + "The name of the service belongs to the sample message" + serviceName: String +} + +"Reference input to identify the sample message" +input SampleMessageRefInput { + "Name of a SampleMessage" + name: String! +} + +type SampleMessagesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + sampleMessages: [SampleMessage]! +}# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +"An RFC-3339 compliant date time scalar that accepts string values like `1996-12-19T16:39:57-08:00`" +scalar DateTime +"An RFC-3339 compliant Full Date Scalar" +scalar Date +"An Integer that MUST be greater than or equal to zero" +scalar NonNegativeInt + +"An Integer that MUST be greater than zero" +scalar PositiveInt + +"A Long Integer" +scalar Long + +"A JSON object" +scalar JSON + +#"A File part information from the multi-part message" +#"This scalar implementation is partial, hence commenting for now" +#scalar FilePart +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Retrieves all scheduled tasks" + scheduledTasks: [ScheduledTask!]! + "Retrieves all background task policies" + backgroundTaskPolicies: [BackgroundTaskPolicy!]! @deprecated(reason: "Use 'policies' instead.") + "Retrieves a scheduled task by goid" + scheduledTaskByGoid(goid: ID!): ScheduledTask + "Retrieves a scheduled task by name" + scheduledTaskByName(name: String!): ScheduledTask + "Get filtered scheduled tasks" + scheduledTasksByFilters(filters: [EntityFilterInput!]!): [ScheduledTask!]! + "Retrieves a background task policy by name" + backgroundTaskPolicyByName(name: String!): BackgroundTaskPolicy @deprecated(reason: "Use 'policyByName' instead.") + "Retrieves background task policies by folder path" + backgroundTaskPoliciesByFolderPath(folderPath: String!): [BackgroundTaskPolicy!]! @deprecated(reason: "Use 'policiesByFolderPath' instead.") +} + +extend type Mutation { + "Creates or updates one or more scheduled tasks" + setScheduledTasks(input: [ScheduledTaskInput!]!): ScheduledTasksPayload! + "Creates or updates one or more background task policies" + setBackgroundTaskPolicies(input: [BackgroundTaskPolicyInput!]!): BackgroundTaskPoliciesPayload! @deprecated(reason: "Use 'setPolicies' instead.") + "Deletes one or more existing scheduled tasks" + deleteScheduledTasks(names: [String!]!) : ScheduledTasksPayload! + "Deletes an existing background task policy" + deleteBackgroundTaskPolicies(names: [String!]!) : BackgroundTaskPoliciesPayload! @deprecated(reason: "Use 'deletePolicies' instead.") +} + +"Defines a current status of a given scheduled task" +enum JobStatus { + SCHEDULED + COMPLETED + DISABLED +} + +"Defines a scheduled task type" +enum JobType { + ONE_TIME + RECURRING +} + +""" +A scheduled task. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,jobType,policyName,cronExpression,status +> @l7-foreign-fields policyName|name|L7Policy,runAsUser|login|UserRef,runAsUserProviderName|name|IdpRef +""" +type ScheduledTask { + "The internal entity unique identifier" + goid: ID! + "The name of the scheduled task" + name: String! + "The configuration checksum" + checksum: String! + + "The name of the policy for scheduled task" + policyName: String! + "Scheduled task type" + jobType: JobType! + "The cron job expression" + cronExpression: String + "Whether to execute on single node" + executeOnSingleNode: Boolean! + "Whether to execute the RECURRING task now?" + executeOnCreation: Boolean! + "Execution date of a ONE_TIME task" + executionDate: DateTime + "The scheduled task status" + status: JobStatus! + "Run as user" + runAsUser: String + "Run as provider name" + runAsUserProviderName: String +} + +""" +A background task policy that is associated with a scheduled task to be run. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,guid,name,checksum +> @l7-excluded-fields +> @l7-deprecated Use 'L7Policy' instead. +""" +type BackgroundTaskPolicy { + "The internal entity unique identifier" + goid: ID! + "The internal entity unique identifier" + guid: ID! + "The name of the background task policy" + name: String! + "The configuration checksum" + checksum: String! + + "The folder path of the background task policy" + folderPath: String! + "Is soap" + soap: Boolean + "The background task policy" + policy: Policy! +} + +input ScheduledTaskInput { + "The internal entity unique identifier" + goid: ID + "The name of the scheduled task" + name: String! + "The name of the policy for scheduled task" + policyName: String! + jobType: JobType! + "The cron job expression" + cronExpression: String + "Whether to execute on single node" + executeOnSingleNode: Boolean! + "Whether to execute the RECURRING task now?" + executeOnCreation: Boolean! + "Specify a future execution date for a ONE_TIME task" + executionDate: DateTime + "The scheduled task status" + status: JobStatus = SCHEDULED + runAsUser: String + runAsUserProviderName: String + "The configuration checksum" + checksum: String +} + +input BackgroundTaskPolicyInput { + "The internal entity unique identifier" + goid: ID + "The name of the background task policy" + name: String! + "The internal entity unique identifier" + guid: ID + "The folder path background task policy" + folderPath: String! + "The background task policy" + policy: PolicyInput! + soap: Boolean = false + "The configuration checksum" + checksum: String +} + +type ScheduledTasksPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + scheduledTasks: [ScheduledTask]! +} + +type BackgroundTaskPoliciesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + backgroundTaskPolicies: [BackgroundTaskPolicy]! +} +# +# Copyright (c) 2025-2026 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# + +extend type Query { + "Retrieves all secrets" + secrets : [Secret!]! + "Retrieves all keys" + keys : [Key!]! + "Retrieves a secret by goid" + secretByGoid(goid: ID!) : Secret + "Retrieves a secret by name" + secretByName(name: String!) : Secret + "Retrieves a key by goid" + keyByGoid(goid: ID!) : Key + "Retrieves a key by name" + keyByAlias(alias: String!) : Key + "Get filtered secrets" + secretsByFilters(filters: [EntityFilterInput!]!) : [Secret!]! + "Get filtered keys" + keysByFilters(filters: [EntityFilterInput!]!) : [Key!]! +} + +extend type Mutation { + "Creates or updates one or more secrets" + setSecrets(input: [SecretInput!]!) : SecretsPayload + + "Updating the secret" + updateSecret(refInput: SecretRefInput!, input: SecretPartialInput!) : SecretPayload + + "Creates or updates one or more keys" + setKeys(input: [KeyInput!]!) : KeysPayload + + "Update an existing key. Match is carried by refInput" + updateKey(refInput: KeyRefInput!, input: KeyPartialInput!) : KeyPayload + + """ + Delete one or more existing secrets. + + Matching can be done using either: + - refInputs: Array of SecretRefInput objects (name) - recommended + - names: Array of secret names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteSecrets(refInputs: [SecretRefInput!], names: [String!]) : SecretsPayload + """ + Delete one or more existing keys. + + Matching can be done using either: + - refInputs: Array of KeyRefInput objects (alias, keystoreId) - recommended + - aliases: Array of key aliases - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteKeys(refInputs: [KeyRefInput!], aliases: [String!]) : KeysPayload +} + +""" +A secret (password or private key) which is used by gateway policies and other configurations. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,secretType,description,lastModifiedDate +> @l7-encrypted-fields secret +""" +type Secret { + "The goid for the Secret" + goid: ID! + """ + Identify the password being stored. You may use letters, numbers, dashes, and underscores. + Names that contain spaces or periods are valid, but the resulting stored password cannot be referenced via context variable. + Names that contain @ or $ are valid, but the resulting stored password cannot be referenced via context variable. + """ + name : String! + "The configuration checksum" + checksum : String! + + "Description of the password. This is optional" + description : String + """ + Base64 encrypted secret. The encryption is compatible with openssl secret encryption + using cypher AES/CBC/PKCS5Padding. You can decrypt these values at command line + using this command: + > echo | openssl enc -d -aes-256-cbc -md sha256 -pass pass: -a + """ + secret : String! + "Password or PEM Private Key" + secretType : SecretType! + "Whether this secret can be referred to in policy via context variable ${secpass... " + variableReferencable : Boolean! + "Public key of secret" + publicKey : String + "Last modified date of secret" + lastModifiedDate : DateTime +} + +enum SecretType { + "Stored password for example used in the jdbc connection" + PASSWORD + "Secure pem key for example used in the route via ssh assertion" + PEM_PRIVATE_KEY +} + +enum KeyUsageType { + "Represents a key marked as the default SSL key" + SSL, + "Represents a key marked as the default Server SSL key" + SERVER_SSL, + "Represents a key marked as the default Client SSL key" + CLIENT_SSL, + "Represents a key marked as the default CA key" + CA, + "Represents a key marked as the default audit viewer/decryption key" + AUDIT_VIEWER, + "Represents a key marked as the default audit signing key" + AUDIT_SIGNING +} + + +""" +A key entry in the gateway keystore. These entries combine a private +key and associated certificate and are used for example by listener ports. +> @l7-entity key|keys +> @l7-identity-fields alias,keystoreId +> @l7-summary-fields goid,keystoreId,alias,checksum +> @l7-excluded-fields pem,certProperties +> @l7-encrypted-fields p12,pem +> @l7-alternative-fields p12|pem,pem|p12 +> @l7-name-fields alias +""" +type Key { + "The internal entity unique identifier" + goid: ID! + "The gateway keystore identifier" + keystoreId: ID! + "The name assigned to the key" + alias : String! + "The configuration checksum" + checksum : String! + + "The type of the private key" + keyType : String! + "The key size in bits (RSA key size or EC curve field size)" + keySize : Int + "The Key usage types" + usageTypes: [KeyUsageType!] + "The subjectDN" + subjectDn : String! + """ + Base64 encoded PKCS12 keystore containing the private key and cert chain for the key entry. + The keystore is password-protected using the transaction encryption passphrase provided. + """ + p12 : String + "The private key data in PEM format" + pem: String + "The certificate chain in PEM format" + certChain : [String!] + "Certificate properties as key-value pairs including expiry date, CA capability, fingerprints, and other certificate properties" + certProperties : [EntityProperty!] + "The runtime validation status of the certificate chain associated with this key" + validationStatus: CertValidationStatus + "Description of the runtime validation status" + validationStatusDescription: String +} + +input SecretInput { + """ + Identify the password being stored. You may use letters, numbers, dashes, and underscores. + Names that contain spaces or periods are valid, but the resulting stored password cannot be referenced via context variable. + Names that contain @ or $ are valid, but the resulting stored password cannot be referenced via context variable. + """ + name : String! + "Password or PEM Private Key" + secretType : SecretType! + "The goid for the Secret" + goid: ID + "Ignored at entity creation time but declared here so you can embed checksums in graphman bundles" + checksum : String + "Whether this secret can be referred to in policy via context variable ${secpass... " + variableReferencable : Boolean! + """ + Base64 encrypted secret. The encryption is compatible with openssl secret encryption + using cypher AES/CBC/PKCS5Padding. You can create this value at command line: + > echo -n "" | openssl enc -aes-256-cbc -md sha256 -pass pass: -a + """ + secret : String + "Description of the password. This is optional" + description : String + "PEM RSA Private Key Size in bits. Default: 2048 bits" + keySize : Int = 2048 + "Public key of the secret. This can be ignored for set operation" + publicKey : String + "Last modified date of the secret. This can be ignored for set operation" + lastModifiedDate : DateTime +} + +input KeyInput { + keystoreId: ID = "00000000000000000000000000000002" + alias : String! + """ + Base64 encoded PKCS12 keystore containing the private key and cert chain for the key entry. + The keystore is password-protected using the transaction encryption passphrase provided. + """ + p12 : String + "The private key data in PEM format" + pem: String + "Will try to match at creation time is specified" + goid: ID + "SubjectDn of the certificate associated with the key. (Note that, this field has no effect on the mutation)" + subjectDn : String + "Key type RSA/EC" + keyType : String + "The key size in bits (RSA key size or EC curve field size). (Note that, this field has no effect on the mutation)" + keySize : Int + "The Key usage types. (Note that, the key usage will not be reset when this field is not specified)" + usageTypes: [KeyUsageType!] + "The certificate chain in PEM format. (Note that, this field has no effect on the mutation)" + certChain : [String!] + "Certificate properties as key-value pairs including expiry, CA capability, and other properties. (Note that, this field has no effect on the mutation)" + certProperties : [EntityPropertyInput!] + "Ignored at entity creation time but declared here so you can embed checksums in graphman bundles" + checksum : String + "Key Generate Options" + keyGenerateOptions : KeyGenerateOptions +} + +input KeyPartialInput { + """ + The certificate chain in PEM format. + IMPORTANT: The certificate must match the existing private key. + This is typically used to: + - Add intermediate/root CA certificates to the chain + - Update with a renewed certificate using the same private key + - Reorder certificates in the chain + """ + certChain : [String!] + "The Key usage types" + usageTypes: [KeyUsageType!] + "The key size in bits (RSA key size or EC curve field size). (Note that, this field has no effect on the mutation)" + keySize : Int +} + +input KeyGenerateOptions { + "RSA Key Size" + rsaKeyBits: Int = 2048 + "EC Curve Name" + ecName: String + "Number of days before the initial self-signed certificate expires" + certExpiry: Int = 1825 + "Signature hash algorithm for signing a certificate" + signatureHashAlg: String + "Use RSASSA-PSS Signature Scheme" + useRsaSsaPss: Boolean + "The Certificate will be used to sign other certificates" + certCACapable: Boolean +} + +"Reference input to identify the entity" +input SecretRefInput { + "The name of the secret" + name: String! +} + +input SecretPartialInput { + """ + Identify the password being stored. You may use letters, numbers, dashes, and underscores. + Names that contain spaces or periods are valid, but the resulting stored password cannot be referenced via context variable. + Names that contain @ or $ are valid, but the resulting stored password cannot be referenced via context variable. + """ + name : String + "Whether this secret can be referred to in policy via context variable ${secpass... " + variableReferencable : Boolean + """ + Base64 encrypted secret. The encryption is compatible with openssl secret encryption + using cypher AES/CBC/PKCS5Padding. You can create this value at command line: + > echo -n "" | openssl enc -aes-256-cbc -md sha256 -pass pass: -a + """ + secret : String + "Description of the password. This is optional" + description : String + "PEM RSA Private Key Size in bits." + keySize : Int +} + +type SecretPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The updated secret." + secret: Secret +} + +type SecretsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + secrets : [Secret]! +} + +type KeyPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The updated key." + key: Key +} + +type KeysPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + keys : [Key]! +} + +input KeyRefInput { + "The gateway keystore identifier" + keystoreId: ID = "00000000000000000000000000000002" + "The name assigned to the key" + alias: String! +} + +input KeyMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a Key entity uniquely" + source: KeyRefInput +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all Server module files" + serverModuleFiles : [ServerModuleFile!]! + "Get Server module file by goid" + serverModuleFileByGoid(goid: ID!) : ServerModuleFile + "Get Server module file by name" + serverModuleFileByName(name: String!) : ServerModuleFile + "Get filtered Server module files" + serverModuleFilesByFilters(filters: [EntityFilterInput!]!) : [ServerModuleFile!]! +} + +extend type Mutation { + """ + Sets Server module files. Updating the existing server module file is unsupported. + """ + setServerModuleFiles( + input: [ServerModuleFileInput!]!): ServerModuleFilesPayload + + """ + Deletes Server module files. + """ + deleteServerModuleFiles( + "The names of the Server module file to delete" + names: [String!]!): ServerModuleFilesPayload +} + +enum ModuleType { + MODULAR_ASSERTION + CUSTOM_ASSERTION +} + +""" +A Server module file. +> @l7-entity +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-excluded-fields filePartName, moduleStates, moduleStateSummary +> @l7-name-fields name +> @l7-display-summary-fields name,moduleType,moduleStateSummary +> @l7-encrypted-fields +> @l7-foreign-fields +> @l7-alternative-fields +""" +type ServerModuleFile { + "The goid for the Server module file" + goid: ID! + "The Server module name" + name: String! + "The configuration checksum of this Server module file" + checksum: String! + + "The Server module type" + moduleType: ModuleType! + "The Server module SHA256 digest value" + moduleSha256: String! + "The Server module signature" + signature: String! + "The base64 encoded signer certificate" + signerCertBase64: String! + "The Server module file properties" + properties: [EntityProperty!]! + + "The Server module file state per node in the cluster" + moduleStates: [ServerModuleFileState!]! + "The Server module file state summary" + moduleStateSummary: ServerModuleFileStateSummary! + "The dummy field, is used to get the Server module file content in separate part" + filePartName: String! +} + +type ServerModuleFileStateSummary { + state: ModuleStateSummary! + description: String +} + +type ServerModuleFileState { + nodeId: String! + nodeName: String! + state: ModuleState! + description: String +} + +enum ModuleStateSummary { + LOADING + LOADED + ERROR +} + +enum ModuleState { + UPLOADED + ACCEPTED + REJECTED + LOADED + ERROR +} + +input ServerModuleFileInput { + "The internal entity unique identifier" + goid: ID + "The Server module name" + name: String! + "The Server module type" + moduleType: ModuleType + "The Server module SHA256 digest value" + moduleSha256: String + "The Server module signature" + signature: String + "The base64 encoded signer certificate" + signerCertBase64: String + "The Server module file properties" + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum: String +} + +type ServerModuleFilesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + "The created Server module files." + serverModuleFiles: [ServerModuleFile]! +} +# +# Copyright (c) 2025 Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all services" + services : [L7Service!]! + + "Get services inside a folder" + servicesByFolderPath(folderPath: String!) : [L7Service!]! + + "Get specified type services" + servicesByType(serviceType: L7ServiceType!) : [L7Service!]! + + "Get specified type services inside a folder" + servicesByFolderPathAndType(folderPath: String!, serviceType: L7ServiceType!) : [L7Service!]! + + "Get services by goid" + serviceByGoid(goid: ID!) : L7Service + + "Get services by name" + servicesByName(name: String!) : [L7Service!]! + + "Get services by resolutionPath" + servicesByResolutionPath(resolutionPath: String!) : [L7Service !]! + + "Get service by name. Returns none if more than one are found." + serviceByName(name: String!) : L7Service + + "Get service by resolutionPath. Returns none if more than one are found." + serviceByResolutionPath(resolutionPath: String!) : L7Service + + "Get service by resolvers" + serviceByResolvers(resolvers: ServiceResolversInput!) : L7Service + + "Get services by resolvers" + servicesByResolvers(resolvers: ServiceResolversInput!) : [L7Service!]! + + "(Deprecated) Get service and it's revision by resolvers and revision ordinal" + serviceByResolversAndRevision(resolvers: ServiceResolversInput!, revision: Long!) : L7Service @deprecated(reason: "Use 'serviceByResolvers' instead along with the selector over 'policyRevisions'.") + + "Get filtered services" + servicesByFilters(filters: [EntityFilterInput!]!) : [L7Service!]! +} + +extend type Mutation { + "Create or update services" + setServices(input: [L7ServiceInput!]!) : L7ServicesPayload! + + """" + Set active revision for the services. + By default, it chooses the latest revision as active. If the latest revision available is already active, does nothing. + """ + setServiceRevisions(input: [L7ServicePartialInput!]!) : L7ServicesPayload! + + "Update an existing service. Match is carried by refInput" + updateService(refInput: ServiceRefInput!, input: L7ServicePartialInput!) : L7ServicePayload! + + """ + Update an existing Service with new properties. Match is carried by refInput. + If a property is new, it will be added; if the value is new, it will be updated. + If only the property name is specified without a value, the property will be deleted. + Providing empty input properties will preserve the current properties and will not delete any existing ones. + """ + updateServiceProperties(refInput: ServiceRefInput!, properties: [EntityPropertyPartialInput!]!) : L7ServicePayload! + + """" + Delete services. + + This mutation supports two ways to identify services for deletion: + 1. **refInputs** (recommended): A list of ServiceRefInput objects that uniquely identify services by resolutionPath, serviceType, and optional resolvers + 2. **resolvers** (deprecated): A list of ServiceResolversInput objects + + When both arguments are provided, refInputs takes precedence and resolvers is ignored. + At least one argument must be provided with a non-empty list. + """ + deleteServices(refInputs: [ServiceRefInput!], resolvers: [ServiceResolversInput!] @deprecated(reason: "Use 'refInputs' instead for more precise service identification")) : L7ServicesPayload! + + "Update existing revision (comment and/or active) for the specified service" + updateServiceRevision(refInput: ServiceRefInput!, revision: Long!, activate: Boolean, comment: String) : L7ServicePayload! + + "(Deprecated) Update existing revision (comment and/or active) for the services" + updateServicesRevision(input: [L7ServicePartialInput!]!, activate: Boolean!, comment: String) : L7ServicesPayload! +} + +""" +A Layer7 service. +> @l7-entity service|services +> @l7-identity-fields resolutionPath,resolvers,serviceType +> @l7-summary-fields goid,guid,name,resolutionPath,resolvers,serviceType,checksum +> @l7-excluded-fields policy.directDependencies,policy.allDependencies,version,policyRevision,policyRevisions +> @l7-name-fields name +> @l7-display-summary-fields name,resolutionPath,serviceType,enabled +> @l7-alternative-fields policy.xml|policy.json|policy.yaml|policy.code,policyRevision.xml|policyRevision.json|policyRevision.yaml|policyRevision.code,policyRevisions.xml|policyRevisions.json|policyRevisions.yaml|policyRevisions.code +""" +type L7Service implements PublishedService { + "The goid for this service" + goid : ID! + "The guid for this service" + guid : ID! + "The name of the service" + name: String! + "The resolution path to the service" + resolutionPath: String! + "The service resolvers. They can be used to identify services." + resolvers: ServiceResolvers + "The type of service" + serviceType: L7ServiceType! + "The configuration checksum" + checksum: String! + + "The service version" + version: Int + + "Whether or not the published service is enabled" + enabled: Boolean! + "The folder path to the service" + folderPath: String! + "Which SOAP version" + soapVersion: SoapVersion + "Which http methods are allowed" + methodsAllowed: [HttpMethod!]! + "Whether or not the tracing is enabled" + tracingEnabled: Boolean! + "Whether or not the WSS processing is enabled" + wssProcessingEnabled: Boolean! + "Allow requests intended for operations not supported by the WSDL" + laxResolution: Boolean + "Service properties" + properties: [EntityProperty!] + + "URL for the protected service WSDL document" + wsdlUrl: String + "The WSDL of the soap service" + wsdl: String + "One or more additional WSDL resources" + wsdlResources: [ServiceResource!] + + "The actual service and dependencies" + policy: Policy! + "(Deprecated) The service policy revision. It can be either the active revision or the specific one when queried explicitly." + policyRevision: PolicyRevision + """ + The policy revisions. + When [selected] argument is not empty, selected revisions will be returned. + If not, all the revisions will be returned. + NOTE: Use 0 to select active revision. Use -1 to select latest revision. + """ + policyRevisions(selected: [Long!]): [PolicyRevision!]! +} + +type ServiceResolvers { + "The soap actions referred to in the wsdl" + soapActions: [String!] + "Base uri from the wsdl of the service. This is used for service resolution" + baseUri: String + "The resolution path to the service. It will be defaulted to /ssg/soap for SOAP services when not specified" + resolutionPath: String +} + +input ServiceResolversInput { + "The soap action referred to in the wsdl" + soapAction: String + "The soap actions referred to in the wsdl" + soapActions: [String!] + "Base uri from the wsdl of the service. This is used for service resolution" + baseUri: String + "The resolution path to the service." + resolutionPath: String +} + +type L7ServicesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + services: [L7Service]! +} + +type L7ServicePayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + service: L7Service +} + +enum L7ServiceType { + WEB_API + SOAP + INTERNAL_WEB_API + INTERNAL_SOAP +} + +enum SoapVersion { + SOAP_1_1 + SOAP_1_2 + UNKNOWN +} + +input L7ServiceInput { + "The goid for this service" + goid : ID + "The guid for this service" + guid : ID + "The name of the service" + name: String! + "The resolution path to the service" + resolutionPath: String! + "The service resolvers. They can be used to identify services." + resolvers: ServiceResolversInput + "The type of service" + serviceType: L7ServiceType! + "The configuration checksum" + checksum: String + + "The service version" + version: Int + + "Whether or not the published service is enabled" + enabled: Boolean = true + "The folder path where to create this service. If the path does not exist, it will be created" + folderPath: String! + "Which SOAP version" + soapVersion: SoapVersion = UNKNOWN + "Which http methods are allowed" + methodsAllowed: [HttpMethod!]! + tracingEnabled: Boolean = false + wssProcessingEnabled: Boolean = false + "Allow requests intended for operations not supported by the WSDL" + laxResolution: Boolean = false + properties: [EntityPropertyInput!] + + "The WSDL of the soap service" + wsdl: String + "URL for the protected service WSDL document" + wsdlUrl: String + "One or more additional WSDL resources" + wsdlResources: [ServiceResourceInput!] + "The service policy" + policy: PolicyInput! + "(Deprecated) This will be ignored during the mutation" + policyRevision: PolicyRevisionInput + "This will be ignored during the mutation" + policyRevisions: [PolicyRevisionInput!] +} + +input L7ServicePartialInput { + "The goid for this service" + goid : ID + "The guid for this service" + guid : ID + "The name of the service" + name: String + "The resolution path to the service" + resolutionPath: String + "The service resolvers. They can be used to identify services." + resolvers: ServiceResolversInput + "The type of service" + serviceType: L7ServiceType + "The configuration checksum" + checksum: String + + "The service version" + version: Int + "Whether or not the published service is enabled" + enabled: Boolean + "The folder path where to create this service. If the path does not exist, it will be created" + folderPath: String + "Which SOAP version" + soapVersion: SoapVersion + "Which http methods are allowed" + methodsAllowed: [HttpMethod!] + tracingEnabled: Boolean + wssProcessingEnabled: Boolean + "Allow requests intended for operations not supported by the WSDL" + laxResolution: Boolean + properties: [EntityPropertyInput!] + + "The WSDL of the soap service" + wsdl: String + "URL for the protected service WSDL document" + wsdlUrl: String + "One or more additional WSDL resources" + wsdlResources: [ServiceResourceInput!] + "The service policy" + policy: PolicyInput + "(Deprecated) This will be ignored during the mutation" + policyRevision: PolicyRevisionInput + "This will be ignored during the mutation" + policyRevisions: [PolicyRevisionInput!] +} + +input ServiceMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a Service entity uniquely" + source: ServiceRefInput +} + +""" +Reference input for identifying a published service. +Primary identifier is resolutionPath. +Provide one of the supported extra identifiers to filter the identified targets. + +Supported identifier fields (in order of precedence): +- name: The service name +- resolvers: The service resolvers details +- goid: The internal entity unique identifier + +NOTE: Only one of the extra identifiers will be used in combination with the primary identifier. +""" +input ServiceRefInput { + "The goid for this service" + goid : ID + "Name of the service" + name: String + "The resolution path to the service" + resolutionPath: String! + "The type of service" + serviceType: L7ServiceType! + "The service resolvers. They can be used to identify services." + resolvers: ServiceResolversInput +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all siteminder configurations" + smConfigs : [SMConfig!]! + "Get the siteminder configuration by goid" + smConfigByGoid(goid : ID!) : SMConfig + "Get the siteminder configuration by name" + smConfigByName(name : String!) : SMConfig + "Get filtered siteminder configurations" + smConfigsByFilters(filters: [EntityFilterInput!]!) : [SMConfig!]! +} + +extend type Mutation { + """ + Create or update existing siteminder configurations. + Match is carried by name. If match is found, it will be updated. Otherwise, it will be created + """ + setSMConfigs(input: [SMConfigInput!]!): SMConfigsPayload! + + """ + Delete one or more existing siteminder configurations. + + Matching can be done using either: + - refInputs: Array of SMConfigRefInput objects (name) - recommended + - names: Array of siteminder configuration names - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteSMConfigs(refInputs: [SMConfigRefInput!], names: [String!]): SMConfigsPayload! +} + +enum SMCryptoMode { + COMPAT + MIGRATE + FIPS +} + +""" +A siteminder configuration. +> @l7-entity smConfig|smConfigs +> @l7-identity-fields name +> @l7-summary-fields goid,name,checksum +> @l7-name-fields name +> @l7-display-summary-fields name,agentIP,agentHost,enabled +> @l7-encrypted-fields agentSecret +> @l7-foreign-fields securePasswordName|name|Secret +""" +type SMConfig { + "The goid for the CA SSO connection" + goid : ID! + "Name of the CA SSO configuration" + name : String! + "The configuration checksum" + checksum: String! + + "Indicates whether the specified configuration is currently enabled or disabled" + enabled : Boolean! + "Name of the host registered with the CA SSO Policy Server" + agentHost: String! + "The IP address of the CA SSO agent. This field is required if the Check IP check box is selected" + agentIP: String! + "CA SSO Policy Server host configuration used by the agent" + agentHostConfig: String! + "CA SSO shared secret used by the agent to establish communication with the Policy Server" + agentSecret: String! + "Choose the FIPS mode supported by the CA SSO Policy Server. The available values are: COMPAT(default)/MIGRATE/ONLY" + cryptoMode: SMCryptoMode! + "The CA SSO Policy Server compare the client IP against the address stored in the SSO Token" + ipCheckEnabled: Boolean! + "Whether to update the SSO Token after successful authentication/authorization" + updateSSOToken: Boolean! + "The percentage of servers within a cluster that must be available for Policy Server requests" + clusterFailoverThreshold: PositiveInt! + "Is non cluster failover" + nonClusterFailover: Boolean! + "User name of the CA SSO administrator" + username: String! + "The secure password reference" + securePasswordName: String! + "The Siteminder configuration properties" + properties: [EntityProperty!] +} + +input SMConfigInput { + "The goid for the CA SSO connection" + goid: ID + "Name of the CA SSO configuration" + name: String! + "Indicates whether the specified configuration is currently enabled or disabled" + enabled: Boolean! + "Name of the host registered with the CA SSO Policy Server" + agentHost: String! + "The IP address of the CA SSO agent. This field is required if the Check IP check box is selected" + agentIP: String! + "CA SSO Policy Server host configuration used by the agent" + agentHostConfig: String! + "CA SSO shared secret used by the agent to establish communication with the Policy Server" + agentSecret: String! + "Choose the FIPS mode supported by the CA SSO Policy Server. The available values are: COMPAT(default)/MIGRATE/ONLY" + cryptoMode: SMCryptoMode! + "The CA SSO Policy Server compare the client IP against the address stored in the SSO Token" + ipCheckEnabled: Boolean! + "Whether to update the SSO Token after successful authentication/authorization" + updateSSOToken: Boolean! + "The percentage of servers within a cluster that must be available for Policy Server requests" + clusterFailoverThreshold: PositiveInt! + nonClusterFailover: Boolean! + "User name of the CA SSO administrator" + username: String! + "The secure password reference" + securePasswordName: String! + "The Siteminder configuration properties" + properties: [EntityPropertyInput!] + "The configuration checksum" + checksum : String +} + +"Reference input to identify the siteminder configuration" +input SMConfigRefInput { + "Name of the CA SSO configuration" + name: String! +} + +type SMConfigsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + smConfigs: [SMConfig]! +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all soap services" + soapServices : [SoapService]! @deprecated(reason: "Use 'services' instead.") + "Get all Internal soap services" + internalSoapServices : [InternalSoapService]! @deprecated(reason: "Use 'services' instead.") + "Get soap services by name" + soapServicesByName(name: String!) : [SoapService]! @deprecated(reason: "Use 'servicesByName' instead.") + "Get soap service by name. Returns none if more than one are found." + soapServiceByName(name: String!) : SoapService @deprecated(reason: "Use 'serviceByName' instead.") + "Get Internal soap service by name. Returns none if more than one are found." + internalSoapServiceByName(name: String!) : InternalSoapService @deprecated(reason: "Use 'serviceByName' instead.") + "Get soap services inside a folder" + soapServicesByFolderPath(folderPath: String!) : [SoapService]! @deprecated(reason: "Use 'servicesByFolderPath' instead.") + "Get Internal soap services inside a folder" + internalSoapServicesByFolderPath(folderPath: String!) : [InternalSoapService]! @deprecated(reason: "Use 'servicesByFolderPath' instead.") + "Get soap service by goid" + soapServiceByGoid(goid: ID!) : SoapService + "Get soap service by resolver" + soapServiceByResolver(resolver: SoapServiceResolverInput!) : SoapService @deprecated(reason: "Use 'serviceByResolvers' instead.") +} + +extend type Mutation { + "Create or update soap services" + setSoapServices(input: [SoapServiceInput!]!) : SoapServicesPayload @deprecated(reason: "Use 'setServices' instead.") + "Create or update Internal soap services" + setInternalSoapServices(input: [SoapServiceInput!]!) : InternalSoapServicesPayload @deprecated(reason: "Use 'setServices' instead.") + "Delete existing soap services given their resolution details" + deleteSoapServices(resolvers: [SoapServiceResolverInput!]!) : SoapServicesPayload @deprecated(reason: "Use 'deleteServices' instead.") + "Delete existing Internal soap services given their resolution details" + deleteInternalSoapServices(resolvers: [SoapServiceResolverInput!]!) : InternalSoapServicesPayload @deprecated(reason: "Use 'deleteServices' instead.") +} + +""" +A Soap service published on the Layer7 Gateway +> @l7-entity +> @l7-identity-fields resolutionPath,resolvers +> @l7-summary-fields goid,guid,name,resolutionPath,resolvers,checksum +> @l7-excluded-fields +> @l7-deprecated Use 'L7Service' instead. +""" +type SoapService implements PublishedService { + "The goid for this service" + goid : ID! + "The guid for this service" + guid : ID + "The name of the service" + name: String! + "The resolution path to the service" + resolutionPath: String + "Soap service resolvers" + resolvers: SoapResolvers! + "The configuration checksum" + checksum: String! + + "Whether or not the published service is enabled" + enabled: Boolean! + "The folder path to the service" + folderPath: String! + "Which SOAP version" + soapVersion: SoapVersion! + "Which http methods are allowed if not just POST" + methodsAllowed: [HttpMethod!]! + "Whether or not the tracing is enabled" + tracingEnabled: Boolean! + "Whether or not the WSS processing is enabled" + wssProcessingEnabled: Boolean! + "Allow requests intended for operations not supported by the WSDL" + laxResolution: Boolean + "Service properties" + properties: [EntityProperty!] + + "The WSDL of the soap service" + wsdl: String! + "URL for the protected service WSDL document" + wsdlUrl: String + "One or more additional WSDL resources" + wsdlResources: [ServiceResource!] + "The policy and dependencies" + policy: Policy! +} + +""" +A Internal Soap service published on the Layer7 Gateway +> @l7-entity +> @l7-identity-fields resolutionPath,resolvers +> @l7-summary-fields goid,guid,name,resolutionPath,resolvers,checksum +> @l7-excluded-fields +> @l7-deprecated Use 'L7Service' instead. +""" +type InternalSoapService implements PublishedService { + "The goid for this service" + goid : ID! + "The guid for this service" + guid : ID + "The name of the service" + name: String! + "The resolution path to the service" + resolutionPath: String + "Soap service resolvers" + resolvers: SoapResolvers! + "The configuration checksum" + checksum: String! + + "Whether or not the published service is enabled" + enabled: Boolean! + "The folder path to the service" + folderPath: String! + "Which SOAP version" + soapVersion: SoapVersion! + "Which http methods are allowed if not just POST" + methodsAllowed: [HttpMethod!]! + "Whether or not the tracing is enabled" + tracingEnabled: Boolean! + "Whether or not the WSS processing is enabled" + wssProcessingEnabled: Boolean! + "Allow requests intended for operations not supported by the WSDL" + laxResolution: Boolean + "Service properties" + properties: [EntityProperty!] + + "The WSDL of the soap service" + wsdl: String! + "URL for the protected service WSDL document" + wsdlUrl: String + "One or more additional WSDL resources" + wsdlResources: [ServiceResource!] + "The policy and dependencies" + policy: Policy! +} + +" Must have minimum (1 soapAction + baseUri) OR resolutionPath. You can have both too. " +type SoapResolvers { + "The soap actions referred to in the wsdl" + soapActions: [String!]! + "Base uri from the wsdl of the service. This is used for service resolution" + baseUri: String + "The resolution path to the service if not default /ssg/soap" + resolutionPath: String +} + +" Must have minimum (1 soapAction + baseUri) OR resolutionPath. You can have both too. " +input SoapServiceResolverInput { + "One of the SoapAction of the service to resolved. This must be specified along with a base ns from the WSDL" + soapAction: String + "One or more soap actions of the service to resolved. This must be specified in the absence of soapAction field." + soapActions: [String!] + "Base uri from the wsdl of the service. Use this alongside the soapaction property to resolve a soap service without resolutionUri" + baseUri: String + "The resolution path of the service if that is how the soap service is resolved" + resolutionPath: String +} + +input SoapServiceInput { + "The internal entity unique identifier" + goid: ID + "The guid for this service, if none provided, assigned at creation" + guid: ID + "The folder path where to create this service. If the path does not exist, it will be created" + folderPath: String! + "The name of the service" + name: String! + "The WSDL of the soap service" + wsdl: String! + "URL for the protected service WSDL document" + wsdlUrl: String + "One or more additional WSDL resources" + wsdlResources: [ServiceResourceInput!] + "The resolution path of the service" + resolutionPath: String = "/ssg/soap" + "Soap service resolvers" + resolvers: SoapServiceResolverInput + "The policy" + policy: PolicyInput! + "Whether the service is enabled (optional, default true)" + enabled: Boolean = true + "The http methods allowed for this service" + methodsAllowed: [HttpMethod!]! + "Which SOAP version" + soapVersion: SoapVersion = UNKNOWN + "Whether or not the gateway should process incoming ws-security soap headers" + wssProcessingEnabled: Boolean! + tracingEnabled: Boolean = false + "Allow requests intended for operations not supported by the WSDL" + laxResolution: Boolean = false + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +type SoapServicesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + soapServices: [SoapService]! +} + +type InternalSoapServicesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + internalSoapServices: [InternalSoapService]! +} + +input SoapServiceMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a SoapService entity uniquely" + source: SoapServiceRefInput +} + +input SoapServiceRefInput { + "The resolution path of the service" + resolutionPath: String! + "Soap service resolvers" + resolvers: SoapServiceResolverInput +} +# AI assistance has been used to generate some or all contents of this file. That includes, but is not limited to, new code, modifying existing code, stylistic edits. +# +# Copyright (c) 2026. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Retrieves all trusted certificates" + trustedCerts : [Certificate!]! + "The trusted certificates by name" + trustedCertsByName(name: String!) : [Certificate!]! + "The trusted certificate by goid" + trustedCertByGoid(goid: ID!) : Certificate + "(Deprecated) Retrieves a list of trusted certificates with the matching subject dn" + trustedCertsByDn(subjectDn : String!) : [Certificate!]! + "Retrieves a list of trusted certificates with the matching subject dn" + trustedCertsBySubjectDn(subjectDn : String!) : [Certificate!]! + """ + The trusted certificate associated with this unique thumbprint. + Here, thumbprint can be in any one of the below supported formats + - SHA1: + - + """ + trustedCertByThumbprint(thumbprint: String, thumbprintSha1: String) : Certificate + "Get filtered trusted certificates" + trustedCertsByFilters(filters: [EntityFilterInput!]!) : [Certificate!]! + "Returns runtime validation statuses for all certificates known to the Gateway. Optionally filter by status." + runtimeValidationStatuses(status: CertValidationStatus): [CertificateValidationResult!]! +} + +extend type Mutation { + """ + Create or update trusted certificates. + If a certificate with the same sha1 thumbprint already exist, it will be updated. + """ + setTrustedCerts(input: [TrustedCertInput!]!): TrustedCertsPayload! + + """ + Update an existing trusted certificate. Match is carried by refInput + """ + updateTrustedCert(refInput: TrustedCertRefInput!, input: TrustedCertPartialInput!): TrustedCertPayload! + + """ + Delete one or more existing trusted certificates. + + Matching can be done using either: + - refInputs: Array of TrustedCertRefInput objects (name, goid, thumbprint, or thumbprintSha1) - recommended + - thumbprintSha1s: Array of certificate SHA1 thumbprints - deprecated + + At least one of the parameters must be provided. If both are provided, refInputs takes precedence. + The operation returns the status of each deletion attempt. + """ + deleteTrustedCerts(refInputs: [TrustedCertRefInput!], thumbprintSha1s: [String!]): TrustedCertsPayload! +} + +"Input sent with createTrustedCert mutation" +input TrustedCertInput { + "The internal entity unique identifier" + goid: ID + "The name of the trusted certificate" + name: String! + "The base 64 encoded string of the certificate" + certBase64: String! + "Whether to perform hostname verification with this certificate" + verifyHostname: Boolean! + "Whether this certificate is a trust anchor" + trustAnchor: Boolean! + "What the certificate is trusted for" + trustedFor: [TrustedForType!]! + "The revocation check policy type" + revocationCheckPolicyType : PolicyUsageType! + "The name of revocation policy. Required if revocationCheckPolicyType is PolicyUsageType.SPECIFIED" + revocationCheckPolicyName : String + "The Subject DN of this certificate. (Note that, this field has no effect on the mutation)" + subjectDn : String + "The start date of the validity period. (Note that, this field has no effect on the mutation)" + notBefore : String + "the end date of the validity period. (Note that, this field has no effect on the mutation)" + notAfter : String + "The thumbprint of the certificate. (Note that, this field has no effect on the mutation)" + thumbprint : String + "The sha1 thumbprint of the certificate. (Note that, this field has no effect on the mutation)" + thumbprintSha1 : String + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +"Partial TrustedCert input for updates" +input TrustedCertPartialInput { + "The internal entity unique identifier" + goid: ID + "The name of the trusted certificate" + name: String + "The base 64 encoded string of the certificate" + certBase64: String + "Whether to perform hostname verification with this certificate" + verifyHostname: Boolean + "Whether this certificate is a trust anchor" + trustAnchor: Boolean + "What the certificate is trusted for" + trustedFor: [TrustedForType!] + "The revocation check policy type" + revocationCheckPolicyType : PolicyUsageType + "The name of revocation policy. Required if revocationCheckPolicyType is PolicyUsageType.SPECIFIED" + revocationCheckPolicyName : String + "The thumbprint of the certificate. (Note that, this field has no effect on the mutation)" + thumbprint : String + "The sha1 thumbprint of the certificate. This field is used to find the existing record." + thumbprintSha1 : String + "The Subject DN of this certificate" + subjectDn : String +} + +""" +Trusted Cert Reference +> @l7-foreign-fields thumbprintSha1|thumbprintSha1|TrustedCert +> @l7-foreign-fields thumbprint|thumbprint|TrustedCert +""" +interface TrustedCertRef { + "The name" + name: String + "The Subject DN of this certificate" + subjectDn : String + "The thumbprint of the certificate" + thumbprint : String + "(Deprecated) The sha1 thumbprint of the certificate" + thumbprintSha1 : String +} + +""" +A trusted certificate in the gateway truststore. +> @l7-entity trustedCert|trustedCerts +> @l7-identity-fields thumbprint +> @l7-summary-fields goid,name,subjectDn,thumbprint,checksum +> @l7-excluded-fields revocationCheckPolicy +> @l7-name-fields name,subjectDn +> @l7-display-summary-fields name,notAfter,thumbprint,trustedFor,subjectDn +> @l7-foreign-fields revocationCheckPolicyName|name|RevocationCheckPolicy +> @l7-deprecated-fields thumbprintSha1 +""" +type Certificate implements TrustedCertRef { + "The goid for this certificate" + goid : ID! + "The name" + name: String! + "The Subject DN of this certificate" + subjectDn : String! + "The thumbprint of the certificate" + thumbprint : String! + "(Deprecated) The sha1 thumbprint of the certificate" + thumbprintSha1 : String! @deprecated(reason: "Use 'thumbprint' instead.") + "The configuration checksum of this trusted certificate" + checksum: String! + + "Whether to perform hostname verification with this certificate" + verifyHostname : Boolean! + "Whether this certificate is a trust anchor" + trustAnchor : Boolean! + "The certificate is trusted for" + trustedFor : [TrustedForType!]! + "The revocation check policy type" + revocationCheckPolicyType : PolicyUsageType! + "The name of revocation policy. Required if revocationCheckPolicyType is PolicyUsageType.SPECIFIED" + revocationCheckPolicyName : String + "The specified revocation policy" + revocationCheckPolicy : RevocationCheckPolicy + "The start date of the validity period" + notBefore : DateTime! + "the end date of the validity period" + notAfter : DateTime! + "The base 64 encoded string of this certificate" + certBase64 : String! + "The runtime validation status of this certificate" + validationStatus: CertValidationStatus + "Description of the runtime validation status" + validationStatusDescription: String +} + +enum PolicyUsageType { + "Do not perform revocation check" + NONE + "Use the default revocation check policy" + USE_DEFAULT + "Use the specified revocation check policy" + SPECIFIED +} + +"Defines what a certificate is trusted for" +enum TrustedForType { + "Is trusted as an SSL server cert" + SSL + "Is trusted as a CA that signs SSL server certs" + SIGNING_SERVER_CERTS + "Is trusted as a CA that signs SSL client certs" + SIGNING_CLIENT_CERTS + "Is trusted to sign SAML tokens" + SAML_ISSUER + "Is trusted as a SAML attesting entity" + SAML_ATTESTING_ENTITY +} + +enum CertificateValidationType { + CERTIFICATE_ONLY + PATH_VALIDATION + REVOCATION +} + +enum CertValidationType { + USE_DEFAULT + CERTIFICATE_ONLY + PATH_VALIDATION + REVOCATION +} + +type TrustedCertPayload implements EntityMutationPayload { + status: EntityMutationStatus! + detailedStatus: EntityMutationDetailedStatus! + "The updated trusted certificate." + trustedCert: Certificate +} + +type TrustedCertsPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + trustedCerts: [Certificate]! +} + +input TrustedCertsMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a TrustedCert entity uniquely" + source: TrustedCertRefInput +} + +""" +Reference input for identifying a trusted certificate. +Provide at least one identifier field to uniquely reference a certificate. +If multiple fields are provided, one of them will be used in pair with the name to match the certificate. + +Supported identifier fields (in order of precedence): +- name: The certificate name +- thumbprint: SHA1 thumbprint in format 'SHA1:' +- thumbprintSha1: Base64-encoded SHA1 digest (deprecated, use thumbprint instead) +- goid: The internal entity unique identifier + +NOTE: The goid field is not used for identification by itself. It is used in combination +with other fields (especially name) to disambiguate when multiple certificates are found +with the same identifier. +""" +input TrustedCertRefInput { + "The internal entity unique identifier" + goid: ID + "The name of the trusted certificate" + name: String + "The thumbprint of the certificate in format 'SHA1:'" + thumbprint: String + "(Deprecated) The sha1 thumbprint of the certificate as base64-encoded value. Use thumbprint field instead." + thumbprintSha1: String +} +# +# Copyright © 2024. Broadcom Inc. and its subsidiaries. All Rights Reserved. +# + +extend type Query { + "Get all webApi services" + webApiServices : [WebApiService]! @deprecated(reason: "Use 'services' instead.") + internalWebApiServices : [InternalWebApiService]! @deprecated(reason: "Use 'services' instead.") + "Get webApi services by name" + webApiServicesByName(name: String!) : [WebApiService!]! @deprecated(reason: "Use 'servicesByName' instead.") + "Get webApi service by name. Returns none if more than one are found." + webApiServiceByName(name: String!) : WebApiService @deprecated(reason: "Use 'serviceByName' instead.") + "Get Internal webApi Service by name" + internalWebApiServiceByName(name: String!) : InternalWebApiService @deprecated(reason: "Use 'serviceByName' instead.") + "Get webApi services by resolutionPath" + webApiServicesByResolutionPath(resolutionPath: String!) : [WebApiService !]! @deprecated(reason: "Use 'servicesByResolutionPath' instead.") + "Get webApi service by resolutionPath. Returns none if more than one are found." + webApiServiceByResolutionPath(resolutionPath: String!) : WebApiService @deprecated(reason: "Use 'serviceByResolutionPath' instead.") + "Get Internal webApi Services by resolutionPath" + internalWebApiServiceByResolutionPath(resolutionPath: String!) : InternalWebApiService @deprecated(reason: "Use 'servicesByResolutionPath' instead.") + "Get webApi services inside a folder" + webApiServicesByFolderPath(folderPath: String!) : [WebApiService]! @deprecated(reason: "Use 'servicesByFolderPath' instead.") + "Get Internal webApi services inside a folder" + internalWebApiServicesByFolderPath(folderPath: String!) : [InternalWebApiService]! @deprecated(reason: "Use 'servicesByFolderPath' instead.") + "Get webApi services by goid" + webApiServiceByGoid(goid: ID!) : WebApiService +} + +extend type Mutation { + "Create or update web api services" + setWebApiServices(input: [WebApiServiceInput!]!) : WebApiServicesPayload @deprecated(reason: "Use 'setServices' instead.") + "Create or update Internal web api services" + setInternalWebApiServices(input: [WebApiServiceInput!]!) : InternalWebApiServicesPayload @deprecated(reason: "Use 'setServices' instead.") + "Delete existing web api services given their resolution paths" + deleteWebApiServices(resolutionPaths: [String!]!) : WebApiServicesPayload @deprecated(reason: "Use 'deleteServices' instead.") + "Delete existing Internal web api services given their resolution paths" + deleteInternalWebApiServices(resolutionPaths: [String!]!) : InternalWebApiServicesPayload @deprecated(reason: "Use 'deleteServices' instead.") +} + +""" +A Web API service published on the Layer7 Gateway +> @l7-entity +> @l7-identity-fields resolutionPath +> @l7-summary-fields goid,guid,name,resolutionPath,checksum +> @l7-excluded-fields +> @l7-deprecated Use 'L7Service' instead. +""" +type WebApiService implements PublishedService { + "The goid for this service" + goid : ID! + "The guid for this service" + guid : ID + "The name of the service" + name: String! + "The resolution path to the service" + resolutionPath: String! + "The configuration checksum" + checksum: String! + + "Whether or not the published service is enabled" + enabled: Boolean! + "The folder path to the service" + folderPath: String! + "Which http methods are allowed" + methodsAllowed: [HttpMethod!]! + "Whether or not the tracing is enabled" + tracingEnabled: Boolean! + "Whether or not the WSS processing is enabled" + wssProcessingEnabled: Boolean! + "Service properties" + properties: [EntityProperty!] + + "The policy and dependencies" + policy: Policy! +} + +""" +A Internal Web API service published on the Layer7 Gateway +> @l7-entity +> @l7-identity-fields resolutionPath +> @l7-summary-fields goid,guid,name,resolutionPath,checksum +> @l7-excluded-fields +> @l7-deprecated Use 'L7Service' instead. +""" +type InternalWebApiService implements PublishedService { + "The goid for this service" + goid : ID! + "The guid for this service" + guid : ID + "The name of the service" + name: String! + "The resolution path to the service" + resolutionPath: String! + "The configuration checksum" + checksum: String! + + "Whether or not the published service is enabled" + enabled: Boolean! + "The folder path to the service" + folderPath: String! + "Which http methods are allowed" + methodsAllowed: [HttpMethod!]! + "Whether or not the tracing is enabled" + tracingEnabled: Boolean! + "Whether or not the WSS processing is enabled" + wssProcessingEnabled: Boolean! + "Service properties" + properties: [EntityProperty!] + + "The policy and dependencies" + policy: Policy! +} + +input WebApiServiceInput { + "The internal entity unique identifier" + goid: ID + "The guid for this service, if none provided, assigned at creation" + guid: ID + "The folder path where to create this service. If the path does not exist, it will be created" + folderPath: NonEmptyString! + "The name of the service" + name: String! + "The resolution path of the service" + resolutionPath: String! + "The policy" + policy: PolicyInput! + "Whether the service is enabled (optional, default to true)" + enabled: Boolean = true + "The http methods allowed for this service" + methodsAllowed: [HttpMethod!]! + tracingEnabled: Boolean = false + wssProcessingEnabled: Boolean = false + properties: [EntityPropertyInput!] + "Ignored at creation time but can be used to compare bundle with gw state" + checksum : String +} + +type WebApiServicesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + webApiServices: [WebApiService]! +} + +type InternalWebApiServicesPayload implements EntityMutationsPayload { + status: [EntityMutationStatus!]! + detailedStatus: [EntityMutationDetailedStatus!]! + internalWebApiServices: [InternalWebApiService]! +} + +input WebApiServiceMappingInstructionInput{ + action: EntityMutationAction! + default: Boolean + failOnNew: Boolean + failOnExisting: Boolean + nodef: Boolean + "one or more name-value pairs to identify a WebApiService entity uniquely" + source: WebApiServiceRefInput +} + +input WebApiServiceRefInput { + "The resolution path to the service" + resolutionPath: String! +} + +"Represents the runtime validation status of a certificate" +enum CertValidationStatus { + "Certificate is valid" + VALID + "Certificate has expired" + EXPIRED + "Certificate has been revoked" + REVOKED + "Certificate validation status is unknown" + UNKNOWN + "Certificate is not trusted" + UNTRUSTED +} + +"Represents the type of certificate in the runtime validation result" +enum RvsCertificateType { + "A trusted certificate stored in the Gateway trust store" + TRUSTED_CERT + "A private key certificate stored in the Gateway keystore" + PRIVATE_KEY +} + +"Represents the source of the runtime validation check" +enum RvsValidationSource { + "Validation result from the Gateway's existing cache" + CACHE + "Validation result computed on demand" + ON_DEMAND +} + +"Represents the runtime validation result for a certificate known to the Gateway" +type CertificateValidationResult { + "The goid of the certificate" + certificateGoid: ID + "The name of the certificate" + certificateName: String + "The type of the certificate" + certificateType: RvsCertificateType + "The subject DN of the certificate" + subjectDn: String + "The issuer DN of the certificate" + issuerDn: String + "The serial number of the certificate" + serialNumber: String + "The start of the certificate's validity period" + notBefore: DateTime + "The end of the certificate's validity period" + notAfter: DateTime + "The SHA-256 thumbprint of the certificate" + thumbprintSha256: String + "The runtime validation status" + status: CertValidationStatus + "The source of the validation check" + validationSource: RvsValidationSource + "A human-readable description of the validation status" + statusDescription: String +} From f771fe5a4f7ef996e3fc9229b252476ed1611c67 Mon Sep 17 00:00:00 2001 From: dk670466 Date: Mon, 30 Mar 2026 19:18:21 -0700 Subject: [PATCH 3/3] F162647: fix runtimeValidationStatuses query - add missing filter parameters Add certificateType, certificateGoid, and expiresWithinDays filter params to match all variants in the Postman collection. Made-with: Cursor --- schema/v11.2.2/schema.graphql | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/schema/v11.2.2/schema.graphql b/schema/v11.2.2/schema.graphql index 34ab664..2566530 100644 --- a/schema/v11.2.2/schema.graphql +++ b/schema/v11.2.2/schema.graphql @@ -7617,8 +7617,13 @@ extend type Query { trustedCertByThumbprint(thumbprint: String, thumbprintSha1: String) : Certificate "Get filtered trusted certificates" trustedCertsByFilters(filters: [EntityFilterInput!]!) : [Certificate!]! - "Returns runtime validation statuses for all certificates known to the Gateway. Optionally filter by status." - runtimeValidationStatuses(status: CertValidationStatus): [CertificateValidationResult!]! + "Returns runtime validation statuses for all certificates known to the Gateway. Optionally filter by one or more criteria." + runtimeValidationStatuses( + status: CertValidationStatus + certificateType: RvsCertificateType + certificateGoid: ID + expiresWithinDays: Int + ): [CertificateValidationResult!]! } extend type Mutation {