CATEGORY is SHOWN
CATEGORY is SHOWN
PATCH /api/groups/{id}/users
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string ID of the group to update
curl -X PATCH https://api.infrahq.com/api/groups/4yJ3n3D8E2/users \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"usersToAdd": "undefined",
"usersToRemove": "undefined"
}'
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
CATEGORY is SHOWN
PATCH /api/groups/{id}/users
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string ID of the group to update
curl -X PATCH https://api.infrahq.com/api/groups/4yJ3n3D8E2/users \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"usersToAdd": "undefined",
"usersToRemove": "undefined"
}'
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
CATEGORY is SHOWN
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
None
curl -X POST https://api.infrahq.com/api/providers \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"allowedDomains": "['example.com', 'infrahq.com']",
"api": "undefined",
"clientID": "0oapn0qwiQPiMIyR35d6",
"clientSecret": "jmda5eG93ax3jMDxTGrbHd_TBGT6kgNZtrCugLbU",
"kind": "oidc",
"name": "okta",
"url": "infrahq.okta.com"
}'
{
"authURL": "https://example.com/oauth2/v1/authorize",
"clientID": "0oapn0qwiQPiMIyR35d6",
"created": "2022-03-14T09:48:00Z",
"id": "4yJ3n3D8E2",
"kind": "oidc",
"name": "okta",
"scopes": "['openid', 'email']",
"updated": "2022-03-14T09:48:00Z",
"url": "infrahq.okta.com"
}
Field Type Description authURL string Authorize endpoint for the OIDC provider clientID string Client ID for the OIDC provider created string formatted as an RFC3339 date-time id string Provider ID kind string Kind of provider name string Name of the provider scopes array Scopes set in the OIDC provider configuration updated string formatted as an RFC3339 date-time url string URL of the Infra Server
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested
None
Field Format Description id string ID of the provider to retrieve
curl -X GET https://api.infrahq.com/api/providers/4yJ3n3D8E2 \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0'
{
"authURL": "https://example.com/oauth2/v1/authorize",
"clientID": "0oapn0qwiQPiMIyR35d6",
"created": "2022-03-14T09:48:00Z",
"id": "4yJ3n3D8E2",
"kind": "oidc",
"name": "okta",
"scopes": "['openid', 'email']",
"updated": "2022-03-14T09:48:00Z",
"url": "infrahq.okta.com"
}
Field Type Description authURL string Authorize endpoint for the OIDC provider clientID string Client ID for the OIDC provider created string formatted as an RFC3339 date-time id string Provider ID kind string Kind of provider name string Name of the provider scopes array Scopes set in the OIDC provider configuration updated string formatted as an RFC3339 date-time url string URL of the Infra Server
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string ID of the provider to update
curl -X PUT https://api.infrahq.com/api/providers/4yJ3n3D8E2 \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"allowedDomains": "['example.com', 'infrahq.com']",
"api": "undefined",
"clientID": "0oapn0qwiQPiMIyR35d6",
"clientSecret": "jmda5eG93ax3jMDxTGrbHd_TBGT6kgNZtrCugLbU",
"kind": "oidc",
"name": "okta",
"url": "infrahq.okta.com"
}'
{
"authURL": "https://example.com/oauth2/v1/authorize",
"clientID": "0oapn0qwiQPiMIyR35d6",
"created": "2022-03-14T09:48:00Z",
"id": "4yJ3n3D8E2",
"kind": "oidc",
"name": "okta",
"scopes": "['openid', 'email']",
"updated": "2022-03-14T09:48:00Z",
"url": "infrahq.okta.com"
}
Field Type Description authURL string Authorize endpoint for the OIDC provider clientID string Client ID for the OIDC provider created string formatted as an RFC3339 date-time id string Provider ID kind string Kind of provider name string Name of the provider scopes array Scopes set in the OIDC provider configuration updated string formatted as an RFC3339 date-time url string URL of the Infra Server
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
DELETE /api/providers/{id}
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string ID of the provider to remove
curl -X DELETE https://api.infrahq.com/api/providers/4yJ3n3D8E2 \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY'
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
PATCH /api/providers/{id}
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string ID of the provider to update
curl -X PATCH https://api.infrahq.com/api/providers/4yJ3n3D8E2 \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"clientSecret": "jmda5eG93ax3jMDxTGrbHd_TBGT6kgNZtrCugLbU",
"name": "okta"
}'
{
"authURL": "https://example.com/oauth2/v1/authorize",
"clientID": "0oapn0qwiQPiMIyR35d6",
"created": "2022-03-14T09:48:00Z",
"id": "4yJ3n3D8E2",
"kind": "oidc",
"name": "okta",
"scopes": "['openid', 'email']",
"updated": "2022-03-14T09:48:00Z",
"url": "infrahq.okta.com"
}
Field Type Description authURL string Authorize endpoint for the OIDC provider clientID string Client ID for the OIDC provider created string formatted as an RFC3339 date-time id string Provider ID kind string Kind of provider name string Name of the provider scopes array Scopes set in the OIDC provider configuration updated string formatted as an RFC3339 date-time url string URL of the Infra Server
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
CATEGORY is SHOWN
Create a new destination
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
None
curl -X POST https://api.infrahq.com/api/destinations \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"connection": "undefined",
"kind": "undefined",
"name": "undefined",
"resources": "undefined",
"roles": "undefined",
"uniqueID": "undefined",
"version": "undefined"
}'
{
"connected": true,
"connection": {
url: aa60eexample.us-west-2.elb.amazonaws.com,
ca: -----BEGIN CERTIFICATE-----
MIIDNTCCAh2gAwIBAgIRALRetnpcTo9O3V2fAK3ix+c
-----END CERTIFICATE-----
},
"created": "2022-03-14T09:48:00Z",
"id": "7a1b26b33F",
"kind": "kubernetes",
"lastSeen": "2022-03-14T09:48:00Z",
"name": "production-cluster",
"resources": ['default', 'kube-system'],
"roles": ['cluster-admin', 'admin', 'edit', 'view', 'exec', 'logs', 'port-forward'],
"uniqueID": "94c2c570a20311180ec325fd56",
"updated": "2022-03-14T09:48:00Z",
"version": "0.17.0"
}
| Field | Type | Description | | ---------- | ------------------------- | ----------------------------------------------------------------------------------------------- | --- | ------- | ------ | --------------------------------- | | connected | boolean | Shows if the destination is currently connected | | connection | {url: string, ca: string} | URL and CA for destination | | created | string | formatted as an RFC3339 date-time | | id | string | ID of the destination | | kind | string | Kind of destination. eg. kubernetes or ssh or postgres | | lastSeen | string | formatted as an RFC3339 date-time | | name | string | Name of the destination | | resources | array | Destination specific. For Kubernetes, it is the list of namespaces | | roles | array | Destination specific. For Kubernetes, it is the list of cluster roles available on that cluster | | uniqueID | string | Unique ID generated by the connector | | updated | string | formatted as an RFC3339 date-time | | version | string | Application version of the connector for this destination |
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
PUT /api/destinations/{id}
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string ID of the destination to update
curl -X PUT https://api.infrahq.com/api/destinations/4yJ3n3D8E2 \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"connection": "undefined",
"name": "undefined",
"resources": "undefined",
"roles": "undefined",
"uniqueID": "undefined",
"version": "undefined"
}'
{
"connected": true,
"connection": {
url: aa60eexample.us-west-2.elb.amazonaws.com,
ca: -----BEGIN CERTIFICATE-----
MIIDNTCCAh2gAwIBAgIRALRetnpcTo9O3V2fAK3ix+c
-----END CERTIFICATE-----
},
"created": "2022-03-14T09:48:00Z",
"id": "7a1b26b33F",
"kind": "kubernetes",
"lastSeen": "2022-03-14T09:48:00Z",
"name": "production-cluster",
"resources": ['default', 'kube-system'],
"roles": ['cluster-admin', 'admin', 'edit', 'view', 'exec', 'logs', 'port-forward'],
"uniqueID": "94c2c570a20311180ec325fd56",
"updated": "2022-03-14T09:48:00Z",
"version": "0.17.0"
}
| Field | Type | Description | | ---------- | ------------------------- | ----------------------------------------------------------------------------------------------- | --- | ------- | ------ | --------------------------------- | | connected | boolean | Shows if the destination is currently connected | | connection | {url: string, ca: string} | URL and CA for destination | | created | string | formatted as an RFC3339 date-time | | id | string | ID of the destination | | kind | string | Kind of destination. eg. kubernetes or ssh or postgres | | lastSeen | string | formatted as an RFC3339 date-time | | name | string | Name of the destination | | resources | array | Destination specific. For Kubernetes, it is the list of namespaces | | roles | array | Destination specific. For Kubernetes, it is the list of cluster roles available on that cluster | | uniqueID | string | Unique ID generated by the connector | | updated | string | formatted as an RFC3339 date-time | | version | string | Application version of the connector for this destination |
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
DELETE /api/destinations/{id}
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string ID of the destination to remove
curl -X DELETE https://api.infrahq.com/api/destinations/4yJ3n3D8E2 \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY'
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
None
curl -X POST https://api.infrahq.com/api/tokens \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY'
{
"expires": "2022-03-14T09:48:00Z",
"token": "undefined"
}
Field Type Description expires string formatted as an RFC3339 date-time token string undefined
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
CATEGORY is SHOWN
This endpoint should remain hidden. api should not be able to create access keys.
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
None
curl -X POST https://api.infrahq.com/api/access-keys \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"extensionDeadline": "72h3m6.5s",
"name": "undefined",
"ttl": "72h3m6.5s",
"userID": "4yJ3n3D8E2"
}'
{
"accessKey": "undefined",
"created": "2022-03-14T09:48:00Z",
"expires": "2022-03-14T09:48:00Z",
"extensionDeadline": "2022-03-14T09:48:00Z",
"id": "4yJ3n3D8E2",
"issuedFor": "4yJ3n3D8E2",
"name": "undefined",
"providerID": "4yJ3n3D8E2"
}
Field Type Description accessKey string undefined created string formatted as an RFC3339 date-time expires string after this deadline the key is no longer valid extensionDeadline string the key must be used by this time to remain valid id string undefined issuedFor string undefined name string undefined providerID string undefined
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
to remain hidden for now. Will remove access keys by name. Since there is no way to specify an owner, the access key used to call this endpoint must be the owner of the access key.
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
Field Format Description name string Name of the access key to delete
None
curl -X DELETE https://api.infrahq.com/api/access-keys?name=cicdkey \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY'
Returns an empty response if authorized to remove the key.
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
DELETE /api/access-keys/{id}
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
Field Format Description id string undefined
curl -X DELETE https://api.infrahq.com/api/access-keys/4yJ3n3D8E2 \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY'
Returns xxx.
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested
None
None
curl -X POST https://api.infrahq.com/api/device \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0'
undefined
{
"deviceCode": "NGU4QWFiNjQ5YmQwNG3YTdmZMEyNzQ3YzQ1YSA",
"expiresIn": "1800",
"interval": "5",
"userCode": "BDSD-HQMK",
"verificationURI": "https://infrahq.com/device"
}
Field Type Description deviceCode string a code that a device will use to exchange for an access key after device login is approved expiresIn integer The number of seconds that this set of values is valid interval integer the number of seconds the device should wait between polling to see if the user has finished logging in userCode string This is the text the user will enter at the Verification URI verificationURI string This is the URL the user needs to enter into their browser to start logging in
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
None
curl -X POST https://api.infrahq.com/api/device/approve \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY' \
-d '{
"userCode": "BDSD-HQMK"
}'
undefined
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested
None
None
curl -X POST https://api.infrahq.com/api/device/status \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-d '{
"deviceCode": "undefined"
}'
undefined
{
"deviceCode": "",
"login": "undefined",
"status": "undefined"
}
Field Type Description deviceCode string undefined login object undefined status string can be one of pending, rejected, expired, confirmed
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested
None
None
curl -X POST https://api.infrahq.com/api/login \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-d '{
"accessKey": "undefined",
}'
Returns xxx.
{
"accessKey": "undefined",
"expires": "2022-03-14T09:48:00Z",
"name": "undefined",
"organizationName": "undefined",
"passwordUpdateRequired": "undefined",
"userID": "4yJ3n3D8E2"
}
Field Type Description accessKey string undefined expires string formatted as an RFC3339 date-time name string undefined organizationName string undefined passwordUpdateRequired boolean undefined userID string undefined
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested Authorization string Bearer followed by your access key
None
None
curl -X POST https://api.infrahq.com/api/logout \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-H 'Authorization: Bearer ACCESSKEY'
Returns xxx.
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
Field Format Description Infra-Version string Version of the API being requested
None
None
curl -X POST https://api.infrahq.com/api/password-reset \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-d '{
"password": "undefined",
"token": "undefined"
}'
undefined
{
"accessKey": "undefined",
"expires": "2022-03-14T09:48:00Z",
"name": "undefined",
"organizationName": "undefined",
"passwordUpdateRequired": "undefined",
"userID": "4yJ3n3D8E2"
}
Field Type Description accessKey string undefined expires string formatted as an RFC3339 date-time name string undefined organizationName string undefined passwordUpdateRequired boolean undefined userID string undefined
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
POST /api/password-reset-request
Field Format Description Infra-Version string Version of the API being requested
None
None
curl -X POST https://api.infrahq.com/api/password-reset-request \
-H 'Content-Type: application/json' \
-H 'Infra-Version: 0.17.0' \
-d '{
"email": "undefined"
}'
undefined
Empty Response
Response Code Description 400 Bad Request 401 Unauthorized: Requestor is not authenticated 403 Forbidden: Requestor does not have the right permissions 404 Not Found 409 Duplicate Record default Success
